OWASP Meeting in Krakow - HTTP Request Smuggling + lightning talks
Details
Hi,
OWASP is a worldwide, non-profit organisation focused on application security issues and we are Polish chapter of this initiative.
Our main dish for this meeting is HTTP Request Smuggling attack & defence. Besides we have a room for lightening talks. If you want to have lightning talk please let us know in advance by filling the form. This will help us to plan the meeting.
Agenda:
- The vulnerability of complex systems - (HRS) HTTP Request Smuggling (Przemek Samsel)
Presentation is about a never-ending story of HTTP Request Smuggling. Since it was born in 2005 due to research by Watchfire, it would disappear for a few years only to emerge back only now and then. Recent years have shown a real avalanche of reports related to HTTP misconfigurations, developing several variations of the attack and related attacks. In this short, technical talk, I'd like to show a few interesting examples of this vulnerability and try to answer the question - why it is so difficult for us to finally get rid of it? (about 30 min + discussion) - After the break there is a room for short lightning talks with discussion (typical format is 5-10 minute talk followed by 5-10 minute discussion). Please submit your ideas or just show up.
- OWASP ASVS 2.1.7 - how to do it right? (Marcin Szydłowski)
- Job announcements. If you are an employer, there will be a chance to present who you are looking for.
Please RSVP and save the date!
If you have a minute, please share this with friends and in social media.
We would like to thank Codete for enabling us to organise our meetups in their Techie's Space.
Codete is a software company based in Poland that specializes in custom software development and IT consulting.