OWASP Kyiv Winter 2021 ONLINE Meetup

“Threat Modeling Gamification for Fun and Profit” Vlad Styran · Talk (30 minutes)

In this talk, I will show how our team Threat Models during security testing projects to achieve the completeness of the scope of work. We use gamification to improve this process and I assume it is much less boring than you expect from a threat modeling session. I will share the tools we use and a…


“Using OWASP Nettacker For Recon and Vulnerability Scanning” Sam Stepanyan · Talk (30 minutes)

This talk is about the OWASP Nettacker Project, one of OWASP's "Unsung Hero" projects. Nettacker is a little-known yet awesome and powerful 'swiss-army-knife' type tool for information gathering and vulnerability scanning fully written in Python. Featuring live demo and practical usage examples


“Розвідка: пошук піддоменів” Роман · Talk (30 minutes)

Пошук публічних ресурсів та піддоменів за допомогою інструментів з відкритим кодом.


“How to find your first bug” Kyrylo · Talk (30 minutes)

We will try to build the “flow” to follow when looking for vulnerabilities on a web application security testing.