Morocco

= OWASP Morocco Presentation =

Scope of the board is to discuss and approve local activities, meetings and plans.

Contacts et Propositions de Présentations/Contributions

 * [mailto:Azzeddine.RAMRAMI(at)owasp.org Azzeddine RAMRAMI] et [mailto:tarik.elaouadi(at)owasp.org Tarik EL AOUADI] sont à votre disposition si vous souhaitez des informations sur l'OWASP ainsi que sur la Sécurité des Applications Web.

Entreprises, Individuels, Monde Académique, Sponsors, Supports, tout le monde est bienvenu à l'OWASP.

Pour les Entreprises souhaitant adhérer à l'OWASP, le montant de l'adhésion annuelle de $5000 US (dont 40% est reversé au Chapitre de votre choix) est 100% déductible!

Les fonds collectés servent à organiser les meetings du Chapitre Marocain, mais aussi et surtout à construire et organiser avec vous une approche spécifique en fonction de vos souhaits (sessions de sensibilisation, meetings internes, interventions de Speakers, etc.). Tout cela peut être discuté avec le Chapitre Marocain et acté conjointement avec vous si vous souhaitez adhérer à l'OWASP.

N'hésitez pas à nous solliciter si vous souhaitez discuter d'un sujet particulier, ou si vous souhaitez effectuer une présentation lors d'un meeting du Chapitre Marocain.

Amis de la Presse écrite et du Multimédia, n'hésitez pas à faire appel à nous si vous souhaitez notre concours pour vos articles et reportages, vous êtes les bienvenus et nous en serions honorés. Nous avons nous aussi besoin de vous.

Moi et le board du Chapitre Marocain restons modestes dans notre approche, mais nous souhaitons vraiment que le Chapitre OWASP Maroc devienne un de vos contacts de référence.

= Meetings 2019 =

OWASP Training Day at ONCF, Rabat/Morocco
Azzeddine RAMRAMI will run a one full day developper training on OWASP, on 15th February 2019. Two others OWASP Morocco Chapter members will assist Azzeddine RAMRAMI during this training.

Location: ONCF Club

City: Rabat

Country: Morocco

Course Outline:
 * 1)        Introductions
 * 2)        Agenda
 * 3)        Secure Development Lifecycle (SDLC)
 * 4)        Lab: Threat Modeling
 * 5)        Principles of Secure Code
 * 6)        Authentication & Authorization
 * 7)        Lab: Access Control
 * 8)        Mini-Lab: Weak Session Identifiers
 * 9)        Session Management
 * 10)      Lab: SQL Injection
 * 11)      Lab: Cross-Site Scripting
 * 12)      Input Validation
 * 13)      Lab: SQL Injection Patching
 * 14)      Lab: Cross-Site Scripting Patching
 * 15)      Proper Encryption
 * 16)      Mini-Lab: Hash Breaking
 * 17)      Logic Flaws
 * 18)      Lab: Logic Flaw Exploitation
 * Addition Labs:
 * 19)      Other Attacks
 * 20)      Mini-Lab: XML Attacks
 * 21)      Security Hygiene
 * 22)      Final Lab: Hacking Contest

Four chapters meetings in 2019: Q1, Q2, Q3 and Q4. See more soon.
= Meetings 2018 = Welcome to the second edition of OWASP AppSec Morocco and Africa in Casablanca, Hotel Val d'Anfa on November 15-16, 2018.

https://2018.appsecmorocco.org/agenda/

At AppSec Morocco & Africa you can connect with over 250 security professionals in our sponsor hall. Our floor plan is designed to allow you to engage with speakers and attendees.

Thank you to the Sponsors of Appsec Morocco & Africa 2018 :

https://2018.appsecmorocco.org/sponsors/

Here the final list of our speakers from differents countries including Africa (Morocco and Algerie), Canada, Europe and Asia.

https://2018.appsecmorocco.org/speakers/

= Meetings 2017 =

OWASP participe à l'évènement MCSC 2017 à l'ENSIAS Rabat
= Meetings 2016 =

OWASP participe à l'évènement MCSC 2016 à l'ENSIAS Rabat/Maroc le 14 et 15 mai 2016
J'ai le plaisir que l'OWASP Morocco Chapter participe en tant que partenaire sécurité à l'évènement MCSC 2016 à l'ENSIAS Rabat le week-end du 14 au 15 mai 2015:

moroccancybersecuritychallenge.com/mcsc-2016

Je vous informe que l'OWASP intervient avec les thèmes suivants:

1. Une conference sur IOT SECURITY avec Mlle.Sanae, PhD Studnet ENSA Tétouan/OWASP Morocco Team 2. Un hands-on de 3h sur comment sécuriser une application web les outils opensource, Azzeddine RAMRAMI, OWASP Leader/IBM Security Senior Architect

Les inscriptions sont disponibles via le lien suivant:

https://goo.gl/mZuX1E

N’hésitez pas donc à s'inscrire et à inviter toute personne intéressée.

