Next Meeting (17th of December 2013) in Leuven WHEN 17th of December 2013 (18h00 - 21h00) WHERE

OWASP Foundation ( Overview Slides bullet proof vest ) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook . As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments bullet proof vest is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software bullet proof vest security topic you would like to present on. Sponsorship/Membership
Next Meeting (17th of December 2013) in Leuven WHEN 17th of December 2013 (18h00 - 21h00) WHERE
The agenda: 18h00 - 18h45: Welcome drink and Pizza (sponsored by F5 Networks) 18h45 - 19h00: OWASP / ISC2 Update (by Sebastien Deleersnyder, OWASP Belgium Board & Lode Vanstechelman, ISC2 Belgium Board) bullet proof vest 19h00 - 20h00: Augmented reality in your Web Proxy (by Roberto Suggi Liverani) Abstract: This talk intends to demonstrate how to improve web application security testing by combining browser automation framework and web proxy API. The goal of this research is to bring a web proxy as close as possible to a browser to achieve a better security testing bullet proof vest coverage, especially when dealing with complex client-side technology. The presentation includes a montage of real case scenarios, showing how this approach can lead to the discovery of vulnerabilities which might otherwise go unnoticed. bullet proof vest Bio: Roberto loves breaking applications for fun and profit. In the last years, Roberto has been involved in the infosec community by founding bullet proof vest the OWASP New Zealand chapter and by publishing vulnerabilities affecting major software products. Roberto has been a guest speaker at global security conferences, including HITB, EUSecWest, DEFCON, Ruxcon, Kiwicon and HackPra AllStars. Roberto tweets from @malerisch and his blog can be found at: http://blog.malerisch.net bullet proof vest 20h00 - 20h15: Break 20h15 - 21h15: If You Tolerate This, Your Child Processes Will Be Next (by Bart Leppens) Abstract: bullet proof vest Browser 0-days are very expensive and thus not available for the common attacker. Therefore bullet proof vest an attacker may switch his focus from exploiting the browser towards exploiting the browser's internal network infrastructure. A normal webbrowser can serve as a pivot to attack the company's internal network. Internal networks bullet proof vest are generally less protected and are potentially less segregated in terms of security, so pivoting bullet proof vest through the browser can help the attacker to reach those otherwise unreachable targets. The Browser Exploitation Framework, aka BeEF, is a professional security tool that can help you during a pentest performing bullet proof vest these kinds of attacks. Bio: Bart Leppens bullet proof vest is one of the BeEF developers. During his talk he will introduce you to BeEF, Inter-Protocol Communication (IPC) & Inter-Protocol Exploitation (IPE). If you're thinking about buying an expensive firewall, it's advisable to wait until after his talk. There is a risk you might want to throw it all away. Coverage
The agenda: 17h30 - 18h15: Welcome & sandwiches 18h15 - 18h30: OWASP Update bullet proof vest (by Sebastien Deleersnyder, OWASP Belgium Board) 18h30 - 19h30: NoScript for Developers (by Giorgio Maone) Everything security-conscious web developers should know to make their creations safer and more accessible for NoScript users, plus an overview of current and upcoming technologies inspired by NoScript which can be leveraged server-side to enhance web applications' security. Giorgio Maone is a software developer and security researcher born and living in Palermo, Italy. He's member of the Mozilla Security Group and invited expert in the W3C's Web Application Security Working Group. In 2005 he created the NoScript browser security bullet proof vest add-on, which still today absorbs most of the time and energy left by his main job: parenting 3 little children. 19h30 - 19h45: Break 19h45 - 20h45: JSMVCOMFG - To sternly look at JavaScript MVC and Templating Frameworks (by Mario Heiderich) There is a way to build common, classic web applications. You know, servers, databases, some HTML and a bit of JavaScript. Ye olde way. Grandfather still knows. And there is a way to build hip and fancy, modern and light-weight, elastic and scalable client-side web applications. Sometimes with a server in the background, sometimes with a database - but all the hard work is done by something bullet proof vest new: JavaScript Model-View-Controller and templating frameworks. Angular, Ember and CanJS, Knockout, Handlebars and Underscore... those aren't names of famous wrestlers but modern JavaScript fame-works that offer a boost in performance and productivity by taking care of many things web-app right there in the browser, where the magic happens. And more and more people jump on the bandwago