Difference between revisions of "Manchester"

From OWASP
Jump to: navigation, search
(23 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
{{Chapter Template|chaptername=Manchester|extra=
 
{{Chapter Template|chaptername=Manchester|extra=
  
This is a new chapter, having grown out of the successful [[Leeds_UK]] chapter.
+
This [[UK]] chapter was started last year (2011), having grown out of the successful [[Leeds_UK]] chapter.
  
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Manchester|emailarchives=http://lists.owasp.org/pipermail/owasp-Manchester}}
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-Manchester|emailarchives=http://lists.owasp.org/pipermail/owasp-Manchester}}
Line 7: Line 7:
 
= Next Meeting  =
 
= Next Meeting  =
  
'''Date:''' Wednesday November 16th in Manchester
+
'''Date:''' September 11th
  
'''Location:''' KPMG, St James Square, M2 6DS
+
'''Location:''' PwC
  
'''Registration:''' '''[http://www.eventbrite.com/event/2460447264 Eventbrite]'''
+
'''Registration:''' Via [http://www.eventbrite.com/event/4091812722 Eventbrite]
  
'''Schedule:'''  Doors open at 18:45, talks start at 19:00 prompt - please make sure you are there on time.
+
Schedule: Doors open at 18:00, talks start at 18:30 prompt - please make sure you are there on time.  
  
 +
And please let us know if you book tickets but then cant make it. In the past we have had people who couldnt book on and then had empty seats on the night.
  
'''Talk: Policy is the best honesty'''
 
  
Technology is rapidly emerging and maturing to enable connectivity and interoperability of a panoply of devices. The right investment relies on addressing workable, realistic policies first.
+
'''Talk: CVE-2012-2122 - MySQL authentication bypass and code analysis'''
Daniel will tell you about what NCC members are doing to allow staff to 'BYOD' and build pragmatic iPolicies.
+
  
'''Speaker: Dr Daniel Dresner, Head of Information Assurance Practice, [http://www.ncc.co.uk/ National Computing Centre]'''
+
'''Speaker: Campbell Murray - A UK pen tester & community contributor. Tech Director of Encription Limited, Director and member of the Technical Panel for Tigerscheme'''
  
 +
Campbell will give a proper tekky talk on CVE-2012-2122, more readily known as the MySQL authentication bypass and code analysis.
  
'''Talk: Non-alphanumeric code in JavaScript and PHP'''
 
  
Understanding how to create non-alpha code leads to a deeper understanding on how the particular language works.  
+
'''Talk: The OWASP Zed Attack Proxy''' - note this is a change to the previously announced talk.
  
Gareth shall discuss the history of non-alpha JavaScript, the challenges and creativity behind it.
+
'''Speaker: Simon Bennetts - Mozilla Security Team and OWASP ZAP Project Leader'''
  
How can you decode:
+
Simon will explain what ZAP is, how you can use it, recently added features and features planned..  
<pre>
+
$=~[];$={___:++$,$$$$:(![]+"")[$],__$:++$,$_$_:(![]+"")[$],_$_:++$,$_$$:({}+"")[$],$$_$:($[$]+"")
+
[$],_$$:++$,$$$_:(!""+"")[$],$__:++$,$_$:++$,$$__:({}+"")[$],$$_:++$,$$$:++$,$___:++$,$__$:++$};
+
$.$_=($.$_=$+"")[$.$_$]+($._$=$.$_[$.__$])+($.$$=($.$+"")[$.__$])+((!$)+"")[$._$$]+($.__=$.$_[$.$$_])
+
+($.$=(!""+"")[$.__$])+($._=(!""+"")[$._$_])+$.$_[$.$_$]+$.__+$._$+$.$;$.$$=$.$+(!""+"")[$._$$]+
+
$.__+$._+$.$+$.$$;$.$=($.___)[$.$_][$.$_];$.$($.$($.$$+"\""+$.$_$_+(![]+"")[$._$_]+$.$$$_+"\\"+
+
$.__$+$.$$_+$._$_+$.__+"("+$.__$+")"+"\"")())();
+
</pre>
+
Gareth will explain.
+
  
Gareth shall also cover how to create this in PHP and what techniques are involved.
 
  
'''Speaker: Gareth Heyes is an independent security researcher who specializes in browser and JavaScript research. He has authored many free online tools and sandboxes including Hackvertor and JSReg.'''
+
'''Open mic: bring a topic!'''
 +
 
 +
Depending how things go theres an optional session where anyone can stand up and talk (or start a discussion) for up to (say) 5 mins about any security topic they like.
 +
 
 +
You can either put your name forward via the mailing list before hand or just speak up at the meeting.  
 +
 
 +
Its the first time we'll have tried it, so no idea how it will work out, but it sounded like a good idea :)
 +
 
 +
 
 +
 
 +
If you would like to talk at future meetings then please get in touch via the mailing list or one of the chapter leaders.
  
