Developer summit

We are excited to announce the OWASP Developer Summit EU 2017. OWASP is providing a structured platform for Developers two full days prior to the AppSec EU 2017 conference. The Developer Summit will start with a full-day, hands-on developer session followed by two half day sessions geared towards learning about security vulnerabilities.

Come by yourself or grab a couple friends. The Developer Summit is free (no charge) for anyone who would like to participate and learn something new.

We just ask that you SIGN UP so we can get a head count to be sure we have enough space and food.


Day 1: Full Day Hands On Session

Date: Tuesday, May 9th
Time: 9am-5pm (breakfast at 9am, lunch at 12pm)
Presenter: Johanna Curiel, Vice Chair of the OWASP Board of Directors

Reverse Engineering Android Apps with Bytecodeviewer

Two important OWASP Top 10 Mobile risks are how resistant an application is against Reverse Engineering and Code Tampering. In this hands on session, we will go through the process of Reverse Engineering known Android apps (like Facebook, some banking apps,Twitter etc), or bring your own app and test it if you want!

Using hands-on techniques you will learn:


Day 2: Half Day Morning Session

Date: Wednesday, May 10th
Time: 9am-1pm (breakfast at 9am, lunch at 12pm)
Presenter: Spyros Gasteratos

Automating On-Deploy Security Testing* of web applications with ZAP and Jen

In this workshop we will go through installing and configuring Zap to work with Jenkins so that it automatically tests the deployed web application when we ask Jenkins to do so. Moreover we will write an example Zap plugin to better test specific parts of the example application.

We will go through:

Requirements: [To be announced]

Day 2: Half Day Afternoon Session

Date: Wednesday, May 10th
Time: 1pm - 5pm
Presenters: Nicole Becher & Mordecai Kraushar

Attacking your web app

There are some great OWASP projects that deal with both methodologies and tools for testing web sites. There may be even more to it! This workshop will provide the developer with a look at the offensive mindset an attacker has in attacking your web site

We will go through: