Events Related: Third SHB Workshop – schneier.com This is a two-day gathering of computer security researchers, psychologists, behavioral economists, sociologists, philosophers, and others. HiTB News HiTB  organizes conferences for a while in Dubaï and Kuala Lumpur but this is the first time that an event is held in Europe and not too far from Belgium. [...]

Events Related: Security BSides Las Vegas announcements – uncommonsensesecurity.com The first few talks confirmed are great and there are plenty more killer talks to be announced. KartCon2010 – owasp.org RSVP now to the 5th Annual OWASP KartCon 2010! Penetration Testing Summit 2010 – tenablesecurity.com The SANS Penetration Testing Summit was held this year at the [...]

Events Related: Front Range OWASP Conference 2010 – owasp.org The official wiki/site of the FROC 2010  Resources: The History of Hacking – onlinemba.com Hacking has been around as long as computers as a way to reconfigure or reprogram a system to give access to someone who otherwise shouldn’t have access.  Tools: Released Buster Sandbox Analyzer [...]

. Here are the information security events in North America this month: The Twelfth Annual International Techno Security Conference: June 6 – 9 in Myrtle Beach SANSFIRE 2010: June 6 – 14 in Baltimore 22nd Annual Forum of Incident Response and Security Teams (FIRST): June 13 – 18 in Miami SANS WhatWorks in Pen Testing [...]

Tools: Tunneling data via VoIP – highdatasecurity.com OWASP Software Assurance Maturity Model HP SWFScan Other News: Washington D.C. Restaurants Become Credit Card Cloning Hot Spots – wired.com

SQLiBENCH is an OWASP SoC 2008 project to benchmark automatic sql injectors related to dumping databases. There’re a bunch of and great open source tools (takeover/dumpers/hybrid) for taking advantage of an sql injection vulnerability both used by web application security specialists and attackers. Techniques used, databases supported, algorithms employed and abilities implemented by these "sql [...]

Version 3 of the OWASP testing guide is now available! This project’s goal is to create a "best practices" web application penetration testing framework which users can implement in their own organizations and a "low level" web application penetration testing guide that describes how to find certain issues. Thanks to all that put in the [...]

For those that weren’t able to attend the OWASP NYC Appsec 2008 Conference, the video from all the presentations are now online! Intro OWASP 3.0 – Who We Are And How We Got Here by The OWASP Foundation Track 1 Analysis Of The Web Hacking Incident Database by Ofer Shezaf HTTP Bot Research by Steven [...]

This year we weren’t able to attend the annual OWASP AppSec conference. But Josh from the Web Admin Blog attended and did an amazing job at live blogging the event. Here are links to his various posts from the conference: Day 1 Keynote – OWASP AppSec NYC 2008 Web Application Security Roadmap OWASP Google Hacking [...]

A few days ago, OWASP Israel held a full day, two track conference. The presentations are now available to download on the OWASP Israel 2008 Conference page, and many of them sound interesting. Management Track Web Application Security and Search Engines – Beyond Google Hacking by Amichai Shulman Trends in Web Hacking: What’s Hot in [...]