OWASP Khartoum, Sudan
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member?
- Upcoming Events
- Record Hall of Meetings
- Presentation Archives
- OWASP Khartoum Chapter Leaders
- Sponsorship Opportunities
- Local News
OWASP Khartoum Open Session - Cross-Site Request Forgery
When: January 12 th from 6:00PM - 9:00pm
Who: Abdullah Ulber
Abdullah Ulber works at Banan IT as a senior software architect, web developer and education manager. He looks back to more than ten years of professional software development, specialising in web applications based on ASP.NET MVC, HTML5 and Silverlight. He is a keen follower of all trends in the web world and enjoys passing on his knowledge in captivating presentations and courses.
Outside his work, he is an organising member of the OWASP local chapter in Khartoum.
Before his move to Sudan, Abdullah was the co-organiser of the Swiss Olympiad in Informatics and the team leader of the Swiss delegation to the International Olympiads in Informatics from 1998 to 2005.
He holds a master’s degree in computer science from ETH Zurich.
Topic: Cross-Site Request Forgery.
Abstract: Cross-Site Request Forgery (CSRF) hides in the shadow of two more well-known web vulnerabilities: Cross-site scripting and SQL injection. Despite its occlusion, statistics clearly show that CSRF attacks are on the increase. The leading secure cloud hosting company Firehost rated CSRF as the most frequent attack in 2011 and the second most frequent attack in the third quarter of 2012. Termed “the sleeping giant” back in 2007, the giant has definitely woken up.
CSRF attacks are remarkably easy to mount and their potential impact is limited only by the targeted site itself. All the major web sites like Gmail, Amazon and Facebook had their brush with CSRF in the past. CSRF is a clear and present threat that is better taken seriously.
This OWASP session raises awareness of the threat, explains its workings, and leads the audience through the gamut of available protections, both client and server side. Attendees will leave equipped with the necessary knowledge to protect their web applications as well as themselves against this underestimated attack.
Location: Sudan University of Science and Technology
Future Speakers and Events
February, 2013 Introduction to Computer Forensics Presentation
April, 2013 ISO 27001 Session
August, 2013 Servers Hardening Session
Previous OWASP Khartoum Conferences and Meetings
June,30 2012 meeting was an introduction to OWASP Top 10: A1: SQL injections manually and using automated tools. Presented by Ali Hussein and Mohammed Osman
July,14 2012 meeting was about OWASP Top 10: A2: Cross Site Scripting (XSS). Presented by Ayman Babiker
Aug,11 2012 meeting was about OWASP Top 10: A3: Broken Authentication and Session Management and A4: Insecure Direct Object References. Presented by Obay Osman
Sep,1 2012 meeting was about OWASP Top 10: A5: Cross Site Request Forgery (CSRF). Presented by Obay Osman
Sep,22 2012 meeting was about OWASP Top 10: A6: Security Misconfiguration. Presented by Ali Hussein
Dec,04 2012 meeting was about OWASP Top 10: A7+A8: Insecure Cryptographic Storage + Failure to Restrict URL Access. Presented by Mohammed Abdullah and Mohammed Al-Tayar
Dec,22 2012 meeting was about OWASP Top 10: A9: Insufficient Transport Layer Protection. Presented by Asim Jaweesh and Ali Hussein
JAN,14 2013 First Session about OWASP Top 10: A5: Cross-Site Request Forgery . Presented by Abdullah Ulber.
check our slideshare files at 
If a link is available, click for more details on directions, speakers, etc. You can also review Email Archives to see what folks have been talking about
How to add a new Khartoum article
You can follow the instructions to make a new Khartoum article. Please use the appropriate structure and follow the Tutorial. Be sure to paste the following at the end of your article to make it show up in the Khartoum category: