Week 13 in Review – 2009

Published: March 30th, 2009 | Category: Security Tools, Security Vulnerabilities | (0) Comments

Tools:

Tunneling data via VoIP – highdatasecurity.com
OWASP Software Assurance Maturity Model
HP SWFScan

Other News:

Washington D.C. Restaurants Become Credit Card Cloning Hot Spots – wired.com

SQLiBENCH

Published: January 15th, 2009 | Category: Security Tools | (0) Comments

SQLiBENCH is an OWASP SoC 2008 project to benchmark automatic sql injectors related to dumping databases.
There’re a bunch of and great open source tools (takeover/dumpers/hybrid) for taking advantage of an sql injection vulnerability both used by web application security specialists and attackers. Techniques used, databases supported, algorithms employed and abilities implemented by these "sql injectors" [...]

OWASP Testing Guide Version 3

Published: December 23rd, 2008 | Category: Security Tools | (0) Comments

Version 3 of the OWASP testing guide is now available!
This project’s goal is to create a "best practices" web application penetration testing framework which users can implement in their own organizations and a "low level" web application penetration testing guide that describes how to find certain issues.

Thanks to all that put in the work [...]

OWASP NYC AppSec 2008 Video

Published: October 12th, 2008 | Category: Security Conferences | (1) Comment

For those that weren’t able to attend the OWASP NYC Appsec 2008 Conference, the video from all the presentations are now online!
Intro

OWASP 3.0 – Who We Are And How We Got Here by The OWASP Foundation

Track 1

Analysis Of The Web Hacking Incident Database by Ofer Shezaf
HTTP Bot Research by Steven Adair
Get Rich Or Die Trying [...]

OWASP NYC AppSec 2008

Published: October 11th, 2008 | Category: Security Conferences | (0) Comments

This year we weren’t able to attend the annual OWASP AppSec conference. But Josh from the Web Admin Blog attended and did an amazing job at live blogging the event. Here are links to his various posts from the conference:

Day 1 Keynote – OWASP AppSec NYC 2008
Web Application Security Roadmap
OWASP Google Hacking Project [...]

OWASP Israel Conference Presentations

Published: September 22nd, 2008 | Category: Security Conferences | (0) Comments

A few days ago, OWASP Israel held a full day, two track conference. The presentations are now available to download on the OWASP Israel 2008 Conference page, and many of them sound interesting.
Management Track

Web Application Security and Search Engines – Beyond Google Hacking by Amichai Shulman
Trends in Web Hacking: What’s Hot in 2008 [...]

Profiting From Business Logic Flaws

Published: August 8th, 2008 | Category: Security Conferences | (0) Comments

Yesterday Jeremiah Grossman and Trey Ford from WhiteHat Security gave a very interesting and fun presentation called ‘Get Rich or Die Trying – Making Money on The Web, The Black Hat Way‘. They went over several real world examples of business logic flaws, and in some cases profited (a lot) from those flaws.
The Get [...]

Vendor Parties @ Black Hat USA

Published: August 6th, 2008 | Category: Parties | (0) Comments

Vendor parties during Black Hat USA is always interesting, because the conference is in Las Vegas. Here is a list of vendors that I know of that are throwing parties this year at Black Hat USA 2008.
Tuesday, August 5th

Qualys
Fortify

Wednesday, August 6th

Arbor Networks
MANDIANT
WASC / OWASP

Thursday, August 7th

Accuvant
Core Security
iSEC Partners
Microsoft

Saturday, August 9th

IOActive / StillSecure

Know of any [...]

Chicago Security Community

Published: July 7th, 2008 | Category: Local Meetings | (4) Comments

This post is part of the information security communities project.
Hey everyone!
My Name is Steven McGrath, and as a security professional local to the Chicago area, I thought it would be best to share a list of events that I am familiar with in the area:

Chicago 2600 – Chicago 2600 is an informal gathering of [...]

Boston Security Community

Published: July 2nd, 2008 | Category: Local Meetings | (4) Comments

This post is part of the information security communities project, and was guest blogged by Stacy Thayer, the founder and executive director of SOURCE Conference.
The East Coast is home to some of the world’s leading computer security professionals. The computer security industry has been active for many years and is now experiencing rapid growth. [...]

Infosec Events. Copyright 2010. All Rights Reserved.
Home - Calendar - Communities - Training - Archives - Contact