Bangalore/Archives

Sessions
OWASP Bangalore/null/G4H Combined Meet at Paypal Office
 * Reflective and Stored XSS - Rakesh
 * News Bytes - Basaveswar
 * Intro to Threat Modeling - Shivendra
 * Fuzzing Asynchronous Protocols built over Websockets - Lavakumar Kuppan
 * OWASP ZAP Tool Demo - Marudhamaran Gunasekaran

Sessions
OWASP Bangalore Special Meet at Paypal Office
 * Hack Like a Pro Workshop - Jayesh Singh Chauhan
 * Breaking ECB Crypto using Burp Suite - Akash Mahajan

Sessions
OWASP Bangalore/null/G4H Combined Meet at InMobi Technologies
 * Mobile Top 10 for beginners - Anant Shrivastava
 * Windows Post Exploitation techniques - Riyaz Walikar
 * PCI DSS v3.0 : Protecting Cardholder data - Manasdeep
 * SHODAN - Bharath
 * Matriux - Narayanan Subramaniam

Sessions
OWASP Bangalore/null/G4H Combined Meet at InMobi Technologies
 * OWASP Mobile Security Risk Series - Anant Shrivastava
 * Social Engineering and its importance during Security Audits - Manasdeep
 * HTTP Response Splitting - Sharath
 * ZAP Proxy - Rupam Bhattacharya

Sessions
OWASP Bangalore/null/G4H Combined Meet at EMC Corporation
 * OWASP Mobile Security - Anant Shrivastava
 * XML Injection - AMol NAik
 * Are you a Host for Malware? - Abhijeth
 * Burp Advanced - Harshal Jamdade

Sessions
OWASP Bangalore/null/G4H Combined Meet at Thoughtworks
 * Working with Web Goat Vulnerable Application - Jagan Mohan
 * OWASP Comprehensive, Lightweight Application Security Process - Akash Mahajan
 * Open Source Intelligence (OSINT) with Maltego - Nutan Kumar Panda
 * Win 8 Mobile App Pen-testing - Anant Tiwari

14th June 2014
OWASP Bangalore/null/G4H Combined Meet at Thoughtworks

Sessions

 * OWASP Mobile Top 10 - Part 2 Anant Shrivastava
 * Security News Bytes Nishanth Kumar
 * Abeer Banerjee
 * Browser Exploitation Framework BeEF Prashanth Sivarajan
 * ESAPI (The OWASP Enterprise Security API) Sathish

24th May 2014
OWASP Bangalore/null/G4H Combined Meet at Thoughtworks

Sessions

 * OWASP Mobile Top 10 - Part 1 Pushkar Pashupat
 * NEWS Bytes Anant Shrivastava
 * Web-Service (SOAP) Exploitation Rahul Sasi
 * Metasploit Demo Rupam Bhattacharya
 * Web App Security - The Good Parts Akash Mahajan

8th Feb 2014
Special OWASP Meet is a workshop by Justin Searle (His Profile) on 8th of Feb 2014.

Workshop A Systematic Method for Manual Web Pentesting by Justin Searle
Come have a taste of the official Samurai-WTF Web Testing Framework training course offered at Black Hat and OWASP conferences. During this workshop, we'll do a quick overview of the web pen-testing methodology, then the instructors will lead you through the process of testing and exploiting web applications. The primary emphasis of this workshop is teaching you how to integrate SamuraiWTF tools into your own manual testing procedures to improve your overall pentest workflow.

18th January 2014
http://null.co.in/2014/01/10/null-bangalore-january-2014-combined-meet-with-owaspg4hsecurityxploded-saturday-18th-january-2014-thoughtworks/]


 * Web Application Security for Beginners: DOM Based XSS – Jayesh Singh
 * Automated Source code review using Fortify – Rupam Bhattacharya
 * Struts Validation Framework: Part 2 – Satish
 * Security Onion – Nishanth Kumar
 * Web Application Security: The pitfalls and the brickwalls, a developer perspective – Vamsi Krishna

14th December 2013
More details about the talks


 * Web Application Security For Beginners by Jayesh Singh
 * Overview of ISO 27001 by Rupam Bhattacharya
 * XSS - From injection to root by Abeer Banerjee
 * Struts Validation Framework by Satish

1st November 2012
Topic: Python For Web Penetration Testing Author: by Justin Searle Description: Basic Python scripting to automate tasks for penetration testing.

3rd October 2009
Topic: Web 2.0 Security Author: by KV Prashant Description:Web 2.0 Security

5th Sep 2009
Topic: SSL Cipher Enumeration Author: by Gursev Description:SSL Cipher Enumeration

5th Sep 2009
Topic: Cookie Replay Attacks Author: Ravi Gopal Description:Overview and Live Demo of Cookie replay attacks Topic: 2. Cloud Security Author: Shashidhar Description:Overview of Cloud Security

12 July2009
Topic: Turning Firefox Into Ultimate Hacking Tool(SecFox) Part - II Author: Rajiv Vishwa Description: Talk on tweaking Firefox with various addons and doing some customizations so that it can be used to perform vulnerability assessments on various websites.

07 Jun 2009
Topic: Turning Firefox Into Ultimate Hacking Tool(SecFox) Author: Rajiv Vishwa Description: Talk on tweaking Firefox with various addons and doing some customizations so that it can be used to perform vulnerability assessments on various websites.

07 Mar 2009
Topic: Hackers Secret Author: Sharmishta Gupta Description: Headsup on OWASP top vulnerabilities and introduction to Webgoat application.

02 Feb 2009
Attendees: 13 Members Topic: Cracking applications with OllyDbg debugger(Demo) Author: Rajiv Vishwa Description: Session on debugging standalone executables to pin point security holes which is otherwise exploited by crackers to patch the pro version to freeware. Couple of tiny applications which requires keys for activation are cracked during the session.

14 Dec 2008
Topic: Access Control Mechanisms Author : Sundar Description: Overview on different types of access control schemes and its usages. Comments: The main agenda for the meet has been a presentation on "Access Controls" by Sundar. It was informative and lead to a good discussion on the topic. The meet lasted for over an hour and has seen good acceptance by members who attended.