As announced at AppSec EU recently. OWASP OWTF has (thank you!): $2000 from Google €5000 from Brucon Instead of taking this to pay myself for working on OWTF in my spare time, I'm giving it away so that others are paid to work on OWTF: There is a contest to apply for this money and …
UPDATE 04/09/2013: Added link to AppSec EU video UPDATE 26/08/2013: Added Plug-n-Hack support link. OWASP AppSec EU 2013 and HackPra AllStars were both a blast this week: I would like to use this opportunity to let you know that: OWASP OWTF is always actively looking for contributors, bug reports / ideas. The slides for the …
A common complaint for OWTF was that the report was "ugly", now it's your turn to change that: This project has a community voting phase, so we need your help to choose the upcoming OWASP OWTF report default style, layout and skin: OWASP OWTF - Reporting by Assem Chelli (Dedicated Mentor: Gareth Heyes, Co-Mentors: Johanna …
As you may know, OWASP OWTF took part in the GSoC 2013. It was somewhat surprising (also to me) that OWTF got 4 slots, the same as ZAP (an OWASP flagship project I have a lot of respect for) and OWASP as an organisation in 2012. Instead of writing a blog post about my personal …
If you have an owasp.org account, are familiar with python and would be willing to mentor some students OWASP OWTF needs you 🙂 5 students that applied to work on the Google Summer of Code 2013 for OWASP OWTF made it to the top 11 and OWASP got 11 slots this year. However, I cannot mentor …
Pentesting like a Grandmaster materials - BSides London 2013 UPDATE: 2013-07-28 - Added link to BSides London talk interview NOTE: Will update the post as soon as video is available only slides and demos for now 🙂 BSides London 2013 was a blast as previous years, I received a lot of good feedback during the …
Here are a few links if you want to download the materials from the OWASP OWTF BruCon 2012 workshop that happened last week in Ghent, Belgium: - The slides are now online in slideshare - The demos, code and slides PDF can be downloaded from either of these: The OWTF Project Github page The BruCon …
Background A recent data breach on the LinkedIn database leaked around 6.5 million salted hashes. This ignited a healthy debate in the security community: - Some people said you should only use bcrypt and that salted passwords are useless - It was clear that LinkedIn failed to salt their passwords: This is the immediate worst option …
