This talk will be given by Oliver Collins, founder of QUT WhiteHats. He'll introduce Linux as an OS for
ethical hacking, going over the choices you have, some useful commands to know, and the popular pentesting tools to have.
No, not that kind of networking. Our very own Haoxi (h4sh) will be taking you through the basics of
how computers interact and communicate with each other over the Internet, and how the specifications can be exploited in various ways. Notable topics include an
introduction to network layers, the use of Wireshark for monitoring and analysing packets, and how to identify open ports on a system.
Heard of shells before? Those small, cone-shaped, deserted bone homes you pick up on the beach?
Yeah, this talk has nothing to do with those. This week Tom will walk through (some) of the various ways to 'pop' a shell on a target machine, the use cases
for each, and where they fit into the privelege escalation scene. He'll explain how they work, why you want them, and give you some extra tips and tricks too.
What's in the box??? Well we can promise it won't be a head... Probably. Richard will explore
the basics of identifying and exploiting vulnerabilities on a target machine, with emphasis on the process and execution. While talking about the
various ways to attack a machine with the ultimate goal of becoming root, this will also serve as an introduction to the HackTheBox (HTB) platform, an
amazingly useful environment to practice in.
Hiding things hasn't been this exciting since backyard games of hide and seek when you were a kid.
Except the stakes here are a tiny bit bigger, and you can't pretend the user can't see your secret just because your secret can't see them...
This week Tim and Chris will introduce the concept of Cryptography, it's various implementations (including strengths and weaknesses), and talk about how such
a mysterious field has such great significance to the security of our modern-day digital lives.
It's your friendly neighbourhood hackerman! And he's here to teach you how to
exploit the web! This metaphor probably won't swing much further... Join us as Aidan explains how websites aren't nearly as secure as you once may have thought by
exploring some of the common vulnerabilities you may find in a web service (XSS, directory traversal, etc), why they arise in production code, and what you can do
to make sure you're not a developer who configures your services to be (too) vulnerable!
Haoxi returns with another exciting talk - this week we move away from the internet a bit, and start
to look at binaries compiled for *nix based systems. The world of reverse engineering is vast, and so we'll begin by investigating how code actually runs on a system,
how you can manipulate its runtime behaviour, and some general debugging practices. A couple RE challenges from picoCTF will be used to demonstrate how programs can be
reversed using various tools, and help show why programming isn't just for developers!
This isn't your typical security talk... With the Hackasat qualifiers coming up, we decided to
switch our schedule up to instead provide some topical talks on how satellites work, and how we can exploit them. This is the first of said talks, and will serve
as an introduction to the many topics to be covered over the next few weeks, in the lead up to the qualifiers.
Our resident RE expert Henry also happens to be an RF guru too! And he's here to impart his knowledge to
all of us in preparation for Hackasat - after all, satellites have to talk somehow. This week we'll be looking at exactly that, how satellites communicate with ground stations,
and with each other via radio, what kind of encodings they use to ensure reliable and comprehendible messages.
It's everyone's favourite topic - physics! Seriously though, it's awesome. And what's better than an hour
long talk on orbital mechanics and the physics behind our universe? An hour long talk on orbital mechanics and the physics behind our universe given by someone who's lived
and breathed the space sector at both NASA and SpaceX over the past 30 years! We're incredibly fortunate to be having Mr. Mike Lutomski join us to give an introduction to
some of the topics we can expect to be relevant in our research for the upcoming Hackasat competition.
Our very own mobile expert (and not just because he's constantly moving around!) Falzar has prepared a talk on,
well, mobiles! More specifically on how to break into mobiles! He'll talk about how the operating system of phones separate themselves from the ones you're used to seeing
on laptops and desktops, and how you can go about setting up a debugging environment to search for exploits...
This week Deluqs will give a talk all our Operating Systems students will very much appreciate! The process to
setting up a virtual machine using VirtualBox will be detailed, including a live demonstration with Kali. Network configuration, shared file systems and
some of the little tips and tricks that vastly improve your virtualisation experience will be shown as well!
Behnaz Hassanshahi from Oracle Labs has kindly donated her time and resources to provide us with a workshop
this week! This also acts as a follow on from Falzar's Android mobile security talk from Event-0x0C, and is an interactive session!
The tools and process to discover and exploit W2AI (Web To App Injection) vulnerabilities were covered, with an example vulnerable app.