Boulder
From OWASP
OWASP Boulder Local Chapter
Welcome to the local Boulder chapter homepage. The chapter leaders are Kathy Thaxton, Jeremy Martinez, and Andrew Riesel
Participation
Local OWASP Chapter meetings are FREE and OPEN to anyone interested in learning more about application security. We encourage chapter members to share knowledge via hands-on training and presentations of specific OWASP projects and vendor agnostic security research topics. Speakers should review the standard speaker agreement and utilize the OWASP Powerpoint template. As a 501(3)c non-profit association donations are encouraged of meeting space and/or refreshments and tax-deductible donations can be made online using the below donation button. Prior to participating with OWASP please review the Chapter Rules and the OWASP Overview Slides.
Are you a member yet? - Member List
If you support the 100% volunteer efforts of OWASP join the mission with a donation of $50.00 for annual membership - Join Now
Click here to join local chapter mailing list
| funds to OWASP earmarked for Boulder. |
Next Meeting - XSS Lab - Postponed until August 20th, 2009
Due to some location security issues we must postpone the June meeting until August. We will finish the Cross Site Scripting lab on August 20th, 2009 and we will be using a Broomfield location rather that a Fort Collins location.
The good news is we have some new sites to attack and defend with the help of Anurag Agarwal, the Director of Education at WhiteHat Security and we will have a much more intense lab. We wholeheartedly apologize for the delay but it will be worth the wait.
Please join the Boulder OWASP Chapter on Thursday, August 20th, 2009 at Staples for a XSS lab. THREE levels of labs - beginner, intermediate, and advanced.
Cross-site scripting LAB - Beginner, Intermediate, and Advanced
Lab to explain how to attack vulnerable sites –we will use three different examples and Spend one half hour on each: Basic attacks, intermediate and advanced. Teacher TBA. We will be using the OWASP Live CD and will have them available. Must have laptop with CD player. Meeting will be at Staples: One Environmental Way, Broomfield, Co. 80021 Brown bag or we can order pizza when everyone gets there. 6pm to 7pm dinner and Lab from 7pm to 8:30 Drinks at Gordon Biersch after the lab. Topics up for discussion (we’ll choose one)
Black Hat DC researchers demonstrate new cross-site scripting browser hack that lets attackers retrieve data without a trace Should Developers Be Liable For Their Code?
Resources from the Meeting - Stuff you Wish You'd Been There to Hear About :-)
Directions to Staples:
Staples: One Environmental Way, Broomfield, Co. 80021
Agenda
- 6 to 7:00 Dinner @ Staples CE - Broomfield
- 7pm to 8:30 pm Cross-site scripting lab
Sponsor: Nope, no sponsor. It'a your chapter, BYO dinner and/or order pizza at 6'ish
Speaker: tbd
Logistics
Please bring a wifi equipped laptop. We recommend the OWASP LiveCD. Go ahead and download it and familiarize yourself with it ahead of time, if you're so inclined.
Following the meeting we will have informal discussions over beverages at the Gordon Biersch Brewery and Restaurant.
Boulder OWASP 2009 AGENDA
May 21, 2009 Cross site scripting Lab
Lab to explain how to attack vulnerable sites –we will use three different examples and Spend one half hour on each: Basic attacks, intermediate and advanced. Teacher TBA.
We will be using the OWASP Live CD and will have them available. Must have laptop with CD player. Meeting will be at Staples: One Environmental Way, Broomfield, Co. 80021 Brown bag or we can order pizza when everyone gets there. 6pm to 7pm dinner and Lab from 7pm to 8:30 Drinks at Gordon Biersch after the lab. Topics up for discussion (we’ll choose one):
Black Hat DC researchers demonstrate new cross-site scripting browser hack that lets attackers retrieve data without a trace
Should Developers Be Liable For Their Code?
June 18, 2009 Part 2 Cross Site Scripting Lab – put it into practice – how to defend against Cross site scripting
We will defend against a basic attack, an intermediate and advanced. Teacher TBA Remember to bring your OWASP Live CD and your laptop with CD player. Location will be at CSU in Fort Collins. Directions will be forthcoming. 6:30 to 7pm Dinner (Brown Bag or we will all order pizza) Lab from 7pm to 9pm.
No meetings July or August 2009
We will try to put up the sites that we are defending against in the June Lab so that you can have a go at them over the break.
September 17, 2009 Sql injection
We will be using SQL injection to attack using authentication bypass, database enumeration, adding users through sql injection, Data mining, writing code Teacher TBA We will be using the OWASP Live CD and will have them available. Must have laptop with CD player. Meeting will be at Staples: One Environmental Way, Broomfield, Co. 80021 Brown bag or we can order pizza when everyone gets there. 6pm to 7pm dinner and Lab from 7pm to 8:30 Drinks at Gordon Biersch after the lab. Topics up for discussion (TBA).
October, 22, 2009 Defense against sql injection – how to sanitize user input
Teacher TBA We will be using the OWASP Live CD and will have them available. Must have laptop with CD player. Meeting will be at Staples: One Environmental Way, Broomfield, Co. 80021 Brown bag or we can order pizza when everyone gets there. 6pm to 7pm dinner and Lab from 7pm to 8:30 Drinks at Gordon Biersch after the lab. Topics up for discussion (TBA).
November, 19, 2009 This Lab will put into action the SQL injection attack and the defense.
We will be using the attacks from the September meeting and then defending against them. We will be using the OWASP Live CD and will have them available. Must have laptop with CD player. Meeting will be at Staples: One Environmental Way, Broomfield, Co. 80021 Brown bag or we can order pizza when everyone gets there. 6pm to 7pm dinner and Lab from 7pm to 8:30 Drinks at Gordon Biersch after the lab. Topics up for discussion (TBA).
December - Date TBA “Capture the Holiday flag”
We are planning on reserving space at a restaurant. What better way to Capture the Flag than over a couple of beers?
