OWASP Lviv
Who are we
Welcome to the OWASP Lviv chapter homepage.
The chapter leader is Igor Beliaiev. The chapter is run by a team of dedicated cyber security enthusiasts.
Acting Chapter Board members are: Stanislav Breslavskiy, Bohdan Serednytskyi. The original OWASP Lviv Chapter was founded in 2012 by Nazar Tymoshyk and previous board members were Yurii Bilyk and Vlada Kulish.
Everyone are welcome to join us at our chapter meetings.
Current events
The chapter aims at holding quarterly OWASP Lviv meetups and annual OWASP Ukraine conference, held under the aegis of all active OWASP Ukraine chapters. The meetups are normally streamed on-line and recorded.
OWASP Ukraine 2018 - Nov 23-24 2018
OWASP Ukraine 2019 - Oct 04-25 2019
OWASP Ukraine 2020 online - Dec05 2020 OWASP Lviv Winter meetup - Feb 19 2019
OWASP Lviv meetups - 4 times per year, usually on per quater basis
Call for Papers
If you wish to present your topic at OWASP, here is our Call for Papers form.
How to find us
OWASP Lviv on social networks:
Follow our news and announcements on social media: 1Facebook
Or on the semi-official OWASP Slack channel (you have to register first)
- Telegram
- Slideshare
- YouTube channel
- EventBrite
Participation
If your company wishes to support our chapter, please contact Igor Beliaiev (terms and conditions: OWASP Membership terms and conditions). The funds donated are divided with 90% directly supporting the OWASP local chapter and 10% to the OWASP Foundation.
#1 OWASP Lviv Spring Meetup 2021 (online)
Date April 7, 2021
Program
- Security Headers. Why should we care? by Artur Hil
- Automating security testing of web application by Ihor Sasovets
- How I spent “this summer” or how to be “an expert” in several domains by Danial Zhuravchak
#2 OWASP Lviv Summer Meetup 2021 (online)
Date July 10, 2021
Program
- Windows Privelege Escalationa by Anatolii Khomenchuk
- Security Testing Basics: OWASP Top 10 or where to start security by Maksym-Volodymyr Lyba
- Digital transformation impact on Security by Igor Beliaiev
#3 OWASP Lviv Autumn Meetup 2021
Date September 11, 2021
Program
- Hunting for APT in network logs by Bogdan Vennyk
- Let’s play a game by Oksana Safronova
- Attacks on Windows Infrastructure (Blue Team edition) by Bogdan Vennyk
- Hardware Security by Stanislav Breslavskii
2nd session and retrospective after NoNameCon 2021 edition
#4 OWASP Ukraine 2021
Currently postponed due to covid-19 restrictions
Example
Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.
#1 Chapter Webinars 2020
#2 OWASP Ukraine 2020
Date Deember 5th, 2020
Program
- “React Native Security: Addressing Typical Mistakes” by Julia Potapenko | Video
- “Безпека додатку Дія - “Оскар” чи “Золота малина”” by Константин Корсун | Video
- “OAuth2.0: What? Where? When?” by Anatolii Bereziuk | Video
- “OWASP JuicyShop Workshop” (Workshop) by Serhii Korolenko & Eduard Kiiko & Oksana Safronova | Video
- “Leveraging the crowd power to regain faith in Internet’s zero trust architecture” by Philippe Humeau | Video
- “Serverless security: attack & defense” by Pawel Rzepa | Video
- “6 digit OTP for 2FA is brute-forceable in 3 days + OTP Lottery” by Maksym Khramov & Serhii Korolenko | Video
#1 OWASP Lviv Winter Meetup 2019
Date February 19, 2020
Program
- Vadym Opryshko - Security assessment: prepare yourself, not policies.
- Ben Whaley - The best and worst AWS security practices
- Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware)
#2 OWASP Lviv Winter Meetup 2019
Date August 28, 2019
Program
- Eduard Kiiko - Variety of Linux logging tools and their integrations
- Pavlo Zhavoronkov - Darknet security best practices
- Danial Zhuravchak - SRE: Monitoring
#3
Date October 04-05, 2019
Program
Day 1 (Workshops): Stream1:
- Кирило Гобреняк - From Zero to Hero in Web Application Security Testing with OWASP.
