OWASP Czech Republic

Upcoming Events

Dear OWASP fellows, we are thrilled to invite you to our upcoming OWASP Meetup, hosted at Mendel University in Brno on November 14th, starting at 6:00 PM. This evening promises to be filled with valuable insights, as we’ll feature two thought-provoking talks by experts in the field, along with plenty of time for networking and discussions with fellow security enthusiasts.

Further details, including the registration form, are available on Eventbrite. Don’t miss this chance to stay updated and engage with the latest trends in cybersecurity. We look forward to welcoming you there!

OWASP Czech Republic

Welcome to the OWASP Czech Republic page! This official page is the place to go when you want to learn about upcoming events, sponsoring, and CFP. Or to find presentations and videos from previous chapter meetings (Past Events tab). To stay in touch with the latest news, follow our Official Twitter account!

Chapter leaders are:

Call for Papers

Our CFP (Call For Papers) is always open. We would love to offer you an opportunity to speak at our local Czech Republic chapter meetings. Do you have any interesting topics to talk about? Don’t hesitate to send the description of your talk to our official Twitter account (DM) or by email to any Czech Chapter Leaders (email addresses above), and we will get back to you.

OWASP beers

In past years we have organized many chapter meetings and created a great community around Czech OWASP. We were looking for ways to make it possible for you to meet more often than four times per year. That is why we came up with the idea of OWASP Beers! This event happens every last Thursday of the month. It happens in Radegastovna Perón, Praha 5 around 7 PM.

There are no talks, but you can talk to similarly-minded people who also love IT security.

No registration is required, but we would appreciate you sending DM to our Twitter account so we know how many seats we should reserve.

Our Supporters

We would like to kindly thank the following companies for supporting us:

As we want to keep the pace of 4 events a year, often with top-notch foreign speakers, we’re always looking for new sponsors. If you want to discuss details, please get in touch with us via the official emails above.


Past Events

May 14 2024

See the schedule Official schedule.

Talks:
18:00 - Doors open!
18:15 - Opening ceremony with OWASP chapter leaders
18:30 - Smishing - Hack Back by Václav Chlad
19:30 - How We Hacked Our Company by Martin Žember and Tomáš Polešovský
20:45 - Networking
21:30 - Doors close

Videos: tba…

December 13 2023

See the schedule Official schedule.

Talks:
17:45 - Doors opening
18:00 - Opening ceremony with OWASP chapter leaders
18:15 - Marek Šanta: Locks Beyond Lockpicking
20:00 - Petr Stuchlík: Domain OSINT at scale
20:45 - Networking

Videos: tba…

November 8 2023

See the schedule Official schedule.

Talks:
18:00 - Doors open!
18:30 - Miloslav Homer - What happens when you issue a bounty on your head
19:30 - Kamil Vavra - Hacking a Cruise Ship
20:30 - Networking
23:00 - Doors close

Videos: tba…

June 22 2023

See the schedule Official schedule.

Talks:
18:00 - Doors open!
18:30 - Kamil Vavra - Solving CAPTCHAs for Fun - slides
19:30 - Igor Hak - IOT in the home environment more under control
20:30 - Networking
23:00 - Doors close

Videos: tba…

May 11 2023

See the schedule Official schedule.

Talks:
17:45 - Doors opening
18:00 - Opening ceremony with OWASP chapter leaders
18:15 - Michal Špaček: Trusted Types and DOM XSS - slides
19:00 - Fedotkin Zakhar: They are dangerous… so better hack this - slides
20:00 - Marek Tóth: Session Hijacking on web portal Seznam.cz
21:00 - Announcing winners of the CTF, networking

Videos: YouTube playlist

Dec 29 2022

Talks:
19:00 Doors Opening at Radegastovna Peron, Prague 5
20:00 What (not) to do at BlackHat and DefCon - Emkei
21:00 Networking

Aug 30 2022

See the schedule Official schedule.

Talks:
19:00 Doors Opening
20:00 Lightning talks
21:00 Networking

Apr 5 2022

See the schedule Official schedule.

