Jump to: navigation, search


7 March 2013 12:00 - 14:00 (Please RSVP to


ANZ, 833 Collins St, Docklands, Melbourne VIC 3008

Room Location: Core C

Please ask about OWASP at reception and they will direct you to the room (room: Core C).

The easiest way to get there is to hop on the tram number 48 or 11, on Collins St and go right to the end of Collins. Alternatively, walk down Collins St this is a walking distance . This will be the last stop.

Speaker One

Graeme “wily” Bell

First Topic

Leveraging Local File Inclusion

Graeme will demonstrate through real-world examples how “trivial” bugs like local file inclusion and arbitrary file read can be leveraged to get yourself a shell. Or at least a better bug. Examples will include some real world 0dayz (ohai mcafee) and some contrived demonstrations that mimic real-world shenanigans.

About the speaker

Graeme “wily” Bell is a Senior Consultant with BAE Systems Detica. He worked in systems administration and architecture before working out he could get paid to break things. Half comedy/half technology talks are his speciality, as demonstrated at industry conferences including Ruxcon, AusCERT, Syscan.

Speaker Two

Andrew Horton

Second Topic


Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. Some really interesting stories without names.

About the speaker

Andrew Horton is a Senior Consultant with BAE Systems Detica. Andrew is an author of various interesting security tools.

Hope to see you all there to enjoy the presentation and some refreshments but only if you RSVP! :)

OWASP Melbourne :)