OWASP Scotland - May 2013
Thursday, 30 May 2013 from 18:00 to 21:00 (BST)
The OWASP Scotland May 2013 meeting is now set for Thursday 30th. We're being hosted by Edinburgh University Informatics Department again.
Times as as usual, doors open at 6pm, and we're planning to start the talks at 7pm.
We've got a great slate of speakers doing talks for us this time round with a couple of regulars stepping up to do a talk and also Colin McLean from Abertay University joining us.
Windows PowerShell 4 Newbies - Robert Ray
Windows PowerShell is a command-line shell that includes an interactive prompt and scripting environment designed for administration of modern Windows machines, this talk aims to provide an overview of the basics of these tools to get you up and running quickly when choosing to use powershell in a security testing context. With a few examples of how it might be useful to assist with some common testing tasks or use it to assist with your ultimate goal of pwnage.
Working Title: Tackling Banned APIs - Lionel Saliou
Abstract: No one likes bugs especially security ones. Likewise no team sets out to create these defects in the first place. Software teams are typically focused on new features and new product development. Hence, what happens when such a team is faced with solving a rather severe technical and security challenge?
This talk is a walkthrough the method our team took to get rid of C/C++ dangerous APIs call. For developers, it highlights the advantages of creating custom and tailored utilities. For software and penetrations testers, it illustrates the value of providing feedback in a manner that allows development team to track progress towards a particular goal.
Convincing your mate not to visit "those" sites - Colin McLean
He posted a link on facebook that I pointed out was not a trustworthy site (in my opinion). Being an intelligent guy, he challenged me to prove it. Challenge accepted. I'm an academic and a geek - I can handle this. Us security geeks are always telling "noobs" not to click on bad links. The "dumb user" principle is blamed for many security breaches.
The bottom line is that I found this task extremely difficult! This talk highlights the difficulty that an average internet user faces when deciding whether a site is safe or not before visiting.
Sopra Group are sponsoring the refreshments again, so thanks very much to them for that.
Location - At the moment it's looking like our usual spot on the 8th floor.
Open area - 8th floor
School of Informatics
The University of Edinburgh