OWASP Lviv

Future Events

Who are we

OWASP Lviv

Welcome to the OWASP Lviv chapter homepage.

The chapter leaders are Igor Beliaiev, Bohdan Serednytskyi and Stanislav Breslavskiy. The chapter is run by a team of dedicated cybersecurity enthusiasts: Pavlo Zhavoronkov, Oksana Safronova and Danial Zhuravchak.

The chapter aims at holding quarterly meetups in the format of 2 practical workshops and up to 5 talks. The meetups are normally streamed online and recorded, and are followed by unofficial parties in Lviv pubs. Everyone are welcome to join us at our chapter meetings.

How to find us

Follow our news and announcements on social media: Facebook & Telegram

Find us on the semi-official OWASP Slack channel (you have to register first)

Watch recordings of our previous events YouTube

Join our Meetup Page

How to support the chapter

If your company wishes to support the chapter, please contact Igor Beliaiev.

Become a Speaker

Call For Speakers at OWASP Lviv events is permanently open. If you want to present at future events, review and agree with the OWASP Speaker Agreement and check for upcoming events at https://cfp.owaspukraine.org, or simply send the title and abstract of your talk and speaker bio to Igor Beliaiev or Bohdan Serednytskyi.

Become a Sponsor

To sponsor an OWASP Lviv event, contact Igor Beliaiev or Stanislav Breslavskiy.

We don’t have any special sponsorship package, however the sponsoring organization or individual will receive our warm thanks and a fair amount of gratitude spread over our social media presence, placed at the chapter official web-page, and announced at the event itself.

Become a Host

To host an OWASP Lviv event, contact Igor Beliaiev.

Venue requirements include:

  • Capacity to welcome up to 100 attendees
  • Possibility to host a lunch (paid separately by the Chapter)
  • Separate high-quality internet connection for online streaming
  • No need for additional attendee registration or providing attendee lists
  • No marketing, advertising, or hiring at the event

Announcements


#1 OWASP Lviv Spring Meetup 2021 (online)

Date April 7, 2021

Program

  1. Security Headers. Why should we care? by Artur Hil
  2. Automating security testing of web application by Ihor Sasovets
  3. How I spent “this summer” or how to be “an expert” in several domains by Danial Zhuravchak

Event details

#2 OWASP Lviv Summer Meetup 2021 (online)

OWASP Lviv

Date July 10, 2021

Program

  1. Windows Privelege Escalationa by Anatolii Khomenchuk
  2. Security Testing Basics: OWASP Top 10 or where to start security by Maksym-Volodymyr Lyba
  3. Digital transformation impact on Security by Igor Beliaiev

Event details

#3 OWASP Lviv Autumn Meetup 2021

Date September 11, 2021

Program

  1. Hunting for APT in network logs by Bogdan Vennyk
  2. Let’s play a game by Oksana Safronova
  3. Attacks on Windows Infrastructure (Blue Team edition) by Bogdan Vennyk
  4. Hardware Security by Stanislav Breslavskii

2nd session and retrospective after NoNameCon 2021 edition

Event details

#4 OWASP Ukraine 2021

Currently postponed due to covid-19 restrictions


Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.


#1 Chapter Webinars 2020

Debate on Pentest & AppSec – Blue Team vs. Red Team Perspective“ by Yevgen Balyutov, Andrii Garaschuk, Igor Beliaiev, Vlad Styran

Video recording

#2 OWASP Ukraine 2020

OWASP UKRAINE online meetup 2020

Date Deember 5th, 2020

Program

Event schedule

  1. “React Native Security: Addressing Typical Mistakes” by Julia Potapenko | Video
  2. “Безпека додатку Дія - “Оскар” чи “Золота малина”” by Константин Корсун | Video
  3. “OAuth2.0: What? Where? When?” by Anatolii Bereziuk | Video
  4. “OWASP JuicyShop Workshop” (Workshop) by Serhii Korolenko & Eduard Kiiko & Oksana Safronova | Video
  5. “Leveraging the crowd power to regain faith in Internet’s zero trust architecture” by Philippe Humeau | Video
  6. “Serverless security: attack & defense” by Pawel Rzepa | Video
  7. “6 digit OTP for 2FA is brute-forceable in 3 days + OTP Lottery” by Maksym Khramov & Serhii Korolenko | Video

#1 OWASP Lviv Winter Meetup 2019

Date February 19, 2020

Program

  1. Vadym Opryshko - Security assessment: prepare yourself, not policies.
  2. Ben Whaley - The best and worst AWS security practices
  3. Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware)

Event details

#2 OWASP Lviv Winter Meetup 2019

Date August 28, 2019

Program

  1. Eduard Kiiko - Variety of Linux logging tools and their integrations
  2. Pavlo Zhavoronkov - Darknet security best practices
  3. Danial Zhuravchak - SRE: Monitoring

Event details

#3

OWASP UKRAINE 2019

Date October 04-05, 2019

Program

Event schedule

Day 1 (Workshops): Stream1:

  1. Кирило Гобреняк - From Zero to Hero in Web Application Security Testing with OWASP.
  2. Ігор Блюменталь - GraphQL Security Testing
  3. Володимир Стиран - Tactical Offensive Reporting

Stream 2:

  1. Віталій Сусукайло та Олексій Сведенюк - Power of Azure Log Analytics
  2. Едуард Кійко та Данило Журавчак - Boss of The SOC
  3. Vladimir Taratushka - Pentest + Social Engineering = Always win

Day 2:

  1. Kostiantyn Korsun - #FRDv2.0: new adventures
  2. Ewerson Guimaraes - Some Burp Kung-Fu
  3. Ali Huseyn Aliyev - Bluetooth Low Energy (BLE) under the microscope, attack techniques
  4. Eduard Kiiko and Danial Zhuravchak - Threat Hunting: DNS security
  5. Ricardo Fajin - Using Frida in Mobile Pentest Android
  6. Oksana Safronova - Normal activity detected
  7. Serhii Korolenko - Web vulnerabilities. In and out half an hour.
  8. Bohdan Lukin - Attacking Active Directory in examples
  9. Andrii Kudyurov - Doing OWASP ASVS audit for released products: pros, cons and a slight pain
  10. Nadia Klymenko - Approaches to keep your privacy
  11. CTF and Hacker party

Video recordings

#4 OWASP Lviv Winter Meetup 2019

Date December 19, 2019

Program

  1. Overview of DevSecOps
  2. Auditing Docker containers
  3. Infrastructure code security testingg

Event details


#1 OWASP Lviv Summer Meetup 2018

Date July 28, 2018

Program

  1. Stanislav Kolenkin - Practical Kubernetes Security.
  2. Igor Khoroshenk - AWS security fuckups. How Ops and Security misconfigurations can expose your company valuable assets.
  3. Oksana Safronova - Windows persistence - something old, something new, something weird. How to exploit some of the techniques and stay on the system for long enough.
  4. Pavlo Zhavoronkov - Extending that monster: Cuckoo functionality for Mac-based Malware analysis.

Event details

#2 OWASP Lviv Autumn Meetup 2018

Date October 1, 2018

Program

  1. Yuriy Rudyy - Person of Interest (locate and identify device: cell LAC, WiFi, iBeacon…)
  2. Igor Khoroshchenko - Data Leakages Epic Fuckups
  3. Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware

Event details

#3

OWASP UKRAINE 2018

Date November 23-24, 2018

Program

Event schedule

Day 1 (Workshops): Stream1:

  1. IGOR KHOROSHCHENKO - AWS Security FUCKUPS
  2. BOGDAN LUKIN - WAF Evasion Techniques
  3. DANIAL ZHURAVCHAK - Analyze or Die - SOC game

Stream 2:

  1. IGOR BLUMENTAL - Content Security Policy tips and tricks
  2. SERHII KOROLENKO - CSRF exploitation
  3. Andrey Voloshin - Reverse Engineering Hardware & Firmware

Day 2:

  1. Eduard Babych - Intro to Bug Bounty. How to become a Bug Bounty Hunter
  2. Lukasz Korczyk - CSRF - why your organization shouldn’t set it to low?
  3. Vitaliy Mechytashvili - Safari extensions. Suspicious javascript functions. Mojave security improvements bypass
  4. Vlada Kulish - Wanna test IOS applications? Let the pain in
  5. Kostiantyn Korsun - New National Cybersecurity System: Concept
  6. Rener Alberto F. Silva - SPLITTER: An Approach to Difficult Correlation, Traffic Analysis and Statistical Attacks Inside TOR Network
  7. Yurii Bilyk - So, you want hack some device?
  8. Oleh Levytskyi - Security issues with Chrome extensions on a practical use-cases
  9. Pavlo Radchuk - Blockchain is secure (not)
  10. Oleksandr Yakovliev, Olesia Myshkovska - Fuzzing and searching for vulnerabilities in third-party Android services embedded by manufacturers
  11. Hacking QUIZ and Hacker party

Call For Papers 2021

Hey! We are happy to announce the CFP for our meetups and conferences! If you have a prepared speech with the topic related to the security we are happy to include you in our program!

Submit your speach here


Our supporters

Chapter meeting sponsors

These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.

EPAM

Berezha Security

Chapter meeting hosts

These companies have demonstrated their support for Ukrainian Application Security community by hosting our quarterly chapter meetings.

EPAM

Ciklum

Techmagic

Eleks

SoftServe