Jump to: navigation, search

OWASP Guadalajara

Welcome to the Guadalajara chapter homepage. The chapter leaders are Manuel Lopez and Eduardo Cerna.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Local News

General Information of OWASP Membership and benefits as well as the Local Chapter offer is here: Media:OWASP_Guadalajara_InfoGral.pptx

Flyer: Media:Membership Flyer Template_Guadalajara.pptx

Meeting Location

Everyone is welcome to join us at our chapter meetings.

OWASP Guadalajara Newsletter

OWASP Guadalajara Monthly Newsletter - Jul2012


OWASP Guadalajara Monthly Newsletter - May2012


OWASP Guadalajara Monthly Newsletter - April 2012

Please find the Monthly Bulleting of the OWASP Guadalajara. Please send us your comments and suggestions.


Conferences, Meetings and Workshops

OWASP Guadalajara - 4th Chapter Meeting 2012

Location: Intel Guadalajara

GoTo Meeting: 1. Please join my meeting.

2. Use your microphone and speakers (VoIP) - a headset is recommended. Or, call in using your telephone. Mexico (toll-free): 01 800 925 0372

Access Code: 169-468-398 Audio PIN: Shown after joining the meeting

Meeting ID: 169-468-398

Address: Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.

Meeting Schedule: Tuesday, December 4th, 2012. From 18:00 to 19:30.


OWASP Updates

Manuel Lopez and Eduardo Cerna - OWASP Guadalajara

How to secure .NET Web Applications

Raul Villavicencio Hoyos—Sr Analyst - Apps Prog .NET—Bank of America

Objective: Present to IT Developers the .NET Framework built in features to protect .NET Web Applications and take advantage of them to avoid the most common attacks,

BIO: Raul Villavicencio is a Developer/hands on Software Development Life Cycle based in Guadalajara Jalisco. His career span over 6 years including BA Continnum Mexico, Softtek, Jatco Mexico, Nissan Mexicana, Intramart and as Independent Consultant, Education includes Bachelor in Computational Systems Engineering from Universidad Autonoma de Aguascalientes, Microsoft Technology Specialist/Microsoft Professional Developer on ASP.NET 3.5.

PenTest con Herramientas Open Source

Santiago Monterrosas—Security Engineer at MCM Telecom

Duramte Julio-Septiembre del presente año se realizo un proyecto de pentesting para un firma de viajes que opera en México y algunos países extranjeros principalmente EU y Europa, la firma se dedica al turismo y vende reservaciones de hotel, avión, transportación, a personas y grupos, vía Internet. Para realizar los hallazgos en esta fase se acudio a herramientas tradicionales de hacking y para realizar ataques a los objetivos con direcciones IP Públicas se utilizo principalmente backtrack 5. En los ataques se utilzarón dos enfoques, uno basado en la métodología propuesta por Stutard Dafydd y Pinto, Marcus y otro en el enfoque de aplicar tantas herramientas como hallazgos se realicen pero siguiendo el top 10 de OWASP.

Festival de Software Libre 2012

Location: Hotel Holiday Inn, Puerto Vallarta, Jalisco, Mexico

Meeting Schedule: November 1st to November 3rd

OWASP Guadalajara - 3rd Chapter Meeting 2012

Location: Tata Consultancy Services Guadalajara: Auditorium TCS - 2nd. Floor. Av . Camino al Iteso # 8900 int C3 Colonia Pinar de la Calma Tlaquepaque, Jalisco México

Meeting Schedule: Monday September 17th at 17:00-19:30hrs

Material Reviewed


Pictures of the Event


Software Guru Conference and Expo

Location: Centro de Convenciones Los Candiles Polanco, Mexico City

Meeting Schedule: Thursday, June 21st, 2012. From 9:00 to 10:00.


OWASP Guadalajara was invited by Software Guru magazine to participate in one of the most important events for developers in Mexico "Software Guru Conference and Expo 2012". We participated by presenting the topic "OWASP Top 10 Web Application Vulnerabilities". It was a great opportunity to meet with developers and professionals from the IT industry in Mexico but most important, to continue spreading the OWASP word and objective among developers, making them aware about the main risks and vulnerabilities that can be found on web applications as well as the main countermeasures that can prevent those vulnerabilities of being presented on their Web Apps.

