OWASP Lviv
Future Events
Who are we
Welcome to the OWASP Lviv chapter homepage.
The chapter leaders are Igor Beliaiev, Bohdan Serednytskyi and Stanislav Breslavskiy. The chapter is run by a team of dedicated cybersecurity enthusiasts: Pavlo Zhavoronkov, Oksana Safronova and Danial Zhuravchak.
The chapter aims at holding quarterly meetups in the format of 2 practical workshops and up to 5 talks. The meetups are normally streamed online and recorded, and are followed by unofficial parties in Lviv pubs. Everyone are welcome to join us at our chapter meetings.
How to find us
Follow our news and announcements on social media: Facebook & Telegram
Find us on the semi-official OWASP Slack channel (you have to register first)
Watch recordings of our previous events YouTube
Join our Meetup Page
How to support the chapter
If your company wishes to support the chapter, please contact Igor Beliaiev.
Become a Speaker
Call For Speakers at OWASP Lviv events is permanently open. If you want to present at future events, review and agree with the OWASP Speaker Agreement and check for upcoming events at https://cfp.owaspukraine.org, or simply send the title and abstract of your talk and speaker bio to Igor Beliaiev or Bohdan Serednytskyi.
Become a Sponsor
To sponsor an OWASP Lviv event, contact Igor Beliaiev or Stanislav Breslavskiy.
We don’t have any special sponsorship package, however the sponsoring organization or individual will receive our warm thanks and a fair amount of gratitude spread over our social media presence, placed at the chapter official web-page, and announced at the event itself.
Become a Host
To host an OWASP Lviv event, contact Igor Beliaiev.
Venue requirements include:
- Capacity to welcome up to 100 attendees
- Possibility to host a lunch (paid separately by the Chapter)
- Separate high-quality internet connection for online streaming
- No need for additional attendee registration or providing attendee lists
- No marketing, advertising, or hiring at the event
Announcements
#1 OWASP Lviv Spring Meetup 2021 (online)
Date April 7, 2021
Program
- Security Headers. Why should we care? by Artur Hil
- Automating security testing of web application by Ihor Sasovets
- How I spent “this summer” or how to be “an expert” in several domains by Danial Zhuravchak
#2 OWASP Lviv Summer Meetup 2021 (online)
Date July 10, 2021
Program
- Windows Privelege Escalationa by Anatolii Khomenchuk
- Security Testing Basics: OWASP Top 10 or where to start security by Maksym-Volodymyr Lyba
- Digital transformation impact on Security by Igor Beliaiev
#3 OWASP Lviv Autumn Meetup 2021
Date September 11, 2021
Program
- Hunting for APT in network logs by Bogdan Vennyk
- Let’s play a game by Oksana Safronova
- Attacks on Windows Infrastructure (Blue Team edition) by Bogdan Vennyk
- Hardware Security by Stanislav Breslavskii
2nd session and retrospective after NoNameCon 2021 edition
#4 OWASP Ukraine 2021
Currently postponed due to covid-19 restrictions
Example
Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.
#1 Chapter Webinars 2020
#2 OWASP Ukraine 2020
Date Deember 5th, 2020
Program
- “React Native Security: Addressing Typical Mistakes” by Julia Potapenko | Video
- “Безпека додатку Дія - “Оскар” чи “Золота малина”” by Константин Корсун | Video
- “OAuth2.0: What? Where? When?” by Anatolii Bereziuk | Video
- “OWASP JuicyShop Workshop” (Workshop) by Serhii Korolenko & Eduard Kiiko & Oksana Safronova | Video
- “Leveraging the crowd power to regain faith in Internet’s zero trust architecture” by Philippe Humeau | Video
- “Serverless security: attack & defense” by Pawel Rzepa | Video
- “6 digit OTP for 2FA is brute-forceable in 3 days + OTP Lottery” by Maksym Khramov & Serhii Korolenko | Video
#1 OWASP Lviv Winter Meetup 2019
Date February 19, 2020
Program
- Vadym Opryshko - Security assessment: prepare yourself, not policies.