Notre sponsor pour cet events est ADAM RIDSON

http://www.adamridson.com/wp-content/uploads/2015/11/logo.001-1024x400.png

= Events Sponsors = We need your help, Call for additional sponsors We need sponsors for meeting room, flight cost, hotel accomodations. Please contact the Chapter Leader on how to apply.

= Chapter Meeting =

Volonteer are encouraged to join OWASP Morocco Chapter. Please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI] = OWASP Moroco Local News =

2015-03-14 : '''VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI'''

2014-06-22 : '''MoroccoJUG (Morocco Java User Group) and OWASP Morocco organised a new Java Secure Coding session at Centre Eclipse Casablanca. See http://www.meetup.com/MoroccoJUG/'''

2012-05-02 : '''VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI'''

2010-12-26 : INSEC (Information Security Club)is planing on 16th of April 2011 the first edition of "Moroccan Cyber Security Challenge". A challenge that will gather teams from 14 engineering schools in Morocco interested to information security and assurance. OWASP will be present in this events.

2010-12-24 : First meeting preparation in Morocco in Rabat or Casablanca

2010-12-24 : Modification of Morocco Local Chapter Wiki

2010-12-24 : Azzeddine RAMRAMI is co-leader for Morocco local chapter. Welcome!

= OWASP Morocco past meetings =

OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco
 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: vinci@vinci.ac.ma  At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)
 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
 * ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
 * WHEN: March 28th, 2013
 * WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat
 * REGISTRATION:
 * FEES: Course is free of charge. Nb of seat limited to 25 per class
 * SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI]
 * AGENDA: OWASP Seminars
 * Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
 * Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
 * Session 2: Resilient C&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco
 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: vinci@vinci.ac.ma  At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)
 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
 * ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
 * WHEN: March 28th, 2013
 * WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat
 * REGISTRATION:
 * FEES: Course is free of charge. Nb of seat limited to 25 per class
 * SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader [mailto:azzeddine.ramrami(at)owasp.org Azzeddine RAMRAMI]
 * AGENDA: OWASP Seminars
 * Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
 * Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
 * Session 2: Resilient C&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
 * Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo
 * Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

Web Application Security Seminar - May 18th, 2012 - at VINCI School Rabat/Morocco
 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: vinci@vinci.ac.ma 
 * MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader, Hamza WARAKI: Pôle Sécurité PenTest OWASP Morocco, Tarif EL AOUADI from Lexi and Intissar from VINCI
 * ABSTRACT: During this seminars Azzeddine RAMRAMI will present a complete Architecture Security Framework to implement Web Application Security the IT landscape. Hamza WARAKI will present how to conduct an OWASP Web Application PenTesting. OWASP activity and spirit will be presented in this event.
 * WHEN: May 18th, 2012
 * WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure) 09:00-09:30 Welcome 09:30-09:45 OWASP Presentation ( Azzeddine RAMRAMI ) 09:45-10:00 Security Awarnasse ( Tarik EL AOUADI ) 10:00-10:30 OSSTMM v3.0 a PenTest Methodlogy - Overview ( Intissar EL MEZROUI ) 10:30-10:45 PAUSE 10:45-11:30 How to conduct a Web Application Pen Testing ( Hamza WARRAKI) 11:30-12:00 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad ) 12:00-14:30 PRIERE DE VENDREDI 14:30-15:30 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad ) 15:30-16:15 Smartphone Security (Tarik EL OUADI) 16:15-16:30 PAUSE 16:30-17:00 Smartphone Security (Tarik EL AOUADI) 17:00-17:45 Writing Secure Code : Java Principles ( Azzeddine RAMRAMI ) 17:45-18:00 Questions & Answers
 * REGISTRATION:
 * PROGRAM:


 * Event Flyer : [[File:OWASP_Seminar_Flyer-May_2012.pdf]] This is the flyer of Morocco Chapter seminar. A short description of the seminar with the agenda and titles.

= Resources =

Morocco Cyber Security Event Virtual Machin image
To be posted after the first meeting