  
Line 50: Line 49:
 
= Upcoming Events  =
 
= Upcoming Events  =
  
November 16th 2011
+
November 2012
  
 
Please get in touch if you would like to speak at a Manchester event - we would be delighted to hear from you.
 
Please get in touch if you would like to speak at a Manchester event - we would be delighted to hear from you.
Line 58: Line 57:
 
= Past Events  =
 
= Past Events  =
  
Although we have yet to have our first meeting as OWASP Manchester, there have already been 2 events held in Manchester as part of the [[Leeds_UK]] chapter:
+
'''2012 Dates'''
 +
 
 +
[[2012_05_30_Manchester|30th May]]
 +
 
 +
[[2012_02_01_Manchester|1st February]]
  
 
'''2011 Dates'''
 
'''2011 Dates'''
  
[[2011_08_24_Manchester|24th August]]
+
[[2011_11_16_Manchester|16th November]]
 +
 
 +
[[2011_08_24_Manchester|24th August]] As part of the Leeds Chapter
  
[https://www.owasp.org/index.php/Leeds_UK 22nd June]
+
[https://www.owasp.org/index.php/Leeds_UK 22nd June] As part of the Leeds Chapter
  
 
'''2010 Dates'''
 
'''2010 Dates'''
  
[[8th_December_Leeds|8th December]]
+
[[8th_December_Leeds|8th December]] As part of the Leeds Chapter
  
 
= Chapter Leaders  =
 
= Chapter Leaders  =
Line 77: Line 82:
 
* [[User:Simon Ward|Simon Ward]]
 
* [[User:Simon Ward|Simon Ward]]
 
* [[User:Andy_Hornsby-Jones|Andy Hornsby-Jones]]
 
* [[User:Andy_Hornsby-Jones|Andy Hornsby-Jones]]
 +
* Ben Fountain
  
 
We are actively seeking more chapter leaders - please get in touch if you would like to become one!
 
We are actively seeking more chapter leaders - please get in touch if you would like to become one!
Line 90: Line 96:
 
* [http://libreplanet.org/wiki/Manchester Manchester Free Software]
 
* [http://libreplanet.org/wiki/Manchester Manchester Free Software]
 
* [http://www.manlug.org/ Manchester Linux Users Group]
 
* [http://www.manlug.org/ Manchester Linux Users Group]
 +
* [http://nuksg.org/ Northern UK Security Group]
 
* [http://nwdc.org.uk/ North West Digital Communities (NWDC)]
 
* [http://nwdc.org.uk/ North West Digital Communities (NWDC)]
 +
* [http://www.meetup.com/North-West-Tester-Gathering North West Tester Gathering]
  
 
Please get in touch with one of the chapter leaders to get your organisation listed here.
 
Please get in touch with one of the chapter leaders to get your organisation listed here.

Revision as of 08:03, 5 September 2012

OWASP Manchester

Welcome to the Manchester chapter homepage. This UK chapter was started last year (2011), having grown out of the successful Leeds_UK chapter.
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

[edit]

Date: September 11th

Location: PwC

Registration: Via Eventbrite

Schedule: Doors open at 18:00, talks start at 18:30 prompt - please make sure you are there on time.

And please let us know if you book tickets but then cant make it. In the past we have had people who couldnt book on and then had empty seats on the night.


Talk: CVE-2012-2122 - MySQL authentication bypass and code analysis

Speaker: Campbell Murray - A UK pen tester & community contributor. Tech Director of Encription Limited, Director and member of the Technical Panel for Tigerscheme

Campbell will give a proper tekky talk on CVE-2012-2122, more readily known as the MySQL authentication bypass and code analysis.


Talk: The OWASP Zed Attack Proxy - note this is a change to the previously announced talk.

Speaker: Simon Bennetts - Mozilla Security Team and OWASP ZAP Project Leader

Simon will explain what ZAP is, how you can use it, recently added features and features planned..


Open mic: bring a topic!

Depending how things go theres an optional session where anyone can stand up and talk (or start a discussion) for up to (say) 5 mins about any security topic they like.

You can either put your name forward via the mailing list before hand or just speak up at the meeting.

Its the first time we'll have tried it, so no idea how it will work out, but it sounded like a good idea :)


If you would like to talk at future meetings then please get in touch via the mailing list or one of the chapter leaders.


Everyone is welcome to join us at our chapter meetings.

November 2012

Please get in touch if you would like to speak at a Manchester event - we would be delighted to hear from you.

Everyone is welcome to join us at our chapter meetings.

2012 Dates

30th May

1st February

2011 Dates

16th November

24th August As part of the Leeds Chapter

22nd June As part of the Leeds Chapter

2010 Dates

8th December As part of the Leeds Chapter

The chapter leaders are:

We are actively seeking more chapter leaders - please get in touch if you would like to become one!


Other related organisations in the Manchester area:

Please get in touch with one of the chapter leaders to get your organisation listed here.

And feel free to use the Manchester mailing list to publicise related events.