Difference between revisions of "Brisbane"

From OWASP
Jump to: navigation, search
(17 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Brisbane|extra=The chapter leader are [mailto:anne.luk@owasp.org Anne Luk], [mailto:wade@bindshell.net Wade Alcorn], and [mailto:glyng@owasp.org Glyn Geoghagen]||mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-brisbane|emailarchives=http://lists.owasp.org/pipermail/owasp-brisbane}}  
+
{{Chapter Template|chaptername=Brisbane|extra=The chapter leaders are [mailto:anne.luk@owasp.org Anne Luk], [mailto:wade@bindshell.net Wade Alcorn], [mailto:glyng@owasp.org Glyn Geoghegan] and [mailto:djorm@redhat.com David Jorm]||mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-brisbane|emailarchives=http://lists.owasp.org/pipermail/owasp-brisbane}}  
 +
<paypal>Brisbane</paypal>
  
==== Local News  ====
+
== Local News  ==
 +
==== Presenters and Presentations ====
 +
We are forever looking for volunteers to present at the chapter meetings, so if you've seen something interesting or you have something to say, please let us know.
  
In May's OWASP Brisbane Chapter meeting, Matthew de Carteret will present a session titled "Ghost in the Shell(code)" .
+
Often, when we approach potential presenters, we tend to get the following response – “I don’t think my topic is interesting enough”.  We just want to stress that as long as the topic is security related – we’re all ears!  We’re just a bunch of nice people wanting to learn/share our knowledge of the security domain.  So if you would like to present or know of someone that does, please contact us.
  
<br>
+
Presentations must be vendor agnostic (no selling of products or services), and please review the Speaker Agreement linked above.
  
Shellcode is the crux of any exploit being run today. It dictates what the exploit aims to gain from its use — without shellcode the exploit does nothing. Understanding what shellcode does can be a major step in the incident handling process. Shellcode can do anything you can imagine code could do. Not every shellcode used in an exploit downloads malware or spawns a shell.
+
== Chapter Meetings  ==
  
Times have changed and the targets have updated their protection. Shellcode today could be a straight forward API call to download a file and execute it or it could be code to just disable/create a firewall rule on your windows server.
+
'''Next Brisbane Chapter Meeting - October 09, 2012'''
  
Catching an exploit is a great step in understanding the purpose of an attack. Extracting and reviewing the shellcode will allow you to streamline your incident handlers to collect malware and focus their reviews on particular services or applications.
+
In October's OWASP Brisbane Chapter meeting, Peter Mosmans will present a session titled "Failing it Right?".
  
This talk will demonstrate methods on captured exploits for extracting shellcode and understanding its purpose.
+
"Over the years I was fortunate enough to work for interesting, mainly European clients. My stories as pentester and security officer are not all stories of success. On the contrary, a lot of things have gone wrong. A big lot of things, and a lot of wrong. For me, legal disclaimers are worth their weight in gold.
  
Matt is a Senior Threat Analysis escalation engineer located in the Brisbane SOC. He is working on getting his SANS GIAC Reverse Engineering Malware certification (and hopes to have this cert prior to presenting ). Working in the SOC gives Matt a great perspective on active exploitation in the wild and the techniques used by malware authors and pentesters. Matt has a considerable employment history including deployment, pentesting and network administration.
+
I would like to share these failures as pentester with you - because there are already so many people who are successful."
  
+
Bio:
<br>
+
Peter Mosmans started out as builder working for various financial institutions as software engineer in the nineties. From 2000 onwards he began focusing on defending servers and web applications as a network and systems engineer.
<br>
+
Venue: <b>CERT Australia Offices, Level 11, 301 Coronation Drive, Milton.</b>
+
 
+
Time: <b>5:30pm (Pizza) for a 6pm start. Lifts will be locked at 6pm, so please arrive before then!  </b>
+
 
+
Date: <b>Tuesday 3rd May </b>
+
 
+
Close: Session is expected to be completed by 7:30pm.
+
 
+
There will be a social gathering at the local pub afterwards. Everyone is welcome to attend!
+
 
+
RSVP: <b>Online at http://owasp-brisbane.eventbrite.com</b>
+
 
+
<br>
+
<br>
+
 
+
 
+
<paypal>Brisbane</paypal>
+
  
==== Chapter Meetings ====
+
The last decade was spent trying to break the security of web apps of various companies around the world - of course when asked to do so.
  