We also had the opportunity to talk about the ESAPI and AppSensor OWASP projects and the benefits to implement them; moreover, we discussed about the various OWASP cheat sheets and OWASP Development guides. The audience was very interested and the time was not enough to continue talking about these topics. At the end, they were satissfied with the information provided and the links where they can find all resources needed to build secure applications. The raing of our speech was rated with 4.25/5; being 5 the highest grade!

We are looking forward to continue working with Software Guru!

Material Reviewed


Pictures of the Event

166015 486522481361507 19875902 n.jpg
528089 486104368069985 1226805377 n.jpg

OWASP Guadalajara - 2nd Chapter Meeting 2012

Location: Intel Guadalajara

Address: Anillo Periferico Sur No. 7980 Edif. 4 E, Santa Maria Tequepexpan 44680 Guadalajara, Jalisco. Infront of “Centro Sur” within “Parque Industrial Intermex”.

Meeting Schedule: Wednesday, June 20th, 2012. From 18:30 to 20:00.

Speakers Background

Jaime Olmos de la Cruz—IPv6 Task Force Mexico IPv6 Task Force Mexico is by definition a National community integrated by engineers, network designers, operators, ISPs, investigators, students and volunteers motivated to archive a common goal, the development and deploy of networks aware of IPv6 protocol.

Somen Das— Cross-Site Request Forgery Application Security Analyst for Tata Consultancy Services Ltd. Specialized in Static & Dynamic application vulnerability assessment techniques, main focus is spreading awareness on secure application development and related guidelines across industry verticals. Local Chapter Leader - OWASP Bhubaneswar (India).

Eduardo Cerna Meza— Developing Secure Source Code (First Part) Information Security Engineer at Bank of America. Eduardo has over 15 years of experience in IT Management, Network Security and Operations. Core knowledge and skill areas include: Application Security, Vulnerability scanning, Intrusion Detection and Penetration Testing. (Black-Box, Grey-Box, White-Box).



Material Reviewed

Media:OWASP Guadalajara_Jun20th_2012.pdf

Pictures of the Event

La foto 1.JPG
La foto 2.JPG
La foto 3.JPG
La foto 4.JPG

OWASP Guadalajara - Workshop at the DIVEC FEST 2012

Location: Faculty of Engineering of the University of Guadalajara

Address: Av. Revolución #1500 entre calle Corregidora y Calzada Olímpica. Tlaquepaque, Jalisco.

Meeting Schedule: Tuesday, March 20th, 2012. From 16:00 to 19:00.

Topic: OWASP - Application Security

Description: We will review two of the most common Web Application Attacks and Countermeasures for SQL Injection and Cross-Site Scripting (XSS) by using PAROS and WebGoat.

It was a great experience sharing this time with the students from the Faculty of Engineering of "Universidad de Guadalajara". We had the opportunity to teach the main concepts of SQL injection and Cross-Site Scripting. In addition, they had the chance to practice these concepts by using WebGoat and Paros in conjuction with the OWASP Cheat Sheets.

They showed interest at all time and we had a successfull session. All of them were really excited to know new techniques on Application Security. Be aware of our next event that will be held on April. We will keep you posted!

Here we have some pictures of the event.


Material Reviewed During the Session


OWASP Guadalajara - 1st Chapter Meeting 2012

Location: American Society of Jalisco

Address: Avenida San Francisco 3332, Col Chapalita, Guadalajara, Jalisco.

Meeting Schedule: Friday, March 2nd, 2012. From 19:30 to 21:00.

Topic: Anatomy of the Most Recent atacks from Anonymous and Contermeasures.

Description: Studying and anlyzing the most recent atacks performed by Anonymous. Theorical and practical session to identify risks and potential countermeasures on Web Applications.


Media:OWASP Guadalajara Chapter Meeting - Mar 2nd 2012.pdf

Material Reviewed During the Session

As mentioned during the meeting, we will encourage you to bring your laptops in order to give each of you the opportunity to perform and to practice the excercises as well as to clarify all technical questions you may have.