Presentation Archives - David Petrasovic

Launch Now

NASA Space Apps Hackathon (2018)

By | | No Comments

I participated in the NASA Space Apps Hackathon again in 2018. It is a weekend long competition. My team planned to build a server in Node.js and an Android app that would communicate with the server. The app, titled Launch Now, would show upcoming launches, who is doing the launch, what is being launched, etc.

Not too far into the competition I found an API that would negate the need for the node.js server I was writing.

For more details on the Android app, you can view on GitHub or view the project page.

Efail Opening Slide

Efail Presentation

By | | No Comments

Efail is an attack that can decrypt PGP (Pretty Good Privacy) encrypted emails without the private key or knowing the passphrase. The talk was presented at OWASP at Shopify.

This was also a challenge for a CTF (Capture The Flag) by Hack All The Things. A sample of the exploit can be found on GitHub

View Slides

Hash Length Extension Attack Presentation

HLEA Presentation

By | | No Comments

What is a Hash Length Extension Attack? This is what I aimed to answer with talk. It goes into as much detail as is required to understand the concept. The talk was presented at OWASP at Shopify as well as at Nokia.

View Slides

Shadowfax

NASA Space Apps Hackathon (2017)

By | | No Comments

I participated in the NASA Space Apps Hackathon which is a weekend long competition. I created an application called Shadowfax that allows the user to see a 3D visualization of satellites orbiting Earth, with the ability to zoom into a third person view. There is a server and client component to the application. The server makes a request to publically available TLE data from NORAD. When the client requests data from the server for specific satellites, the server converts the TLE data into cartesian coordinates for every 5 minutes for the specified duration (default 24 hours). The user can view the satellites motion in real time, accelerate time or reverse time. The swath of the satellites largest sensor is visible as a circle on the surface of the earth below the satellites. The application was well received by the panel of judges and won first place in Ottawa. For more details view on GitHub or view the project page

NodeJS Security Best Practices

By | | No Comments

NodeJS Security Best Practices is a talk that I have done at OWASP Ottawa, OWASP Kanata and OttawaJS. It is intended to be digestible and impactful for both entry level and seasoned NodeJS developers as well as the wider security community. The talk includes justifications and examples for why it is important to do some of the practices where the reasoning may not be obvious (such as setting HTTP headers to prevent clickjacking).

View Slides