Delhi NCR

About


The OWASP Delhi Chapter meetings are FREE and OPEN to anyone interested in learning more about information security. We conduct regular (mostly monthly) meetings covering Noida, Gurgaon, and Delhi region.

Chapter Sponsors
Some of the organizations supporting OWASP Delhi/NCR chapter are below:

Adobe

Sapient

Bharti Airtel

Thought Works

null - the open Security community

For more information on how to support OWASP Delhi chapter in helping organize free and open security meets contact the chapter leaders

Become a Presenter
Submit your talk now for an upcoming OWASP Delhi/NCR Chapter Meeting

Link to submit

Join Discussions on Slack
Link to OWASP Delhi chapter Channel

In case you are not on slack, the registration URL is (requires email only): https://owasp.herokuapp.com

= Upcoming Meeting/Event(s) =

February 2018 meet on February 24, 2018 (Saturday) - 11:00 am

Note - OWASP Delhi chapter meets are free and open to everyone. Prior registrations are mandatory in order to be allowed to attend the meetup

Note - This is a combined meetup with null Delhi Chapter

For Registration/RSVP please click Here

Session Details/Agenda: --

11:15 am - 11:30 am: Introductions & Chapter Updates

11:30 am - 11:45 am: InfoSec News Bytes

11:45 am - 12:30 pm: WiFi Security Beyond Password Cracking by Mohit Kumar Rajain

12:30 pm - 12:50 am: Tea/Coffee/Networking Break

01:00 pm - 01:50 pm: AppSec Testing Beyond Pen Test by Bhushan Gupta

02:00 pm - 02:15 pm: Feedback and Topic Discussion for Next Month

When: February 24th, 2018 (Saturday) - 11:00 am (Please be on time)

Where: Sapient

Unitech Infospace SEZ

Tower-B (Unit 1 Cafeteria), Building No-8

Sector 21,

Old Delhi - Gurgaon Road

Dundahera, Gurgaon 122016

Haryana, India

How to reach venue: Take Rapid Metro from Sikanderpur Metro station to Vodafone Belvedere Towers (2nd Stop). A free shuttle operates from the entry gate of the metro station to Udyog Vihar every 5 minutes. It drops at exit gate no. 2 of Infospace. The shuttle takes around 15 minutes to reach the venue.

Nearest Landmark: Trident Hotel.(Straight from Trident Hotel towards Dundahera Village and left from T Point, Unitech building will be on the right. RBS and Amdocs offices are in the same complex.)

Nearest Metro Stations:

· IndusIand Bank Cyber City Rapid Metro Station

· MG Road Metro Station

· Sikanderpur Metro Station

Important Note - Please carry an ID proof along with you which will be required for Security check

  Talk Details:

AppSec Testing Beyond Pen Test by Bhushan Gupta

Abstract: Web application security has a broad scope that spans from network communication to browser behaviors to backend applications and finally to database servers. Validating security of all these components can be a daunting task and take a considerable effort. Penetration is the most prevalent testing method used today for validating web application security. The question is, “does it cover all the basis?” Penetration testing is a black-box type testing that a QA engineer applies from the hacker’s perspective. While it provides a comfort level, it does not ensure that the application has been developed with security in mind and that it meets the three basic requirements of security namely, Confidentiality, Integrity, and Availability (CIA). The CIA framework builds intrinsic security and thus ensures an increased confidence level. This framework should be complemented with the penetration testing.

This talk focuses on how to align the security validation of a web application with the three basic elements of security namely, Confidentiality, Integrity, and Availability (CIA). The test effectiveness can be achieved by analyzing the requirements of each element and identifying the potential breaches that can compromise each element. The efficiency should be built by relating these breaches with the known OWASP Top 10 and other vulnerabilities and, leveraging that knowledge to identify the testing approach - static and dynamic throughout the SDLC.

