Skip Main Navigation
Eventbrite
Browse Events
Organize
Help
Log InSign Up
Menu
Page Content
This event has ended.
OWASP Czech Chapter Meeting

Actions Panel

Nov 25

OWASP Czech Chapter Meeting

Dear OWASP fellows, It’s our pleasure to inform you that the next local chapter meeting will be held on November 25th 2021 at NN IT HUB

By Czech chapter OWASP team

When and where

Date and time

Thu, November 25, 2021, 9:00 AM – 5:30 PM CET

Location

NN IT HUB Karla Engliše 6/3201 150 00 Prague Czechia

Map and directions

How to get there

About this event

Dear OWASP fellows,

It’s our pleasure to inform you that the next local chapter meeting will be held on November 25th 2021 at NN IT HUB, Karla Engliše 6/3201, Praha 5-Smíchov.

This time we prepared for you  a full day event. You can enjoy workshop during the morning and interesting talks during the afternoon together with the CTF. The admission is as usual free of charge.

Schedule

Morning workshop

9:00 - 12:00 Jan Kopecký: Fuzzing workshop

9:00 - 12:00 CTF led by TunaSec.cz

Talks

12:00 - 12:15 Opening ceremony with OWASP chapter leaders and announcing winners of the CTF

12:15 - 13:00 LUNCH TIME!

13:00 - 13:45 Václav Chlad: I'm you: Caller ID spoofing

14:00 - 14:45 Filip Holec: Hacking 101

15:00 - 15:45 Ondřej Bouček: Should I Trust? Exploring New Approaches to Detecting Computational Propaganda

16:00 - 16:45 Kamil Vávra: WordPress Supply Chain Attack

17:00 - 17:45 Marek Jílek: Hey Google, give me tons of public calendars! (how I become #1 on H1 in CZ)

17:45 - .......... Closing ceremony and networking

Information about the trainer, workshop and CTF

Fuzzing workshop

Jan Kopecký - Jan started his IT security career more than 15 years ago. He is currently working as a Red Teamer for NN and he is leading his own small yet exclusive consulting company. During his journey Jan has mostly focused on webapp, infrastructure and mobile applications pentesting. He also loves to write customs tools (especially malware), do some reverse engineering and of course fuzzing (because cold core is a wasted core). Jan is also one of OWASP Czech Republic chapter leaders (the most handsome one of course).

Workshop outline:

During this workshop we will get our hands dirty with fuzzing, fuzzing and … you guessed it! Fuzzing. When you know what tools to use and how to use them properly you can find a lot of bugs with relatively low effort (well, sometimes). And this is exactly what this workshop is going to be about. Unfortunately I cannot make you a fuzzing guru in 3 hours, however I can tell you fuzzing state-of-art and tools-of-trade. We will touch following subjects:

○ Dumb fuzzing with Radamsa

○ AFL++ on Linux

○ WinAFL on Windows

○ BooFuzz for network fuzzing

○ Firefox fuzzing on Windows (bonus content if we have enough time)

Please do not forget that this is a workshop so bringing your own laptop is seriously recommended. Ideally you should have either VirtualBox or VMWare with Kali Linux and Windows. You don’t need to install anything in advance as we will do installation and initial setup during the class. BTW by signing up for this workshop you accept a rule to buy me a beer for each bug you find with fuzzing ;)

Looking forward to see you in the class!

CTF led by TunaSec.cz team

  • Filip Holec - Leader of educational Ethical Hacking, Linux or Python workshops and Co-Founder of https://engeto.cz

  • Martin Zember - 13 years of experience in pentesting, Founder of https://zembered.com

  • Petr Skyva - Cyber-Security @ FI MUNI, Cloud Architect @ Cleverlance

  • Kamil Vavra - Hacker, Bug Bounty hunter (https://vavkamil.cz), AppSec Lead @ Kiwi.com

Workshop outline

We’ve prepared a short, beginner friendly CTF with some real-life challenges. We will try to help with hints and tools to finish it in time, learn something and yet still compete. For the lucky winner, we prepared a bottle of the only true rum - Bozkov!

Information about the speakers and talks

Václav Chlad

I'm junior penetration tester for Trusted Network Solutions a.s. and ad-hoc penetration tester for MUNI CSIRT. My original specialization was social engineering but Iam learning all the areas of "hacking", lately focusing on internal networks and Active Directory.

I'm you: Caller ID spoofing

Calls through PSTN are still widely used and many people dont even know how easy it is to fake your caller ID and impersonate someone else. In my talk, I will show you the best way I know of calling from any number you like.

Filip Holec

Filip is leader of educational Ethical Hacking, Linux or Python workshops and Co-Founder of https://engeto.cz.

Hacking 101

Do you want to get into ethical hacking and/or penetration testing? This talk will give you clear information where to start, what are the best websites to try your hacking skills and what resources to follow.

Ondřej Bouček

Ondřej Bouček is 24 years old last-year AI student at Faculty of Electrical Engeneering at the Czech Technical University in Prague. His work started in the area of Image retrieval until he got mad at how easy it is to manipulate people so he switched his focus to detecting computational propaganda. He is currently researcher in Computational Propaganda project at Stratosphere Laboratory under the AI Centre as a part of his Master’s Thesis.

Should I Trust? Exploring New Approaches to Detecting Computational Propaganda

The history of propaganda is as old as civilized society. In the modern era, especially with the rise of the Internet, techniques changed. Computational propaganda exploits the ease of spreading information and aims to overwhelm the victim with the amount of information. What makes detecting computational propaganda hard is that the information might be completely true, however, people are witnessing only part of the truth, the part that fits the narrative.

In this talk, we will present our current research efforts to track information on the internet and explain if it is being forced by someone, or whether the spread is natural. We will show why tracking information is hard and the difficulties with the absence of a dataset.

