Triangle

Welcome
Welcome to the OWASP Raleigh, NC Local Chapter homepage!

The chapter leader is [mailto:mmenefee(@)securesolve(.)com Michael Menefee]

Phone: (919) 439-3598

Vice-chair is Chris Whitesock

This chapter is now merged with the Charlotte Chapter and we are planning an NC OWASP event in Charlotte for January 2009.

Join the Chapter by signing up on our mailing list

Or, you can view our Mailing List Archives here

Raleigh

Meeting Location
''2224 Sedwick Drive

''Suite 201

''Durham, NC 27713

''Google Map here

We will be moving to a larger, more convenient location soon!!

The Raleigh NC Chapter is looking for new members. Please contact mmenefee[at]securesolve[dot]com if you would like to assist with helping me get this local chapter setup and rolling. I would like to start scheduling of our first meeting soon.

Aside from regular meetings with guest speakers from other chapters and organizations, we will be sponsoring several already in-development tools. If you have any interest in contributing to these projects, please let me know.

As always -- everyone is welcome to join us at our chapter meetings.

Projects
We are currently engaged in several new OWASP project initiatives, mostly surrounding passive assessment techniques used during the pen testing process. If you are interested in helping out, we need some development assistance.

We are currently developing in PHP, Perl & Python, using MySQl for back-end storage.

Please contact [mailto:mmenefee(at)securesolve(.)com Mike Menefee] if you are interested in helping out!

===[http://# P0AN] === Short for "Phase Zero ANalysis" this tool allows a pen tester to perform passive data collection on a target environment and will setup the subsequent attack steps based on the findings...This tool is specifically targeted towards passive web application data collection and enumeration, which when combined with backend statistical analysis, will attempt to identify a target organization's risk factor.

===[http://# eHarvester] === A passive email address (i.e. username) enumeration tool. This tool has been integrated into Lunker, but still exists as a stand-alone php or bash shell script and works with Google, MSN and Yahoo presently.

This is a very useful tool in targeting potential users and performing social engineering attacks against web-based portals.

===[http://# Lunker] === Lunker is a Spear Phishing toolkit co-developed by the Raleigh NC and Alabama Chapters. This tool allows a pen tester to initiate a targeted phishing attack on any organization, complete with discovery, brute-force and exploitation.