Bio: Bhushan Gupta is a Principal consultant at Gupta Consulting LLC., Bhushan Gupta is passionate about development methods and tools that yield more secure web applications especially in the agile software development environment. As a researcher, he has a keen interest in understanding and applying fundamental principles and known methodologies to develop dependable and secure software solutions. His interests extend to Social Engineering and Attack Surface Analysis. Bhushan worked at Hewlett-Packard for 13 years in various roles including software quality lead, engineer, software process architect, and software productivity manager. He then developed a strong interest in web application security while working as a quality engineer for Nike Inc. Bhushan has been studying various facets of web application security and promoting how to apply common sense approach to build secure solutions. He is a certified Six Sigma Black Belt (HP and ASQ) and an adjunct faculty member at the Oregon Institute of Technology in Software Engineering. To learn more about Bhushan’s contributions to SDLC, visit www.bgupta.com

WiFi Security Beyond Password Cracking

Abstract: The speaker will demonstrate the following attacks on wifi networks:

1. Packet injection in protocols such as DHCP, DNS, etc.

2. Phishing wifi clients using captive portal

Bio: Mohit is a Network security Enthusiast and Final Year Btech ( ECE ) student @ NIT Delhi

= Stay Updated =

Join our low traffic mailing list for events information and technical discussions
Subscribe to OWASP Delhi Mailing list

Follow @OWASPdelhi for event updates on Twitter
OWASP Delhi Twitter Account

Join our LinkedIn group for event updates on LinkedIn
OWASP Delhi LinkedIn Group

OWASP Delhi Blog
OWASP Delhi Blog

OWASP Delhi/NCR Meetup Group
https://www.meetup.com/OWASP-Delhi-NCR-Chapter

= Past Events/Archives =

OWASP Delhi February 2018 Meeting - February 24, 2018

OWASP Delhi January 2018 Meeting - January 20, 2018

OWASP Delhi November 2017 Meeting - November 25, 2017

OWASP Delhi September 2017 Meeting - September 23, 2017

OWASP Delhi August 2017 Meeting - August 26, 2017 (Cancelled)

OWASP Delhi July 2017 Meeting - July 29, 2017

OWASP Delhi June 2017 Meeting - June 24, 2017

OWASP Delhi April 2017 Meeting - April 29, 2017

OWASP Delhi March 2017 Meeting - March 25, 2017

OWASP Delhi February 2017 Meeting - February 18, 2017

OWASP Delhi Meeting - January 21st, 2017

OWASP Delhi Meeting - December 17th, 2016

OWASP Delhi Meeting - November 26th, 2016

OWASP Delhi Meeting - October 22nd, 2016

OWASP Delhi Meeting - September 24th, 2016

OWASP Delhi Meeting - August 27th, 2016

OWASP Delhi Meeting - July 30th, 2016

OWASP Delhi Meeting - June 18th, 2016

OWASP Delhi Meeting - May 21st, 2016

OWASP Delhi Meeting - April 23rd, 2016

OWASP Delhi Meeting - March 19th, 2016

OWASP Delhi Meeting - February 27th,2016

OWASP Delhi Meeting - January 30th,2015

OWASP Delhi Meeting - December 19th,2015

OWASP Delhi Meeting - October 24th, 2015

OWASP Delhi Meeting - September 5th, 2015

OWASP Delhi Meeting - July 25th, 2015

OWASP Delhi Meeting - June 20th, 2015

OWASP Delhi Meeting - May 23rd, 2015

OWASP Delhi Meeting - April 25th, 2015

OWASP Delhi Meeting - March 28th, 2015

OWASP Delhi Meeting - January 31st, 2015

OWASP Delhi Meeting - December 13th, 2014

OWASP Delhi Meeting - November 22nd, 2014

OWASP Delhi Meeting - October 18th, 2014

OWASP Delhi Meeting - September 20th, 2014

OWASP Delhi Meeting - August 31st, 2014

OWASP Delhi Meeting - July 26th, 2014 || OWASP Delhi July, 2014 Meeting Blog Post

