OWASP Sydney


Welcome to the OWASP Sydney Chapter home page!

The OWASP Sydney Chapter was active in 2019 and is being rebooted in 2020. We organise local events throughout the year.

The chapter leaders are Ric Campo, Jack Gifford, and Sherry Liu.

Our Goals

We aim to bring together people from research, academia and industry to motivate, and empower others to pursue a career in cybersecurity. By raising awareness against discrimination within the workforce, we work towards increasing diversity and equality in cybersecurity.

We are committed to helping discover the next generation of cybersecurity talent. We aim to offer mentorship programs to educate those new to cybersecurity, and provide talks from industry professionals to showcase all cybersecurity has to offer.

We want to help you connect with like-minded individuals. Whether you are new to cybersecurity or a seasoned veteran, our goal is to build a community where everyone can openly discuss and explore current issues in cybersecurity, employment opportunities and more. By providing networking opportunities, we want everyone to get involved in the community and establish relationships with new people.

No cybersecurity summit would be complete without CTF events! We aim to hold an annual end of year competition where participants compete for a shot at glory and a cash prize.

Upcoming Events

Event: Fun with Hack The Box
Date: 12th August 2021
Link: https://www.meetup.com/OWASP-Sydney-Chapter/events/279765763/

Event: Continuous Security - Building Security Into Your Pipelines
Date: 17th August 2021
Link: https://www.meetup.com/OWASP-Sydney-Chapter/events/279554653/

Event: Fun with Hack The Box
Date: 14th October 2021

Follow us on our socials to stay updated, we are on MeetUp, LinkedIn, Facebook, and Discord.

Interested In Speaking?

We are always open to speakers who want to present a talk that aligns with our Chapter goals. If you are interested, please email your proposed topic, abstract, and brief speaker bio to Ric Campo.

OWASP Statement on Participation

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Chapters are led by local leaders in accordance with the Chapter Leader Handbook. Financial contributions should only be made online using the authorized online donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP Project, independent research, or related software security topic you would like to present.

Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Channel. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.

Past Events

Past event recordings will be uploaded to our YouTube channel: https://www.youtube.com/channel/UCKx3H-oNkly9cwKRpFziCag?view_as=subscriber

Threat Modelling 101 + 1

Date: 18th May 2021

Special guest Abhijeth Dugginapeddi demonstrates technical and non-technical approaches to understanding threat modelling so that everyone, even with varying levels of skill will be able to participate and deepen their knowledge.


Abhijeth Dugginapeddi
Abhi currently Heads a security team at BigCommerce, Lectures at UNSW and Mentors Strobes a Security orchestration startup. He also spoke at several international conferences like Defcon, Blackhat, OWASP AppSec USA and B-sides. Abhijeth is also an active researcher and has found vulns in major tech companies like Google, Facebook, Yahoo and eBay. He is also interested in Digital Marketing, Product Design and Growth Hacking.

Fight Club Feb

Date: 21st April 2021

Our every second-month CTF where we let you unleash your most brutal attacks! Check out the Fight Club Leaderboard for the running scoreboard!

Bridging The Cybersecurity Skill Gap

Date: 25th March 2021

Researcher and educator Yenni Tim addresses the need for stronger collaboration between higher education and the industry, and how collaboration leads to a successful outcome in both students beginning their career and organisations hunting for talent.


Yenni Tim
Yenni Tim is an educator and researcher at UNSW’s School of Information Systems and Technology Management. She believes in career-focused education and is committed to working with students to develop the skills sets they need to enter a rapidly changing digital environment. Yenni’s research focuses on digital resilience, with her work including the design and use of technology for pandemics and disaster response, and the building of cyber resilience amidst persistent security threats.

Fight Club Feb

Date: 17th February 2021

Our every second-month CTF where we let you unleash your most brutal attacks! Check out the Fight Club Leaderboard for the running scoreboard!

Jingleton Hack for Beginners 2020

Date: 21st December, 2020 - 4th January, 2021

Our annual Christmas web application security CTF for beginners. Check out the Jingleton leaderboard for the final scores!

How To Become A Security Specialist

Date: 21st October, 2020

Special guest speakers Ricki Burke and Lukasz Gogolkiewicz discuss some of the challenges of getting into the security job market and overcoming them to land your first role in the field.


Ricki Burke
Ricki is heavily involved in the infosec community and is one of Australia’s leading cyber security recruiters. He is the founder of CyberSec People, where him and his team support organisations in hiring skilled infosec professionals.

Lukasz Gogolkiewicz
Lukasz is a highly proficient security professional who heads up Corporate Security at SEEK. He has worked with some of the world largest banks and financial organisations, has worked with federal, state and local governments, presented at and organised a number security conferences, and helps mentor the next generation of security professionals.

OWASP ASVS V.4 for Startup Founders and Developers

Date: 22nd May, 2019

A short talk on the OWASP Application Security Verification Standard (ASVS) project and an opportunity to meet and get to know the local community. The primary purpose of the OWASP ASVS project is to standardise web application security verification by providing a basis for testing web application security controls and providing developers with a list of requirements for secure development.


Hemi Gur-Ary
A cybersecurity expert with an extensive application and cloud security experience gained as a security manager in the finance and startup industries in Israel. Hemi Gur-Ary specialises in security architecture, engineering and operations management.

Fight Club leaderboard

See our running leaderboard below!

Jingleton Hack For Beginners Leaderboard 2020

Introduction Video: https://www.youtube.com/watch?v=kQ3J87KOM9Y
Closing Video: https://www.youtube.com/watch?v=rQr2SwGXZrM


The Offensive Labs training content is based on real world experiences and examples. All courses are comprehensive and highly hands-on. Our vision is to provide quality online training at an affordable price and make it an enjoyable experience

Find cybersecurity related resources here!

Web Security Testing Guide Checklist

OWASP Vulnerability Management Guide

PyGoat - Vulnerable Web Application

Markdown Cheatsheet