Morocco

Contacts et Propositions de Présentations/Contributions

 * [mailto:Azzeddine.RAMRAMI(at)owasp.org Azzeddine RAMRAMI] et les membres du board du Chapitre Marocain sont à votre disposition si vous souhaitez des informations sur l'OWASP ainsi que sur la Sécurité des Applications Web.

Entreprises, Individuels, Monde Académique, Sponsors, Supports, tout le monde est bienvenu à l'OWASP.

Pour les Entreprises souhaitant adhérer à l'OWASP, le montant de l'adhésion annuelle de $5000 US (dont 40% est reversé au Chapitre de votre choix) est 100% déductible!

Les fonds collectés servent à organiser les meetings du Chapitre Marocain, mais aussi et surtout à construire et organiser avec vous une approche spécifique en fonction de vos souhaits (sessions de sensibilisation, meetings internes, interventions de Speakers, etc.). Tout cela peut être discuté avec le Chapitre Marocain et acté conjointement avec vous si vous souhaitez adhérer à l'OWASP.

N'hésitez pas à nous solliciter si vous souhaitez discuter d'un sujet particulier, ou si vous souhaitez effectuer une présentation lors d'un meeting du Chapitre Marocain.

Amis de la Presse écrite et du Multimédia, n'hésitez pas à faire appel à nous si vous souhaitez notre concours pour vos articles et reportages, vous êtes les bienvenus et nous en serions honorés. Nous avons nous aussi besoin de vous.

Moi et le board du Chapitre Marocain restons modestes dans notre approche, mais nous souhaitons vraiment que le Chapitre OWASP Maroc devienne un de vos contacts de référence.

= Morocco OWASP Chapter Board =

Scope of the board is to discuss and approve local activities, meetings and plans.

In alphabetical order:


 * Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI]
 * Co-Leader [mailto:hamza.waraki (at)gmail.com Hamza Waraki]

= OWASP Security Training =

OWASP Training Day : Java Secure Coding Course - Session 5 - March 14th, 2015 - at Ecole Vinci Rabat/Morocco

 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
 * ABSTRACT: During this training class Azzeddine RAMRAMI will teach a Java Secure Coding. This training is free of charge and open to all
 * WHEN: March 14th, 2015
 * WHERE: Ecole Vinci Rabat/Morocco;
 * FEES: Course is free of charge. Nb of seat limited to 50 per class
 * SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI]
 * AGENDA: Oracle CERT Java Secure Coding:;
 * 1) 00.	Input Validation and Data Sanitization (IDS)
 * 2) IDS00-J. Sanitize untrusted data passed across a trust boundary
 * 3) IDS01-J. Normalize strings before validating them
 * 4) IDS02-J. Canonicalize path names before validating them
 * 5) IDS03-J. Do not log unsanitized user input
 * 6) IDS04-J. Safely extract files from ZipInputStream
 * 7) IDS05-J. Use a subset of ASCII for file and path names
 * 8) IDS06-J. Exclude user input from format strings
 * 9) IDS07-J. Do not pass untrusted, unsanitized data to the Runtime. exec method
 * 10) IDS08-J. Sanitize untrusted data passed to a regex
 * 11) IDS09-J. Do not use locale-dependent methods on locale-dependent data without specifying the appropriate locale
 * 12) IDS10-J. Do not split characters between two data structures
 * 13) IDS11-J. Eliminate non character code points before validation
 * 14) IDS12-J. Perform lossless conversion of String data between differing character encodings
 * 15) IDS13-J. Use compatible encodings on both sides of file or network IO
 * 16) 01.	Declarations and Initialization (DCL)
 * 17) 02.	Expressions (EXP)
 * 18) 03.	Numeric Types and Operations (NUM)
 * 19) 04.	Object Orientation (OBJ)
 * 20) 05.	Methods (MET)
 * 21) 06.	Exceptional Behavior (ERR)
 * 22) 07.	Visibility and Atomicity (VNA)
 * 23) 08.	Locking (LCK)
 * 24) 09.	Thread APIs (THI)
 * 25) 10.	Thread Pools (TPS)
 * 26) 11.	Thread-Safety Miscellaneous (TSM)
 * 27) 12.	Input Output (FIO)
 * 28) 14.	Platform Security (SEC)
 * 29) 15.	Runtime Environment (ENV)
 * 30) 16.	Serialization (SER)
 * 31) 49.	Miscellaneous (MSC)
 * 1) 49.	Miscellaneous (MSC)


 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

= Events Sponsors = We need your help, Call for additional sponsors We need sponsors for meeting room, flight cost, hotel accomodations. Please contact the Chapter Leader on how to apply.