<b>May 2011 Brisbane Chapter Meeting - Tuesday 3 May</b>
+
Originally from The Netherlands, he moved to beautiful sunny Australia in 2011.
  
Venue: <b>CERT Australia Offices, Level 11, 301 Coronation Drive, Milton.</b>
 
  
Time: <b>5:30pm (Pizza) for a 6pm start.  Lifts will be locked at 6pm, so please arrive before then!  </b>
+
''Venue'': Red Hat, Level 1, 193 North Quay, Brisbane.
  
Close: Session is expected to be completed by 7:30pm.
+
''Time'': 5:30pm for a 6pm start. '''Access to the building will be restricted after 6pm. Please arrive before then!'''
  
There will be a social gathering at the local pub afterwards.  Everyone is welcome to attend!
+
''Close'': Session is expected to be completed by 7:30pm.
  
RSVP: <b>Online at http://owasp-brisbane.eventbrite.com</b>
+
''RSVP'': Online at http://owasp-brisbane.eventbrite.com
  
<br>
+
There will be a social gathering at a local hostelry afterwards. Everyone is welcome to attend!
<br>
+
  
  
 +
Note:  We're going to aim for quarterly meetings to suit the availability of speakers and our busy schedules.  Watch this space and the mailing list for details of the next meeting!
  
 
==== Brisbane OWASP Chapter Leaders  ====
 
==== Brisbane OWASP Chapter Leaders  ====
  
The chapter leader is [mailto:anne.luk@owasp.org Anne Luk], [mailto:wade@bindshell.net Wade Alcorn], and [mailto:owasp@moiler.com Glyn Geoghagen] __NOTOC__ <headertabs />  
+
The chapter leaders are [mailto:anne.luk@owasp.org Anne Luk], [mailto:wade@bindshell.net Wade Alcorn], [mailto:glyng@owasp.org Glyn Geoghegan] and [mailto:djorm@redhat.com David Jorm] __NOTOC__ <headertabs />
  
 
[[Category:Australia]]
 
[[Category:Australia]]

Revision as of 05:29, 18 September 2012

OWASP Brisbane

Welcome to the Brisbane chapter homepage. The chapter leaders are Anne Luk, Wade Alcorn, Glyn Geoghegan and David Jorm
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

funds to OWASP earmarked for Brisbane.

Local News

Presenters and Presentations

We are forever looking for volunteers to present at the chapter meetings, so if you've seen something interesting or you have something to say, please let us know.

Often, when we approach potential presenters, we tend to get the following response – “I don’t think my topic is interesting enough”. We just want to stress that as long as the topic is security related – we’re all ears! We’re just a bunch of nice people wanting to learn/share our knowledge of the security domain. So if you would like to present or know of someone that does, please contact us.

Presentations must be vendor agnostic (no selling of products or services), and please review the Speaker Agreement linked above.

Chapter Meetings

Next Brisbane Chapter Meeting - October 09, 2012

In October's OWASP Brisbane Chapter meeting, Peter Mosmans will present a session titled "Failing it Right?".

"Over the years I was fortunate enough to work for interesting, mainly European clients. My stories as pentester and security officer are not all stories of success. On the contrary, a lot of things have gone wrong. A big lot of things, and a lot of wrong. For me, legal disclaimers are worth their weight in gold.

I would like to share these failures as pentester with you - because there are already so many people who are successful."

Bio: Peter Mosmans started out as builder working for various financial institutions as software engineer in the nineties. From 2000 onwards he began focusing on defending servers and web applications as a network and systems engineer.

The last decade was spent trying to break the security of web apps of various companies around the world - of course when asked to do so.

Originally from The Netherlands, he moved to beautiful sunny Australia in 2011.


Venue: Red Hat, Level 1, 193 North Quay, Brisbane.

Time: 5:30pm for a 6pm start. Access to the building will be restricted after 6pm. Please arrive before then!

Close: Session is expected to be completed by 7:30pm.

RSVP: Online at http://owasp-brisbane.eventbrite.com

There will be a social gathering at a local hostelry afterwards. Everyone is welcome to attend!


Note: We're going to aim for quarterly meetings to suit the availability of speakers and our busy schedules. Watch this space and the mailing list for details of the next meeting!

Brisbane OWASP Chapter Leaders

The chapter leaders are Anne Luk, Wade Alcorn, Glyn Geoghegan and David Jorm