Who are we
Welcome to the OWASP Lviv chapter homepage.
The chapter leaders are Igor Beliaiev, Bohdan Serednytskyi and Stanislav Breslavskiy. The chapter is run by a team of dedicated cybersecurity enthusiasts: Pavlo Zhavoronkov, Oksana Safronova and Danial Zhuravchak.
The chapter aims at holding quarterly meetups in the format of 2 practical workshops and up to 5 talks. The meetups are normally streamed online and recorded, and are followed by unofficial parties in Lviv pubs. Everyone are welcome to join us at our chapter meetings.
How to find us
Watch recordings of our previous events YouTube
Join our Meetup Page
How to support the chapter
If your company wishes to support the chapter, please contact Igor Beliaiev.
Become a Speaker
Call For Speakers at OWASP Lviv events is permanently open. If you want to present at future events, review and agree with the OWASP Speaker Agreement and check for upcoming events at https://cfp.owaspukraine.org, or simply send the title and abstract of your talk and speaker bio to Igor Beliaiev or Bohdan Serednytskyi.
Become a Sponsor
We don’t have any special sponsorship package, however the sponsoring organization or individual will receive our warm thanks and a fair amount of gratitude spread over our social media presence, placed at the chapter official web-page, and announced at the event itself.
Become a Host
To host an OWASP Lviv event, contact Igor Beliaiev.
Venue requirements include:
- Capacity to welcome up to 100 attendees
- Possibility to host a lunch (paid separately by the Chapter)
- Separate high-quality internet connection for online streaming
- No need for additional attendee registration or providing attendee lists
- No marketing, advertising, or hiring at the event
#1 OWASP Lviv Spring Meetup 2021 (online)
Date April 7, 2021
- Security Headers. Why should we care? by Artur Hil
- Automating security testing of web application by Ihor Sasovets
- How I spent “this summer” or how to be “an expert” in several domains by Danial Zhuravchak
#2 OWASP Lviv Summer Meetup 2021
Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.
#1 Chapter Webinars 2020
#2 OWASP Ukraine 2020
Date Deember 5th, 2020
- “React Native Security: Addressing Typical Mistakes” by Julia Potapenko | Video
- “Безпека додатку Дія - “Оскар” чи “Золота малина”” by Константин Корсун | Video
- “OAuth2.0: What? Where? When?” by Anatolii Bereziuk | Video
- “OWASP JuicyShop Workshop” (Workshop) by Serhii Korolenko & Eduard Kiiko & Oksana Safronova | Video
- “Leveraging the crowd power to regain faith in Internet’s zero trust architecture” by Philippe Humeau | Video
- “Serverless security: attack & defense” by Pawel Rzepa | Video
- “6 digit OTP for 2FA is brute-forceable in 3 days + OTP Lottery” by Maksym Khramov & Serhii Korolenko | Video
#1 OWASP Lviv Winter Meetup 2019
Date February 19, 2020
- Vadym Opryshko - Security assessment: prepare yourself, not policies.
- Ben Whaley - The best and worst AWS security practices
- Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware)
#2 OWASP Lviv Winter Meetup 2019
Date August 28, 2019
- Eduard Kiiko - Variety of Linux logging tools and their integrations
- Pavlo Zhavoronkov - Darknet security best practices
- Danial Zhuravchak - SRE: Monitoring
Date October 04-05, 2019
Day 1 (Workshops): Stream1:
- Кирило Гобреняк - From Zero to Hero in Web Application Security Testing with OWASP.
- Ігор Блюменталь - GraphQL Security Testing
- Володимир Стиран - Tactical Offensive Reporting
- Віталій Сусукайло та Олексій Сведенюк - Power of Azure Log Analytics
- Едуард Кійко та Данило Журавчак - Boss of The SOC
- Vladimir Taratushka - Pentest + Social Engineering = Always win
- Kostiantyn Korsun - #FRDv2.0: new adventures
- Ewerson Guimaraes - Some Burp Kung-Fu
- Ali Huseyn Aliyev - Bluetooth Low Energy (BLE) under the microscope, attack techniques
- Eduard Kiiko and Danial Zhuravchak - Threat Hunting: DNS security
- Ricardo Fajin - Using Frida in Mobile Pentest Android
- Oksana Safronova - Normal activity detected
- Serhii Korolenko - Web vulnerabilities. In and out half an hour.
- Bohdan Lukin - Attacking Active Directory in examples
- Andrii Kudyurov - Doing OWASP ASVS audit for released products: pros, cons and a slight pain
- Nadia Klymenko - Approaches to keep your privacy
- CTF and Hacker party
#4 OWASP Lviv Winter Meetup 2019
Date December 19, 2019
- Overview of DevSecOps
- Auditing Docker containers
- Infrastructure code security testingg
#1 OWASP Lviv Summer Meetup 2018
Date July 28, 2018
- Stanislav Kolenkin - Practical Kubernetes Security.
- Igor Khoroshenk - AWS security fuckups. How Ops and Security misconfigurations can expose your company valuable assets.
- Oksana Safronova - Windows persistence - something old, something new, something weird. How to exploit some of the techniques and stay on the system for long enough.
- Pavlo Zhavoronkov - Extending that monster: Cuckoo functionality for Mac-based Malware analysis.
#2 OWASP Lviv Autumn Meetup 2018
Date October 1, 2018
- Yuriy Rudyy - Person of Interest (locate and identify device: cell LAC, WiFi, iBeacon…)
- Igor Khoroshchenko - Data Leakages Epic Fuckups
- Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware
Date November 23-24, 2018
Day 1 (Workshops): Stream1:
- IGOR KHOROSHCHENKO - AWS Security FUCKUPS
- BOGDAN LUKIN - WAF Evasion Techniques
- DANIAL ZHURAVCHAK - Analyze or Die - SOC game
- IGOR BLUMENTAL - Content Security Policy tips and tricks
- SERHII KOROLENKO - CSRF exploitation
- Andrey Voloshin - Reverse Engineering Hardware & Firmware
- Eduard Babych - Intro to Bug Bounty. How to become a Bug Bounty Hunter
- Lukasz Korczyk - CSRF - why your organization shouldn’t set it to low?
- Vlada Kulish - Wanna test IOS applications? Let the pain in
- Kostiantyn Korsun - New National Cybersecurity System: Concept
- Rener Alberto F. Silva - SPLITTER: An Approach to Difficult Correlation, Traffic Analysis and Statistical Attacks Inside TOR Network
- Yurii Bilyk - So, you want hack some device?
- Oleh Levytskyi - Security issues with Chrome extensions on a practical use-cases
- Pavlo Radchuk - Blockchain is secure (not)
- Oleksandr Yakovliev, Olesia Myshkovska - Fuzzing and searching for vulnerabilities in third-party Android services embedded by manufacturers
- Hacking QUIZ and Hacker party
Call For Papers 2021
Hey! We are happy to announce the CFP for our meetups and conferences! If you have a prepared speech with the topic related to the security we are happy to include you in our program!
Chapter meeting sponsors
These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.
Chapter meeting hosts
These companies have demonstrated their support for Ukrainian Application Security community by hosting our quarterly chapter meetings.