= Chapter Meeting =

Volonteer are encouraged to join OWASP Morocco Chapter. Please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI] = OWASP Moroco Local News =

2015-03-14 : '''VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI'''

2014-06-22 : '''MoroccoJUG (Morocco Java User Group) and OWASP Morocco organised a new Java Secure Coding session at Centre Eclipse Casablanca. See http://www.meetup.com/MoroccoJUG/'''

2012-05-02 : '''VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI'''

2010-12-26 : INSEC (Information Security Club)is planing on 16th of April 2011 the first edition of "Moroccan Cyber Security Challenge". A challenge that will gather teams from 14 engineering schools in Morocco interested to information security and assurance. OWASP will be present in this events.

2010-12-24 : First meeting preparation in Morocco in Rabat or Casablanca

2010-12-24 : Modification of Morocco Local Chapter Wiki

2010-12-24 : Azzeddine RAMRAMI is co-leader for Morocco local chapter. Welcome!

= OWASP Morocco past meetings =

OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco
 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: vinci@vinci.ac.ma At AXEL TELECOM (Axel Telecom) '''or at VINCI (VINCI Ecole Supérieure)
 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
 * ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
 * WHEN: March 28th, 2013
 * WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat
 * '''REGISTRATION:
 * FEES: Course is free of charge. Nb of seat limited to 25 per class
 * SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI]
 * AGENDA: OWASP Seminars
 * Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
 * Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
 * Session 2: Resilient C&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco
 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: vinci@vinci.ac.ma At AXEL TELECOM (Axel Telecom) '''or at VINCI (VINCI Ecole Supérieure)
 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
 * ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
 * WHEN: March 28th, 2013
 * WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat
 * '''REGISTRATION:
 * FEES: Course is free of charge. Nb of seat limited to 25 per class
 * SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI]
 * AGENDA: OWASP Seminars
 * Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
 * Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
 * Session 2: Resilient C&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

Web Application Security Seminar - May 18th, 2012 - at VINCI School Rabat/Morocco
''' 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: vinci@vinci.ac.ma
 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader, Hamza WARAKI: Pôle Sécurité PenTest OWASP Morocco, Tarif EL AOUADI from Lexi and Intissar from VINCI
 * ABSTRACT: During this seminars Azzeddine RAMRAMI will present a complete Architecture Security Framework to implement Web Application Security the IT landscape. Hamza WARAKI will present how to conduct an OWASP Web Application PenTesting. OWASP activity and spirit will be presented in this event.
 * WHEN: May 18th, 2012
 * WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

'''At AXEL TELECOM (Axel Telecom) '''or at VINCI (VINCI Ecole Supérieure) 09:00-09:30 Welcome 09:30-09:45 OWASP Presentation ( Azzeddine RAMRAMI ) 09:45-10:00 Security Awarnasse ( Tarik EL AOUADI ) 10:00-10:30 OSSTMM v3.0 a PenTest Methodlogy - Overview ( Intissar EL MEZROUI ) 10:30-10:45 PAUSE 10:45-11:30 How to conduct a Web Application Pen Testing ( Hamza WARRAKI) 11:30-12:00 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad ) 12:00-14:30 PRIERE DE VENDREDI 14:30-15:30 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad ) 15:30-16:15 Smartphone Security (Tarik EL OUADI) 16:15-16:30 PAUSE 16:30-17:00 Smartphone Security (Tarik EL AOUADI) 17:00-17:45 Writing Secure Code : Java Principles ( Azzeddine RAMRAMI ) 17:45-18:00 Questions & Answers
 * '''REGISTRATION:
 * PROGRAM:


 * Event Flyer : [[File:OWASP_Seminar_Flyer-May_2012.pdf]] This is the flyer of Morocco Chapter seminar. A short description of the seminar with the agenda and titles.

= Resources =

Ethical Hacking LiveCD
To be posted after the first meeting