Triangle

Welcome
Welcome to the OWASP Raleigh, NC Local Chapter homepage!

Raleigh

The chapter leader is [mailto:mmenefee(@)securesolve(.)com Michael Menefee]

Phone: (919) 439-3598

Vice-chair is Chris Whitesock

Join the Chapter by signing up on our mailing list

Or, you can view our Mailing List Archives here

Meeting Location
''2224 Sedwick Drive

''Suite 201

''Durham, NC 27713

''Google Map here

We will be moving to a permanent location soon!!

The Raleigh NC Chapter is looking for new members. Please contact mmenefee[at]securesolve[dot]com if you would like to assist with helping me get this local chapter setup and rolling. I would like to start scheduling of our first meeting soon.

Aside from regular meetings with guest speakers from other chapters and organizations, we will be sponsoring several already in-development tools. If you have any interest in contributing to these projects, please let me know.

As always -- everyone is welcome to join us at our chapter meetings. $$Insert formula here$$

Projects
We are currently engaged in several new OWASP project initiatives, mostly surrounding passive assessment techniques used during the pen testing process. If you are interested in helping out, we need some development assistance.

We are currently developing in PHP, Perl & Python, using MySQl for back-end storage.

Please contact [mailto:mmenefee(at)securesolve(.)com Mike Menefee] if you are interested in helping out!

===[http://# P0AN] === Short for "Phase Zero ANalysis" this tool allows a pen tester to perform passive data collection on a target environment and will setup the subsequent attack steps based on the findings...A must-have for any Pen Tester.

===[http://# eHarvester] === A passive email address (i.e. username) enumeration tool. This tool has been integrated into Lunker, but still exists as a stand-alone php or bash shell script and works with Google, MSN and Yahoo presently.

===[http://# Lunker] === Lunker is a Spear Phishing toolkit co-developed by the Raleigh NC and Alabama Chapters. This tool allows a pen tester to initiate a targeted phishing attack on any organization, complete with discovery, brute-force and exploitation.