OWASP Boston June 7 meeting
Next meeting is 6:30 pm on Wed. June. 7
6:30 pm - Jim Weiler - Announcements, Short Topic - Web Server Get/Post interchangeable processing and vulnerability implications
7:00 Imperva - Web Application and Database Vulnerabilities and Intrusion Monitoring/Prevention
This will be a live Application and Database hacking demonstration on a live web site that was created specifically for this purpose. This web site is sitting behind a market leading Firewall, and the applications running it were designed by a third party firm that specializes in creating on-line shopping applications. Discussion will include many real life examples of penetration tests that we have conducted.
JW - this tool can be used as a non-intrusive HTTP request rules engine, to look at any part of the request as well as the response; and as a non-intrusive database request rules engine. Even if malicious requests get thru your app thay can be stopped before entering the database.
8:15 - Using Paros Proxy Server as a Web Application Vulnerability tool - Part 3 analysing saved sessions; Paros utilities
Pizza will be provided by Imperva
Location:
Microsoft offices at the Waltham Weston Corporate Center,
201 Jones Rd.
, Sixth Floor Waltham, MA
Directions:
From Rt. 128 North take exit 26 toward Waltham, East up the hill on Rt. 20. From Rt 128 South take exit 26 but go around the rotary to get to 20 East to Waltham. Follow signs for Rt. 117 (left at the second light). When you get to 117 turn left (West). You will cross back over Rt. 128.
Jones Rd.
(look for the Waltham Weston Corporate Center sign) is the second left, at a blinking yellow light, on Rt. 117 going west about 0.1 miles from Rt. 128 (I95). The office building is at the bottom of
Jones Rd.
The room is MPR C.
More information at https://www.owasp.org/local/boston.html