-- Chapter Revival in June 2014 -- OWASP Delhi Meeting - Oct 30th, 2010

OWASP Delhi Meeting - May 2009

OWASP Delhi Meeting - January & February (Combined) 2009

OWASP Delhi Meeting - November 29th 2008

OWASP Delhi Meeting - October 18th 2008

Archived Page of Delhi Chapter

Past Committee Members for Delhi Chapter

= Special Outreach Events =

OWASP Delhi Special Workshop on Web Hacking
Date: 05th November, 2016 Details: https://goo.gl/1mBbRU

Hands on Secure Coding Workshop @ ThoughtWorks, Gurgaon
Date: 30th July, 2016

Details: https://goo.gl/mW42bE

Application Security for StartUps @ Cyber Security Masterclass for StartUps, AWFIS Delhi
Date: 15th July, 2016

Conducted by: Vishal Asthana on behalf of OWASP Delhi chapter

Web Application Attack & Defense Workshop @ Security & Privacy Symposium 2016, IIITD
Date: 13th March, 2016

Conducted by: Vaibhav Gupta & Sandeep Singh on behalf of OWASP Delhi chapter

= Presentations =

OWASP Delhi September, 2016 Monthly Meeting Presentations

Machine Learning in Information Security by Mohammed Zuber

Pwning Windows Mobile Applications by Ankit Giri

WAF Evasion for XSS Attacks by Divya Mudgal (To be Uploaded)

OWASP Delhi August, 2016 Monthly Meeting Presentations

Scratching your Brain into Dark Web

Windows Privilege Escalation Techniques by Dhruv Shah

OWASP Delhi July, 2016 Monthly Meeting Presentations

Introduction to OAuth2 and its Security Considerations by Vaibhav Gupta

Hacking RF (Radio Frequencies) by Prashant Shukla (To be Uploaded)

OWASP Delhi June, 2016 Monthly Meeting Presentations

Mapping your digital footprints by Aakash Goel

Meet the DIVA - Part 1 by Ankit Prateek

Quick & Dirty Forensic Techniques by Kamal Ranjan (To be uploaded)

OWASP Delhi May, 2016 Monthly Meeting Presentations

A Primer on Bitcoins and Digital Currencies by Ankur Vats

OSINT Testcases for Pentesters by Shubham Mittal

OWASP Delhi April, 2016 Monthly Meeting Presentations

Secrets of Google VRP by Krzysztof Kotowicz

Cloud Security & Best Practices in AWS by Ankit Giri

OWASP Delhi March, 2016 Monthly Meeting Presentations

The Art of Android Hacking by Abhinav Mishra

Cyber Crime & Law by Neeraj Arora

OWASP Delhi February, 2016 Monthly Meeting Presentations

WAF in Scale by Alexey Sintsov

Note: The slides of the privacy talk will not be shared by the speaker.

OWASP Delhi January, 2016 Monthly Meeting Presentations

Cyber Threat Intelligence by Sandeep Singh

SIEM - Activating Defense through Response by Ankur Vats

OWASP Delhi December, 2015 Monthly Meeting Presentations

Cyber Security in Next Generation Air Transportation System by Vippan Raj Dutt

Hardware Trojans by Anupam Tiwari

OWASP Delhi November, 2015 Monthly Meeting Presentations

Software Security: In the World of Cloud & CI-CD by Aniket Kulkarni

Hacking Wireless Networks by Mandeep Singh Jadon

Go with the Flow by Kamal Rathaur

OWASP Delhi October, 2015 Monthly Meeting Presentations

'SecureMe - Droid' Android Security Application by Vishal Asthana

OWASP Delhi September, 2015 Monthly Meeting Presentations

Cyber Warfare Capabilities, A Reality Check by Rajeev Chauhan

Setting up a cost effective Application Security program from scratch by Tusnin Das

OWASP Delhi July, 2014 Monthly Meeting Presentations

Botnets - What, How and Why by Utsav Mittal

Combating Cyber Crime by Priyanka Tomar

= Ex-Management Members =

 Vishal Asthana  (https://www.linkedin.com/in/vishalasthana) |  June 2014 - January 2017