- Ben Whaley - The best and worst AWS security practices
- Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware)
#2 OWASP Lviv Winter Meetup 2019
Date August 28, 2019
Program
- Eduard Kiiko - Variety of Linux logging tools and their integrations
- Pavlo Zhavoronkov - Darknet security best practices
- Danial Zhuravchak - SRE: Monitoring
#3
Date October 04-05, 2019
Program
Day 1 (Workshops): Stream1:
- Кирило Гобреняк - From Zero to Hero in Web Application Security Testing with OWASP.
- Ігор Блюменталь - GraphQL Security Testing
- Володимир Стиран - Tactical Offensive Reporting
Stream 2:
- Віталій Сусукайло та Олексій Сведенюк - Power of Azure Log Analytics
- Едуард Кійко та Данило Журавчак - Boss of The SOC
- Vladimir Taratushka - Pentest + Social Engineering = Always win
Day 2:
- Kostiantyn Korsun - #FRDv2.0: new adventures
- Ewerson Guimaraes - Some Burp Kung-Fu
- Ali Huseyn Aliyev - Bluetooth Low Energy (BLE) under the microscope, attack techniques
- Eduard Kiiko and Danial Zhuravchak - Threat Hunting: DNS security
- Ricardo Fajin - Using Frida in Mobile Pentest Android
- Oksana Safronova - Normal activity detected
- Serhii Korolenko - Web vulnerabilities. In and out half an hour.
- Bohdan Lukin - Attacking Active Directory in examples
- Andrii Kudyurov - Doing OWASP ASVS audit for released products: pros, cons and a slight pain
- Nadia Klymenko - Approaches to keep your privacy
- CTF and Hacker party
#4 OWASP Lviv Winter Meetup 2019
Date December 19, 2019
Program
- Overview of DevSecOps
- Auditing Docker containers
- Infrastructure code security testingg
#1 OWASP Lviv Summer Meetup 2018
Date July 28, 2018
Program
- Stanislav Kolenkin - Practical Kubernetes Security.
- Igor Khoroshenk - AWS security fuckups. How Ops and Security misconfigurations can expose your company valuable assets.
- Oksana Safronova - Windows persistence - something old, something new, something weird. How to exploit some of the techniques and stay on the system for long enough.
- Pavlo Zhavoronkov - Extending that monster: Cuckoo functionality for Mac-based Malware analysis.
#2 OWASP Lviv Autumn Meetup 2018
Date October 1, 2018
Program
- Yuriy Rudyy - Person of Interest (locate and identify device: cell LAC, WiFi, iBeacon…)
- Igor Khoroshchenko - Data Leakages Epic Fuckups
- Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware
#3
Date November 23-24, 2018
Program
Day 1 (Workshops): Stream1:
- IGOR KHOROSHCHENKO - AWS Security FUCKUPS
- BOGDAN LUKIN - WAF Evasion Techniques
- DANIAL ZHURAVCHAK - Analyze or Die - SOC game
Stream 2:
- IGOR BLUMENTAL - Content Security Policy tips and tricks
- SERHII KOROLENKO - CSRF exploitation
- Andrey Voloshin - Reverse Engineering Hardware & Firmware
Day 2:
- Eduard Babych - Intro to Bug Bounty. How to become a Bug Bounty Hunter
- Lukasz Korczyk - CSRF - why your organization shouldn’t set it to low?
- Vitaliy Mechytashvili - Safari extensions. Suspicious javascript functions. Mojave security improvements bypass
- Vlada Kulish - Wanna test IOS applications? Let the pain in
- Kostiantyn Korsun - New National Cybersecurity System: Concept
- Rener Alberto F. Silva - SPLITTER: An Approach to Difficult Correlation, Traffic Analysis and Statistical Attacks Inside TOR Network
- Yurii Bilyk - So, you want hack some device?
- Oleh Levytskyi - Security issues with Chrome extensions on a practical use-cases
- Pavlo Radchuk - Blockchain is secure (not)
- Oleksandr Yakovliev, Olesia Myshkovska - Fuzzing and searching for vulnerabilities in third-party Android services embedded by manufacturers
- Hacking QUIZ and Hacker party
Call For Papers 2021
Hey! We are happy to announce the CFP for our meetups and conferences! If you have a prepared speech with the topic related to the security we are happy to include you in our program!
Our supporters
Chapter meeting sponsors
These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.
Chapter meeting hosts
These companies have demonstrated their support for Ukrainian Application Security community by hosting our quarterly chapter meetings.