OWASP Lviv

Who are we

Welcome to the OWASP Lviv chapter homepage.

The chapter leader is Igor Beliaiev. The chapter is run by a team of dedicated cyber security enthusiasts.

Acting Chapter Board members are: Stanislav Breslavskiy, Bohdan Serednytskyi. The original OWASP Lviv Chapter was founded in 2012 by Nazar Tymoshyk and previous board members were Yurii Bilyk and Vlada Kulish.

Everyone are welcome to join us at our chapter meetings.

Current events

The chapter aims at holding quarterly OWASP Lviv meetups and annual OWASP Ukraine conference, held under the aegis of all active OWASP Ukraine chapters. The meetups are normally streamed on-line and recorded.

OWASP Ukraine 2018 - Nov 23-24 2018

OWASP Ukraine 2019 - Oct 04-25 2019

OWASP Ukraine 2020 online - Dec05 2020 OWASP Lviv Winter meetup - Feb 19 2019

OWASP Lviv meetups - 4 times per year, usually on per quater basis

Call for Papers

If you wish to present your topic at OWASP, here is our Call for Papers form.

How to find us

OWASP Lviv on social networks:

Follow our news and announcements on social media: 1Facebook

Or on the semi-official OWASP Slack channel (you have to register first)

  • Telegram
  • Slideshare
  • YouTube channel
  • EventBrite

Participation

If your company wishes to support our chapter, please contact Igor Beliaiev (terms and conditions:  OWASP Membership terms and conditions). The funds donated are divided with 90% directly supporting the OWASP local chapter and 10% to the OWASP Foundation.

Category:OWASP Chapter Category:Ukraine


#1 OWASP Lviv Spring Meetup 2021 (online)

Date April 7, 2021

Program

  1. Security Headers. Why should we care? by Artur Hil
  2. Automating security testing of web application by Ihor Sasovets
  3. How I spent “this summer” or how to be “an expert” in several domains by Danial Zhuravchak

Event details

#2 OWASP Lviv Summer Meetup 2021

TBD


Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.


#1 Chapter Webinars 2020

Debate on Pentest & AppSec – Blue Team vs. Red Team Perspective“ by Yevgen Balyutov, Andrii Garaschuk, Igor Beliaiev, Vlad Styran

Video recording

#2 OWASP Ukraine 2020

OWASP UKRAINE online meetup 2020

Date Deember 5th, 2020

Program

Event schedule

  1. “React Native Security: Addressing Typical Mistakes” by Julia Potapenko | Video
  2. “Безпека додатку Дія - “Оскар” чи “Золота малина”” by Константин Корсун | Video
  3. “OAuth2.0: What? Where? When?” by Anatolii Bereziuk | Video
  4. “OWASP JuicyShop Workshop” (Workshop) by Serhii Korolenko & Eduard Kiiko & Oksana Safronova | Video
  5. “Leveraging the crowd power to regain faith in Internet’s zero trust architecture” by Philippe Humeau | Video
  6. “Serverless security: attack & defense” by Pawel Rzepa | Video
  7. “6 digit OTP for 2FA is brute-forceable in 3 days + OTP Lottery” by Maksym Khramov & Serhii Korolenko | Video

#1 OWASP Lviv Winter Meetup 2019

Date February 19, 2020

Program

  1. Vadym Opryshko - Security assessment: prepare yourself, not policies.
  2. Ben Whaley - The best and worst AWS security practices
  3. Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware)

Event details

#2 OWASP Lviv Winter Meetup 2019

Date August 28, 2019

Program

  1. Eduard Kiiko - Variety of Linux logging tools and their integrations
  2. Pavlo Zhavoronkov - Darknet security best practices
  3. Danial Zhuravchak - SRE: Monitoring

Event details

#3

OWASP UKRAINE 2019

Date October 04-05, 2019

Program

Event schedule

Day 1 (Workshops): Stream1:

  1. Кирило Гобреняк - From Zero to Hero in Web Application Security Testing with OWASP.
  2. Ігор Блюменталь - GraphQL Security Testing
  3. Володимир Стиран - Tactical Offensive Reporting

Stream 2:

  1. Віталій Сусукайло та Олексій Сведенюк - Power of Azure Log Analytics
  2. Едуард Кійко та Данило Журавчак - Boss of The SOC
  3. Vladimir Taratushka - Pentest + Social Engineering = Always win

Day 2:

  1. Kostiantyn Korsun - #FRDv2.0: new adventures
  2. Ewerson Guimaraes - Some Burp Kung-Fu
  3. Ali Huseyn Aliyev - Bluetooth Low Energy (BLE) under the microscope, attack techniques
  4. Eduard Kiiko and Danial Zhuravchak - Threat Hunting: DNS security
  5. Ricardo Fajin - Using Frida in Mobile Pentest Android
  6. Oksana Safronova - Normal activity detected
  7. Serhii Korolenko - Web vulnerabilities. In and out half an hour.
  8. Bohdan Lukin - Attacking Active Directory in examples
  9. Andrii Kudyurov - Doing OWASP ASVS audit for released products: pros, cons and a slight pain
  10. Nadia Klymenko - Approaches to keep your privacy
  11. CTF and Hacker party

Video recordings

#4 OWASP Lviv Winter Meetup 2019

Date December 19, 2019

Program

  1. Overview of DevSecOps
  2. Auditing Docker containers
  3. Infrastructure code security testingg

Event details


#1 OWASP Lviv Summer Meetup 2018

Date July 28, 2018

Program

  1. Stanislav Kolenkin - Practical Kubernetes Security.
  2. Igor Khoroshenk - AWS security fuckups. How Ops and Security misconfigurations can expose your company valuable assets.
  3. Oksana Safronova - Windows persistence - something old, something new, something weird. How to exploit some of the techniques and stay on the system for long enough.
  4. Pavlo Zhavoronkov - Extending that monster: Cuckoo functionality for Mac-based Malware analysis.

Event details

#2 OWASP Lviv Autumn Meetup 2018

Date October 1, 2018

Program

  1. Yuriy Rudyy - Person of Interest (locate and identify device: cell LAC, WiFi, iBeacon…)
  2. Igor Khoroshchenko - Data Leakages Epic Fuckups
  3. Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware

Event details

#3

OWASP UKRAINE 2018

Date November 23-24, 2018

Program

Event schedule

Day 1 (Workshops): Stream1:

  1. IGOR KHOROSHCHENKO - AWS Security FUCKUPS
  2. BOGDAN LUKIN - WAF Evasion Techniques
  3. DANIAL ZHURAVCHAK - Analyze or Die - SOC game

Stream 2:

  1. IGOR BLUMENTAL - Content Security Policy tips and tricks
  2. SERHII KOROLENKO - CSRF exploitation
  3. Andrey Voloshin - Reverse Engineering Hardware & Firmware

Day 2:

  1. Eduard Babych - Intro to Bug Bounty. How to become a Bug Bounty Hunter
  2. Lukasz Korczyk - CSRF - why your organization shouldn’t set it to low?
  3. Vitaliy Mechytashvili - Safari extensions. Suspicious javascript functions. Mojave security improvements bypass
  4. Vlada Kulish - Wanna test IOS applications? Let the pain in
  5. Kostiantyn Korsun - New National Cybersecurity System: Concept
  6. Rener Alberto F. Silva - SPLITTER: An Approach to Difficult Correlation, Traffic Analysis and Statistical Attacks Inside TOR Network
  7. Yurii Bilyk - So, you want hack some device?
  8. Oleh Levytskyi - Security issues with Chrome extensions on a practical use-cases
  9. Pavlo Radchuk - Blockchain is secure (not)
  10. Oleksandr Yakovliev, Olesia Myshkovska - Fuzzing and searching for vulnerabilities in third-party Android services embedded by manufacturers
  11. Hacking QUIZ and Hacker party

Call For Papers 2021

Hey! We are happy to announce the CFP for our meetups and conferences! If you have a prepared speech with the topic related to the security we are happy to include you in our program!

Submit your speach here


Our supporters

Chapter meeting sponsors

These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.

EPAM

Berezha Security

Chapter meeting hosts

These companies have demonstrated their support for Ukrainian Application Security community by hosting our quarterly chapter meetings.

EPAM

Ciklum

Techmagic

Eleks

SoftServe