Kamil Vavra

Kamil is application Security Engineer @ Kiwi.com, Burp Suite Certified Practitioner, Offensive Web Application Security

WordPress Supply Chain Attack

Novel attack vector affecting WordPress websites. This talk will focus on the research from the beginning, explaining the motivation and exploration phase. A new scanner tool will be released, along with the Docker container for local testing. Lastly, you will get a chance to see the redacted results from the bug bounty hunting, recon process, and struggle with triage of the reports. TBU, currently still a 0day :)

Marek Jílek

Marek is currently working as a Red Team Engineer at NN. In the past he also worked for Deloitte as a penetration tester and for Alza.cz as a web developer. His interests include popularizing the field of computer security, bounty hunting (#1 on HackerOne in the Czech Republic), social engineering and cooking.

Hey Google, give me tons of public calendars! (how I become #1 on H1 in CZ)

This presentation describes my journey from being lousy at bug bounting, to still being lousy except for one bug. That bug is called "Google Calendar Misconfiguration" and I will tell you how this vulnerability changed my point of view on bug bounty hunting. And also balance of my bank account. :)

Additional information

  • If using public transportation you can go to the metro station Anděl and walk 5 minutes. For cars there are paid parking lots in the street Kováků or you can park in the OC Nový Smíchov.
  • NN IT HUB is in the Anděl Park office building, there will be someone to guide you at the main entry. There will be signs showing you way to the conference hall and the lecture room for workshop.
  • For the workshop, please come at least 10 minutes ahead of time, otherwise it can happen that your seat is taken by somebody on the waiting list.
  • We have to follow current COVID rules - please check your email a few days before the event, we will inform you about current conditions.
  • There will be some snacks and soft drinks prepared for you during the event and of course the lunch! :)
  • Unless stated otherwise, talks will be in English and the recordings will be available online ( with speakers' permission) after the convention

Tags

  • Czechia Events
  • Praha Events
  • Things to do in Prague
  • Prague Conferences
  • Prague Other Conferences
Event ended

OWASP Czech Chapter Meeting


Follow this organizer to stay informed on future events

Czech chapter OWASP team

Event creator

Events you might like

  • CzechDreamin 2023

    CzechDreamin 2023
    CzechDreamin 2023

    Fri, May 26, 8:00 AM
    Prague Congress Centre • Praha 4
    €46 - €57
  • Czech Marketing Executive Meetup #2

    Czech Marketing Executive Meetup #2
    Czech Marketing Executive Meetup #2

    Wed, Mar 1, 6:00 PM
    Národní 38 • Praha 1
  • World Taxpayers Conference - PragueCzech Republic

    World Taxpayers Conference - PragueCzech Republic
    World Taxpayers Conference - PragueCzech Republic

    Tue, May 23, 5:00 PM
    Prague Marriott Hotel • Praha 1
    $75
  • ACCA Tax update 2023 in the Czech Republic and the EU

    ACCA Tax update 2023 in the Czech Republic and the EU
    ACCA Tax update 2023 in the Czech Republic and the EU

    Thu, Feb 23, 5:30 PM
    Hotel Eurostars Thalia • Praha 1
    Free
  • New Member and Students Award Ceremony Czech Republic

    New Member and Students Award Ceremony Czech Republic
    New Member and Students Award Ceremony Czech Republic

    Mon, Feb 27, 5:00 PM
    Grand Hotel Bohemia Praha (Boccaccio Ballroom) • Praha 1
    Free
  • Yeur Architect Dreamin' - in Prague

    Yeur Architect Dreamin' - in Prague
    Yeur Architect Dreamin' - in Prague

    Wed, May 24, 12:00 PM
    Prague • Prague
    €0 - €363
  • European Seller Conference 2023 for Amazon Private Label Sellers

    European Seller Conference 2023 for Amazon Private Label Sellers
    European Seller Conference 2023 for Amazon Private Label Sellers

    Thu, Jun 8, 9:00 AM
    Grandior Hotel Prague • Praha 1-Florenc
    €499 - €1,099
  • Prague – ICSSH, 23-24 June 2023

    Prague – ICSSH, 23-24 June 2023
    Prague – ICSSH, 23-24 June 2023

    Fri, Jun 23, 9:00 AM
    Czech Technical University in Prague • Prague 6
    $165.64 - $383.41
  • RISE Conference 2023

    RISE Conference 2023
    RISE Conference 2023

    Sun, Mar 19, 9:30 AM
    Clarion Congress Hotel Prague • Praha 9
    Free
  • International Conference on Science & Technology, 25-26 June 2023, Prague

    International Conference on Science & Technology, 25-26 June 2023, Prague
    International Conference on Science & Technology, 25-26 June 2023, Prague

    Sun, Jun 25, 9:00 AM
    Czech Technical University in Prague • Prague 6
    $165.64 - $383.41

Site Navigation

Use Eventbrite

  • Create Events
  • Pricing
  • Eventbrite Boost
  • Eventbrite Mobile Ticket App
  • Eventbrite Check-In App
  • Eventbrite App Marketplace
  • Event Registration Software
  • Content Standards
  • FAQs
  • Sitemap

Plan events

  • Sell Tickets Online
  • Event Planning
  • Sell Concert Tickets Online
  • Event Payment System
  • Solutions for Professional Services
  • Event Management Software
  • Community Engagement
  • Virtual Events Platform
  • QR Codes for Event Check-In
  • Post your event online

Find events

  • Browse Prague Events
  • Get the Eventbrite App

Connect with us

  • Report This Event
  • Help Center
  • Terms
  • Privacy
  • CA Privacy Notice
  • Accessibility
  • Community Guidelines
Eventbrite + Ticketfly

© 2023 Eventbrite