Difference between revisions of "Boulder"

From OWASP
Jump to: navigation, search
(Directions to Staples:)
(Boulder OWASP 2009 AGENDA)
Line 29: Line 29:
 
-----------------------------------------------------------------------
 
-----------------------------------------------------------------------
  
== Boulder OWASP 2009 AGENDA ==
+
== October and November 2009 Meetings will be joint with the Denver OWASP at a downtown location TBA ==
=== May 21, 2009 Cross site scripting Lab ===
+
===Unfortunately we are going to have to cancel this months (September 2009) meeting.  Our sponsor presenter was unable to make it out here at the last minute due to some budgeting constraints.
Lab to explain how to attack vulnerable sites –we will use three different examples and
+
Spend  one half hour on each:  Basic attacks, intermediate and advanced.
+
Teacher TBA.
+
  
We will be using the OWASP Live CD and will have them available.
+
David Campbell (Denver OWASP) and I will be holding joint meetings for October and November at a downtown location in order to make it convenient for all of our members.  We will be focusing on Cloud Security for the rest of the year as this has become a hot topic and pertinent to 2010 planning for many.===
Must have laptop with CD player. 
+
Meeting will be at Staples:  One Environmental Way, Broomfield, Co. 80021
+
Brown bag or we can order pizza when everyone gets there.
+
6pm to 7pm dinner and Lab from 7pm to 8:30
+
Drinks at Gordon Biersch after the lab.  Topics up for discussion (we’ll choose one):
+
 
+
Black Hat DC researchers demonstrate new cross-site scripting browser hack that lets attackers retrieve data without a trace
+
 
+
[http://developers.slashdot.org/article.pl?sid=09/05/09/1339213 Should Developers Be Liable For Their Code?]
+
 
+
=== June 18, 2009 Part 2 Cross Site Scripting Lab – put it into practice – how to defend against Cross site scripting ===
+
We will defend against a basic attack, an intermediate and advanced.
+
Teacher TBA
+
Remember to bring your OWASP Live CD and your laptop with CD player.
+
Location will be at CSU in Fort Collins.  Directions will be forthcoming.
+
6:30 to 7pm Dinner (Brown Bag or we will all order pizza) Lab from 7pm to 9pm.
+
 
+
=== No meetings July or August 2009 ===  
+
We will try to put up the sites that we are defending against in the June Lab so that you can have a go at them over the break.
+
 
+
=== September 24, 2009 Sql injection ===
+
We will be using SQL injection to attack using  authentication bypass, database enumeration, adding users through sql injection, Data mining, writing code
+
Teacher TBA
+
We will be using the OWASP Live CD and will have them available.
+
Must have laptop with CD player. 
+
Meeting will be at Staples:  One Environmental Way, Broomfield, Co. 80021
+
Brown bag or we can order pizza when everyone gets there.
+
6pm to 7pm dinner and Lab from 7pm to 8:30
+
Drinks at Gordon Biersch after the lab.  Topics up for discussion (TBA).
+
 
+
=== October, 22, 2009 Defense against sql injection – how to sanitize user input ===
+
Teacher TBA
+
We will be using the OWASP Live CD and will have them available.
+
Must have laptop with CD player. 
+
Meeting will be at Staples:  One Environmental Way, Broomfield, Co. 80021
+
Brown bag or we can order pizza when everyone gets there.
+
6pm to 7pm dinner and Lab from 7pm to 8:30
+
Drinks at Gordon Biersch after the lab.  Topics up for discussion (TBA).
+
 
+
=== November, 19, 2009 This Lab will put into action the SQL injection attack and the defense.  ===
+
We will be using the attacks from the September meeting and then defending against them.
+
We will be using the OWASP Live CD and will have them available.
+
Must have laptop with CD player. 
+
Meeting will be at Staples:  One Environmental Way, Broomfield, Co. 80021
+
Brown bag or we can order pizza when everyone gets there.
+
6pm to 7pm dinner and Lab from 7pm to 8:30
+
Drinks at Gordon Biersch after the lab.  Topics up for discussion (TBA).
+
  
  
 
=== December  - Date TBA  “Capture the Holiday flag” ===
 
=== December  - Date TBA  “Capture the Holiday flag” ===
 
We are planning on reserving space at a restaurant.  What better way to Capture the Flag than over a couple of beers?
 
We are planning on reserving space at a restaurant.  What better way to Capture the Flag than over a couple of beers?

Revision as of 17:09, 22 September 2009

Contents

OWASP Boulder

Welcome to the Boulder chapter homepage. The chapter leaders are Kathy Thaxton, Jeremy Martinez, and Andrew Riesel
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

funds to OWASP earmarked for Boulder.

Next Meeting of the Boulder OWASP will be September 24, 2009 at Staples in Broomfield.


NEXT MEETING SEPTEMBER 24TH. SEE AGENDA BELOW

Directions to Staples:

Staples: One Environmental Way, Broomfield, Co. 80021

Agenda

  • 7pm to 8:30 pm Cross-site scripting lab

Sponsor: Nope, no sponsor. It'a your chapter, BYO dinner and/or order pizza at 6'ish

Speaker: tbd

Logistics

Please bring a wifi equipped laptop. We recommend the OWASP LiveCD. Go ahead and download it and familiarize yourself with it ahead of time, if you're so inclined.


Following the meeting we will have informal discussions over beverages at the Gordon Biersch Brewery and Restaurant.



October and November 2009 Meetings will be joint with the Denver OWASP at a downtown location TBA

===Unfortunately we are going to have to cancel this months (September 2009) meeting. Our sponsor presenter was unable to make it out here at the last minute due to some budgeting constraints.

David Campbell (Denver OWASP) and I will be holding joint meetings for October and November at a downtown location in order to make it convenient for all of our members. We will be focusing on Cloud Security for the rest of the year as this has become a hot topic and pertinent to 2010 planning for many.===


December - Date TBA “Capture the Holiday flag”

We are planning on reserving space at a restaurant. What better way to Capture the Flag than over a couple of beers?