Talks:
18:45 - 19:00 Opening ceremony with OWASP chapter leaders
19:00 - 20:00 Compromised Keys - Kamil Vávra
20:00 - 21:00 Red Team Infrastructure Automation - Andrej Tomči
21:00 - 21:10 Closing ceremony
21:10 - XX:XX Networking

Videos: tba…

Nov 25 2021

See the schedule Official schedule.

Workshops:
9:00 - 12:00 Jan Kopecký: Fuzzing workshop
9:00 - 12:00 CTF led by TunaSec.cz

Talks:
12:00 - 12:15 Opening ceremony with OWASP chapter leaders and announcing winners of the CTF
12:15 - 13:00 LUNCH TIME!
13:00 - 13:45 Václav Chlad: I’m you: Caller ID spoofing
14:00 - 14:45 Filip Holec: Hacking 101
15:00 - 15:45 Ondřej Bouček: Should I Trust? Exploring New Approaches to Detecting Computational Propaganda
16:00 - 16:45 Kamil Vávra: WordPress Supply Chain Attack
17:00 - 17:45 Marek Jílek: Hey Google, give me tons of public calendars! (how I become #1 on H1 in CZ)

Videos: Vimeo album

Aug 5 2021

See the schedule Official schedule.

Talks:
18:20 - 19:20 How we started Red Team - Jan Kopecky and Marek Jilek
19:30 - 20:30 You should turn off autofill in your password manager - Marek Tóth
20:40 - 21:00 I know where you live - Kamil Vavra

Videos: Vimeo album

Dec 1 2020

See the schedule Official schedule.

Workshop, Speakers, Talks:
08:00 - 12:00 Practical Mobile App Attacks By Example Workshop by Abraham Aranguren
12:30 - 13:10 Naughty HttpClient by Fedotkin Zakhar
13:20 - 14:05 Automating Discovery of Security Issues in Binaries (for Lazy People) by Martin Petran
14:15 - 15:00 Introduction and example implementation of user authentication to the web application with new FIDO and W3C standard WebAuthn by Radoslav Bodó
15:10 - 16:00 Security testing Czech e-commerce platforms for online stores & Cookies stealing on Seznam.cz by Marek Tóth
16:30 - 17:00 So you have a blacklist: Optimizing the Protection of IoT devices by a Scored-Prioritized Aging BlackList by Thomas O’Hara
17:10 - 17:40 Icarus Project: Testing and Analyzing Internet Censorship Circumvention Solutions by Mohamed Tita
17:50 - 18:35 Deep dive into LoRa(WAN) RF and Hardware Security by Sébastien Dudek
18:45 - 19:30 Why letting me break into your organisation will help you protect it by Sarka Pekarova

Videos: Vimeo album

Dec 11 2019

See the schedule Official schedule.

Slides:
Automating bug bounty
An introduction to the router exploit kits
Budget Phishing 101

Videos: Vimeo album

Oct 31 2019

See the schedule Official schedule.

Slides:
An Infosec Timeline - Noteworthy Events from 1970 to 2050
Fantastic Attacks and How Kalipso can find them
Ludus project - Make honeypots great again!
Puppeteer for Evil Minds
When A Password Is Not Enough - Developing A New Way Of Protecting Smart Homes

Videos: Vimeo album

May 21 2019

See the schedule Official schedule.

Slides:
Does_Your_IoT_Expose_You.pdf
What if I told you browsers can tell servers they don’t like the response - website
We Know Where You Are - TBA
The_Messaging_Menagerie.pdf or animated version
Cybercriminal_Activities_Managing_a_New_Android_Botnet.pdf
Why usual pentests suck?

Videos: Vimeo album

Feb 12 2019

See the schedule Official schedule.

Slides:
Hacking_101.pdf
Black_Market_of_Code_signings_certs.pdf
Getting_Started_with_Bug_Bounty..pdf

Videos: Vimeo album

Nov 14 2018

See the schedule Official schedule.

Slides: Petr_Stuchlik_The_webhosting_has_no_rights!.pdf
Adela_Hanikova_All_roads_lead_to_domain_admin.pdf
Frantisek_Strasak_Detecting_malware_even_when_it_is_encrypted.pdf
The_Zeitgeist_of_Darknet.pdf

Videos: Vimeo album

May 30 2017

See the schedule Official schedule.

Dec 7 2015

See the schedule Official schedule.