This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Revision as of 09:48, 30 October 2009 by Dale Castle (talk | contribs) (Chapter Meetings)

Jump to: navigation, search

OWASP Charlottesville Local Chapter

Welcome to the local Charlottesville chapter homepage. The chapter leader is Dale Castle


Local OWASP Chapter meetings are FREE and OPEN to anyone interested in learning more about application security.
We encourage individuals to provide knowledge transfer via hands-on training and presentations of specific OWASP projects and research topics and sharing SDLC knowledge.
We encourage vendor-agnostic presentations to utilize the OWASP Powerpoint template when applicable and individual volunteerism to enable perpetual growth.
As a 501(3)c non-profit association donations of meeting space or refreshments sponsorship is encouraged, simply contact the local chapter leaders listed on this page to discuss.
Prior to participating with OWASP please review the Chapter Rules.

Click here to join local chapter mailing list

Local News

We are currently enlisting members.

Please Click here to join

Chapter Meetings

Meeting Location: Not yet decided. Offers are Welcome.

Everyone is welcome to join us at our chapter meetings.

Charlottesville OWASP Chapter Leaders

The chapter leader is Dale Castle

Chapter Meetings

DATE: Thursday, November 22, 2009. 4:00pm Eastern Daylight Time
LOCATION: room 265 at 2400 Old Ivy Road, Charlottesville, VA 22903
TOPIC: "Cross-Site Scripting Anonymous Browsers"
SPEAKER: Matthew Flick
DESCRIPTION: Matthew Flick will give an encore of his talk on the Cross-Site Scripting Anonymous Browsers (XAB) that he has previously presented at Black Hat and at Defcon. Time permitting, we will then move to the lab in room 136 to do hands on Cross-Site Scripting exercises.

XAB - The Abstract:
Earlier this year, the Cross-site Scripting Anonymous Browser (“XAB”) was presented at Black Hat DC as a new perspective on how we could extend the functionality of browser technologies, form dynamic botnets for browsing, and create an unpronounceable acronym all at once. We continued the madness with a second incarnation of the XAB framework at Defcon in August.

XAB hasn't really revolutionized attacks or defenses in it's short lifespan, nor is it great at factoring primes. However, it has opened minds by demonstrating an interesting way to combine unlike ideas and creating a new animal all of it's own. Think of it as forced social networking, without ever really knowing who you're talking to, or what they're saying.

During this presentation, we will explain the origins of the concept, provide a brief review of the technologies, pour over the trials and tribulations of the enhancements and additions of the past 6 months, provide a live demonstration of the improvements, and continue the conversation about the future of the framework.

About our speaker: Matthew Flick, Principal FYRM Associates

Matt has more than seven years of professional experience in information assurance focusing in network and application security, assessments, and compliance. He has assessed and helped develop information assurance programs for commercial clients in several industries as well as several Federal agencies.

Matt leads the Information Assurance team at FYRM Associates in delivering consulting services in the areas of application security, assessments, network and wireless security, and security program development. He has performed assessments of many in-house and commercial/third party developed applications, wired and wireless network infrastructures, and complex corporate environments. His primary area of expertise is in application security, which drives much of the focus of FYRM's Information Assurance research and development.

Matt’s other areas of expertise include computer programming, cryptology, and compliance with Federal standards and regulatory compliance, such as FISMA, HIPAA, Sarbanes-Oxley, and PCI-DSS

DATE: Thursday, October 22, 2009. 4:00pm Eastern Daylight Time
LOCATION: rooms 134 & 136 at 2400 Old Ivy Road, Charlottesville, VA 22903
TOPIC: "Kickoff meeting for OWASP-Charlottesville"
SPEAKER: Jeff Williams, OWASP Foundation Chair, CEO of Aspect Security and a Computer Science graduate from the University of Virginia.

INSTRUCTIONS: RSVP to with “OWASP Charlottesville RSVP” in the subject.

DESCRIPTION: We're pleased to invite you to our first OWASP Charlottesville Chapter meeting. We will be hosting a hands on session using the tools on the OWASP LiveCD to exploit actual vulnerabilities in a web application followed by a Chapter kickoff presentation by the OWASP Chair. The hands on session will begin in rooms 136 and 134 at 4pm. At 5pm, we will move to room 189 for refreshments and a Chapter kickoff presentation. Anyone interested in web application security is invited to attend. Please RSVP so we have enough food, drink and free stuff to give away.

Everyone is welcome to join us at our chapter meetings.