Delhi NCR

Chapter Sponsors
Sponsor OWASP Delhi Chapter to help us organize open and free monthly meetings. For more information, contact the chapter leaders

= Upcoming Meeting/Event(s) =

When: October 18th, 2014 (Saturday), 4:00 PM IST

Venue: Sapient Corporation, Unitech Infospace SEZ Tower-B, Building No-8 Sector 21, Old Delhi - Gurgaon Road Dundahera, Gurgaon 122016 Haryana, India, Main Office Number: +91 (124) 499 6000

Nearest Landmark: Trident Hotel.(Straight from Trident Hotel towards Dundahera Village and left from T Point, Unitech building will be on the right. RBS and Amdocs offices are in the same complex.)

Nearest Metro Stations: · IndusIand Bank Cyber City Rapid Metro Station · MG Road Metro Station · Sikanderpur Metro Station

Google Maps: Click here!

Note: RSVP/Registration is mandatory else Sapient Security Personnel won't allow you in. Please do so here – http://goo.gl/KsmDX7

Session Details/Agenda:

4:00 PM - 4:10 PM: Introductions by null and OWASP Delhi Team

4:10 PM - 4:20 PM: Welcome Video from Thom Langford, Director, Global Security Office, Sapient

4:20 PM - 4:30 PM: News Bytes and What's New by null and OWASP Delhi Team

4:30 PM - 5:30 PM: IronWASP - The Open Source Web Security Scanner that is made in India

Abstract: It is generally believed that all innovation in the security space happens in the west and then trickles down to India. But did you know that there is one project from India that has pioneered new techniques years back that have only recently been adopted by others. And some of these techniques might probably only be adopted sometime in the future. I am the founder of this project and I will tell you its story.

About the Speaker: Lavakumar Kuppan is the CTO of Ironwasp Information Security Solutions Pvt Ltd and founder of the IronWASP Project. IronWASP is one of the world's best open source web security scanners and is Asia's largest open source security project. He is also a well known security researcher and speaker. His research works have been covered by prominent media groups like Forbes. The web security scanning technology developed by him won an innovation award from the Indian Department of Science & Technology and Lockheed Martin. He was awarded the Black Shield Luminaire award for his work in the field of security. You can find out more about him and his projects at lavakumar.com

5:30 PM - 5:45 PM: Tea/Coffee/Networking Break

5:45 PM - 6:15 PM: UNICODE For Fun and Profit

Abstract: Currently, UNICODE is getting more and more popular in computing world. With an initiative to register domain names with UNICODE characters, the world will see even more prevalent use of UNICODE. Such widespread use of UNICODE opens the door to some attack vectors (specially spoofing etc) which were slightly harder to perform. The talk will discuss 3 such attacks (extension spoofing, URL spoofing, and phishing) using RTLO, LTRO and some other special properties of UNICODE. Demo and proof of concept codes will be presented for each attack. The talk will also discuss about countermeasures for such attacks.

About the Speaker: Ankur Vats is an independent security researcher specialising in web security and related fields. His areas of expertise are web security, network security and secure coding practices. He can be reached on facebook (ankur.vats.735), and email (vats.ankur452@gmail.com).

6:15 PM - 6:45 PM: I know what you did on your system: Analyzing User Activities

Abstract: The talk will cover various aspects of User Activity Forensics including but not restricted to, file system activity, network activity, machine name, interfaces, machine image sources and USB port(s) usage. This will help attendees understand ways to detect suspicious activity on the system that may comprise the security posture of the system or may have already done so.

About the Speaker: Vaibhav Gupta (one of the Chapter Lead) is currently working with Adobe as a Security Researcher. Previous to this, he was working with a Fortune 500 company dealing with application security and network security assignments as a Sr. Information Security Engineer. His interests/experience lies in: → Application Security → 0-day & Malware Analysis → Fuzzing → Network Penetration Testing

6:45 PM - 7:00 PM: Feedback and Topic Discussion for Next Month In case of any queries or issues please feel free to reach out to the chapter leaders.

= Stay Updated =

Join our low traffic mailing list for events information and technical discussions
Subscribe to OWASP Delhi Mailing list

Follow @OWASPdelhi for event updates on Twitter
OWASP Delhi Twitter Account

Join our LinkedIn group for event updates on LinkedIn
OWASP Delhi LinkedIn Group

OWASP Delhi Blog
'''OWASP Delhi Blog

= Past Events/Archives = OWASP Delhi Meeting - October 18th, 2014 OWASP Delhi Meeting - September 20th, 2014 OWASP Delhi Meeting - August 31st, 2014 OWASP Delhi Meeting - July 26th, 2014 || OWASP Delhi July, 2014 Meeting Blog Post

-- Chapter Revival in June 2014 -- OWASP Delhi Meeting - Oct 30th, 2010 OWASP Delhi Meeting - May 2009 OWASP Delhi Meeting - January & February (Combined) 2009 OWASP Delhi Meeting - November 29th 2008 OWASP Delhi Meeting - October 18th 2008 Archived Page of Delhi Chapter Past Committee Members for Delhi Chapter

= Presentations =

OWASP Delhi July, 2014 Monthly Meeting Presentations

Botnets - What, How and Why by Utsav Mittal Combating Cyber Crime by Priyanka Tomar