Revision as of 06:11, 11 August 2010 by Sdeleersnyder (talk | contribs)

Jump to: navigation, search

OWASP Sydney

Welcome to the Sydney chapter homepage. The chapter leaders are Paul Theriault, Jean-Paul, Chris Gatford
Click here to join the local chapter mailing list.


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

Next Meeting

Date: Tuesday, 20rd April 2010

Location: PricewaterhouseCoopers, Level 15, 201 Sussex St, Sydney, NSW 2000


  • Lightning Talks!

Please submit your proposals for lightning talks to one of the chapter leaders.

Presentation Rules: Duration: 10 minutes or less.

Subject: Anything as long as it’s interesting (and probably webappsec related)

Experience: No previous presentation experience required

Attitude: Have fun! Grumpy bastards not allowed

Get your proposals in quick - speakers will be announced soon.


6:00 - 6:20 Peer-to-Peer Networking with Refreshments

6:20 - 6:30 Sydney Chapter News

6:30 - 7:30 Presentations
Please RSVP to

Previous Meetings

Date: Tuesday, 23rd March 2010

Location:Stratsec, Lvl 6, 62 Pitt St, Sydney .

  • PDF Hacking - Paul Theriault (Link TBA)
    The plan is to run an informal workshop style presentation with the following objectives:
    1. Provide an introduction to PDF format, scripting capabilities and other “features” you wouldn’t expect to see in a document format
    2. Learn some basic tools & techniques for analyzing malicious PDF files, for great justice
    3. Learn some basic tools & techniques for creating malicious PDF files, for great science
    4. Look at the security implications of PDFs and what can be done in an enterprise environment to reduce these risks (uninstall Reader?)
  • Incident Case Study - Charles Carmakal (Link TBA)
    Review of the security breach landscape in the US and go through an interesting case study. It involved organised criminals from eastern Europe, over $100M of losses, and incredible sophistication. The initial point of entry for this breach was the web - SQL injection, linked databases, privilege escalation, development/deployment of custom malware.