UPDATE 04/09/2013: Added link to AppSec EU video UPDATE 26/08/2013: Added Plug-n-Hack support link. OWASP AppSec EU 2013 and HackPra AllStars were both a blast this week: I would like to use this opportunity to let you know that: OWASP OWTF is always actively looking for contributors, bug reports / ideas. The slides for the …
A common complaint for OWTF was that the report was "ugly", now it's your turn to change that: This project has a community voting phase, so we need your help to choose the upcoming OWASP OWTF report default style, layout and skin: OWASP OWTF - Reporting by Assem Chelli (Dedicated Mentor: Gareth Heyes, Co-Mentors: Johanna …
As you may know, OWASP OWTF took part in the GSoC 2013. It was somewhat surprising (also to me) that OWTF got 4 slots, the same as ZAP (an OWASP flagship project I have a lot of respect for) and OWASP as an organisation in 2012. Instead of writing a blog post about my personal …
If you have an owasp.org account, are familiar with python and would be willing to mentor some students OWASP OWTF needs you 🙂 5 students that applied to work on the Google Summer of Code 2013 for OWASP OWTF made it to the top 11 and OWASP got 11 slots this year. However, I cannot mentor …
Pentesting like a Grandmaster materials - BSides London 2013 UPDATE: 2013-07-28 - Added link to BSides London talk interview NOTE: Will update the post as soon as video is available only slides and demos for now 🙂 BSides London 2013 was a blast as previous years, I received a lot of good feedback during the …
Here are a few links if you want to download the materials from the OWASP OWTF BruCon 2012 workshop that happened last week in Ghent, Belgium: - The slides are now online in slideshare - The demos, code and slides PDF can be downloaded from either of these: The OWTF Project Github page The BruCon …
Background A recent data breach on the LinkedIn database leaked around 6.5 million salted hashes. This ignited a healthy debate in the security community: - Some people said you should only use bcrypt and that salted passwords are useless - It was clear that LinkedIn failed to salt their passwords: This is the immediate worst option …
