New Jersey

Meeting News
OWASP NJ SEPTEMBER 25th MEETING  RSVP

WHEN: September 25th 2006 5:00pm - 9:00pm

WHERE: New Jersey Institute of Technology GITC Building 3rd Floor, University Heights Newark, New Jersey 07102-1982 DIRECTIONS

EVENT SPONSORS Location Sponsor: New Jersey Institute of Technology

Corporate Sponsors: Mirage Networks

* CAFFEINE-ENRICHED TECH FUEL WILL BE SERVED + PIZZA *

TOPIC A: ENDPOINT CONTROL This talk will focus on basic components/capabilities of controling the endpoints in the network and the developing standards that you should be aware of. Speaker: Larry Fermi

TOPIC B: SESSION MANAGEMENT This talk will highlight of weaknesses in 3rd party token generation algorithms, session fixation and weaknesses in expiration. Speaker: James Landis

TOPIC C: WIRELESS INSECURITY For enterprises with wireless LAN networks,as well as those without, Wi-Fi brings a new set of security threats that cannot be protected against by your current firewall and VPN security systems. This talk will cover a current wireless computer security vunerability attack vectors and provide a live demo of the problems and the hacks. Round table discussion will follow concerning risk mitigation of the issues for business and personal. Speaker: Anthony Paladino

TOPIC D: OWASP LABRAT Project This talk will provide a updated on LabRat = The first version Application Security Testing CD developed with the OWASP project leader: Joshua Perrymon. Download the Alpha ISO and burn a copy LABRAT. Be sure to bring it with you to the event. Speaker: Tom Brennan

 PLEASE RSVP FOR THIS EVENT  - RSVP

Meeting News
OWASP NJ DECEMBER 7th MEETING

WHEN: December 7th 2006 5:30pm - 9:30pm

WHERE: ABN AMRO Bank 499 Washington Ave., (1st Floor) Jersey City, NJ 07310

EVENT SPONSORS Location Sponsor: ABN AMRO

Corporate Sponsors: Syngress Publishing, Checkpoint Systems, - to become a supporter call 973-296-3862

TOPIC A: THE RULES OF INFORMATION SECURITY HAVE CHANGED  A view on current state of cyber warfare, counter-terrorism, communications and intelligence.

Speaker: Gunnery Sergeant M. Sedano Reynolds, United States Marine Corps

TOPIC B: METASPLOIT FRAMEWORK AND BUFFER OVERFLOWS  Got Root? This talk will cover the Open-Source Exploit Framework Metasploit with how-to information and details on using it to exploit authorized systems. Learn tips, tricks

Speaker: Paul Battista

TOPIC C: HACKING THE PAYMENT GATEWAY & EFFECTIVE COUNTERMEASURES Payment gateways give merchants the ability to perform real-time credit card and check authorizations from a website over the Internet. 0-day exploits in the wild will be revealed

Speaker: Tom Ryan

TOPIC D: KARMA  This presentation will discuss and demonstrate KARMAan open-source assessment framework that demonstrates wireless risk with a modified wireless driver that responds as any network that a client may be looking for, a set of rogue services to capture client credentials, and client-side exploits. Dino will also provide insight into the vulnerabilities revealed in some wireless drivers such as the one demonstrated at BlackHat by David Maynor and Johnny Cache.

Speaker: Dino Dai Zovi

TOPIC E: INCIDENT RESPONSE  After thismeeting you will need to know it ;)

Our final speaker will cover 7-Things you need to know to respond to respond effectively to a computer security incident at your organization. This talk will cover both wireless, wired and applications. Don't miss this one as a result of this meeting... this information will be very helpful

Speaker: FBI Special Agent Tim O'Brien

Unoffical XMas Party ;) ''' DORRIANS Just several doors down from the meeting is DORRIANS, take this time to raise a toast with your peers and plan OWASP talks, elections, locations and speakers for 2007'

For any questions or to volunteer simply call 973-296-3862 to discuss.