- Ігор Блюменталь - GraphQL Security Testing
- Володимир Стиран - Tactical Offensive Reporting
Stream 2:
- Віталій Сусукайло та Олексій Сведенюк - Power of Azure Log Analytics
- Едуард Кійко та Данило Журавчак - Boss of The SOC
- Vladimir Taratushka - Pentest + Social Engineering = Always win
Day 2:
- Kostiantyn Korsun - #FRDv2.0: new adventures
- Ewerson Guimaraes - Some Burp Kung-Fu
- Ali Huseyn Aliyev - Bluetooth Low Energy (BLE) under the microscope, attack techniques
- Eduard Kiiko and Danial Zhuravchak - Threat Hunting: DNS security
- Ricardo Fajin - Using Frida in Mobile Pentest Android
- Oksana Safronova - Normal activity detected
- Serhii Korolenko - Web vulnerabilities. In and out half an hour.
- Bohdan Lukin - Attacking Active Directory in examples
- Andrii Kudyurov - Doing OWASP ASVS audit for released products: pros, cons and a slight pain
- Nadia Klymenko - Approaches to keep your privacy
- CTF and Hacker party
#4 OWASP Lviv Winter Meetup 2019
Date December 19, 2019
Program
- Overview of DevSecOps
- Auditing Docker containers
- Infrastructure code security testingg
#1 OWASP Lviv Summer Meetup 2018
Date July 28, 2018
Program
- Stanislav Kolenkin - Practical Kubernetes Security.
- Igor Khoroshenk - AWS security fuckups. How Ops and Security misconfigurations can expose your company valuable assets.
- Oksana Safronova - Windows persistence - something old, something new, something weird. How to exploit some of the techniques and stay on the system for long enough.
- Pavlo Zhavoronkov - Extending that monster: Cuckoo functionality for Mac-based Malware analysis.
#2 OWASP Lviv Autumn Meetup 2018
Date October 1, 2018
Program
- Yuriy Rudyy - Person of Interest (locate and identify device: cell LAC, WiFi, iBeacon…)
- Igor Khoroshchenko - Data Leakages Epic Fuckups
- Vasyl Verbovyi - Sometimes, shit comes. A couple of words about routers firmware
#3
Date November 23-24, 2018
Program
Day 1 (Workshops): Stream1:
- IGOR KHOROSHCHENKO - AWS Security FUCKUPS
- BOGDAN LUKIN - WAF Evasion Techniques
- DANIAL ZHURAVCHAK - Analyze or Die - SOC game
Stream 2:
- IGOR BLUMENTAL - Content Security Policy tips and tricks
- SERHII KOROLENKO - CSRF exploitation
- Andrey Voloshin - Reverse Engineering Hardware & Firmware
Day 2:
- Eduard Babych - Intro to Bug Bounty. How to become a Bug Bounty Hunter
- Lukasz Korczyk - CSRF - why your organization shouldn’t set it to low?
- Vitaliy Mechytashvili - Safari extensions. Suspicious javascript functions. Mojave security improvements bypass
- Vlada Kulish - Wanna test IOS applications? Let the pain in
- Kostiantyn Korsun - New National Cybersecurity System: Concept
- Rener Alberto F. Silva - SPLITTER: An Approach to Difficult Correlation, Traffic Analysis and Statistical Attacks Inside TOR Network
- Yurii Bilyk - So, you want hack some device?
- Oleh Levytskyi - Security issues with Chrome extensions on a practical use-cases
- Pavlo Radchuk - Blockchain is secure (not)
- Oleksandr Yakovliev, Olesia Myshkovska - Fuzzing and searching for vulnerabilities in third-party Android services embedded by manufacturers
- Hacking QUIZ and Hacker party
Call For Papers 2021
Hey! We are happy to announce the CFP for our meetups and conferences! If you have a prepared speech with the topic related to the security we are happy to include you in our program!
Our supporters
Chapter meeting sponsors
These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.
Chapter meeting hosts
These companies have demonstrated their support for Ukrainian Application Security community by hosting our quarterly chapter meetings.