I participated in the NASA Space Apps Hackathon again in 2018. It is a weekend long competition. My team planned to build a server in Node.js and an Android app that would communicate with the server. The app, titled Launch Now, would show upcoming launches, who is doing the launch, what is being launched, etc.
Presentation Archives - David Petrasovic
Efail is an attack that can decrypt PGP (Pretty Good Privacy) encrypted emails without the private key or knowing the passphrase. The talk was presented at OWASP at Shopify.
This was also a challenge for a CTF (Capture The Flag) by Hack All The Things. A sample of the exploit can be found on GitHub
I participated in the NASA Space Apps Hackathon which is a weekend long competition. I created an application called Shadowfax that allows the user to see a 3D visualization of satellites orbiting Earth, with the ability to zoom into a third person view. There is a server and client component to the application. The server makes a request to publically available TLE data from NORAD. When the client requests data from the server for specific satellites, the server converts the TLE data into cartesian coordinates for every 5 minutes for the specified duration (default 24 hours). The user can view the satellites motion in real time, accelerate time or reverse time. The swath of the satellites largest sensor is visible as a circle on the surface of the earth below the satellites. The application was well received by the panel of judges and won first place in Ottawa. For more details view on GitHub or view the project page
NodeJS Security Best Practices is a talk that I have done at OWASP Ottawa, OWASP Kanata and OttawaJS. It is intended to be digestible and impactful for both entry level and seasoned NodeJS developers as well as the wider security community. The talk includes justifications and examples for why it is important to do some of the practices where the reasoning may not be obvious (such as setting HTTP headers to prevent clickjacking).