InfoSec Night: Working Group-Build a better Kali Kick Off

TOPIC: Working Group-Build a better Kali Kick Off
SUMMARY: Kali Linux is like that Swiss Army Knife that everyone has with 127 tools on it.
Some tools are used more often and for the most part the rest of it is just bloat and goes
unused. I am not saying Kali is unusable and is terrible, but wouldn't it be nice to have your own
build that is suited for you and updates and builds things the way you like every time. No
matter what you do Blue Team or Red Team you have your go to tools and development
environments. I want to start building scripts and use Dave Kennedy’s Pen Testers Framework
(PTF) to create something people can use to deploy their own environment.
I want to start building this idea and over time we make it better and better. We will all
code/script and contribute to the end goal. We all have our specialty: Wireless, Defense,
Pentesting, Compliance, Forensics, HAM, and a few more.
This is a group effort. I will not be telling you what to type into your computer to create this. We
are all creating together. We will step outside our comfort zone together and learn and grow as
INFOSEC professionals. This will be an on going Work Group that will meet on a as needed
and hopefully frequent basis to meet our goal.
GOAL:
Create custom script/framework that we can deploy on boxes for our RED/BLUE needs. Have it
on Github to share and work together. If it takes 4 repos to make different builds then so be it.
We are not gonna be perfect but we can get pretty damn close. Maybe
Things to bring:
Laptop
Github account
Ideas to make a custom RED/BLUE OS

Homework:
Download and check out Dave Kennedy’s PTF
https://github.com/trustedsec/ptf
List the tools you use and like and their pre reqs.
SKILL LEVEL: Everyone
PRESENTER: Wasabi

InfoSec Night: Working Group-Build a better Kali Kick Off

Thursday, Jul 27, 2017, 7:30 PM

Unallocated Space
512 Shaw Court Unit 105 Severn, MD

2 Members Attending

SUMMARY:Kali Linux is like that Swiss Army Knife that everyone has with 127 tools on it.Some tools are used more often and for the most part the rest of it is just bloat and goesunused. I am not saying Kali is unusable and is terrible, but wouldn't it be nice to have your ownbuild that is suited for you and updates and builds things the way yo…

Check out this Meetup →

Posted in Events | Leave a comment

INFOSEC NIGHT 20170720 Raspberry Pi Hacking/ INFOSEC After Action Report

Thank you to Everyone for coming out to INFOSEC NIGHT.

 

We had a great turn out.  I like seeing the new faces in the crowd.  I am glad more and more people are learning about INFOSEC and about Unallocated and what we have to offer.

 

I hope everyone liked the presentation.  I tried to show concepts and ideas through my own adventures with the Raspberry Pi.  This was not a hands on event because there are so many possibilities and things that can be done with this mini linux machine.

 

I absolutely take feedback and based on class interest I will work with Understudy to prepare classes for the following that were requested:

 

Bro on a Pi

-Build from a fresh OS a BRO IDS Node.

 

PiHole

-Building and Deploying a PiHole to your network

 

Raspberry Pi-neapple (build your own Wifi Pineapple)

-Take the concept of the Wifi Pineapple and build a custom angry AP for your needs

 

Wifi Pineapple Class (not Raspberry Pi but it was a class that was requested)

-101 Basics out of the box use and familariaty

-201 Intermediate (building on knowledge of Modules, Plugins, Apps or Infustions)

-301 Expert (I will be looking for help on this one.  I have not mastered this myself yet)

 

These will be classes rather than just being a Overview or Talking Point Presentation.  I will put together a parts list and class framework so keep an eye out.  Since I just got the ideas on 20July I don’t have a date for you yet when I will have these completed and are ready for public consumption.

 

If you have other ideas for talks or classes we are always open to your feedback like our kick off night.  And we are still going over the 50 ideas that were offered that night as well and finding a good time for those as well.

 

Again Thank You very much for coming out and I hope you enjoyed INFOSEC Night.  Dont forget to check out, use, and contribute to the GitHub: https://github.com/thewasabiguy/INFOSECNIGHT-20170720-RASPI

 

Don’t forget we operate on a donation and membership model to keep things up and running.  If you can please give back in anyway possible and we will keep the lights on keep the classes running.  If you have only visited for INFOSEC night take a look at our website and calendar for all kinds of other events going on at the space.

 

Have a great weekend and see you all next week.

Posted in Workshop | Leave a comment

Linux 102 Test Run – Post event announcement

Hey all,

Earlier tonight (7/17) I ran a Test Run of a Linux class that I am developing. I did so with the goal of revealing any issues with the exercises, infrastructure, and the flow of the course.
I wanted to reach out and thank all who showed up, participated, and provided the wealth of great feedback, as well as a special thanks to Bowie for letting me use the space on Project Night.

I’m compiling and organizing all of the feedback tonight, and will get started on updates to the course tomorrow which will continue up until the release of the class.
There are a ton of improvements to make and I want to thank you again for bearing with the Severn area Comcast internet outage, and the rough edges in the presentation.

I’m really encouraged that we had a full house of people interested in the finished event, and am trying to work quickly to finish up the exercises while doing service to the topic.

I am shooting for a Final release in October

For those who asked how to donate to UAS for providing free area education you can do so through: http://www.unallocatedspace.org/uas/donations-and-dues/

Thanks again!
– Flay

Posted in Events | Leave a comment

InfoSec Night: RaspberryPi Hacking/InfoSecProj­ects

TOPIC: RaspberryPi Hacking/INFOSEC Projects
SUMMARY: There are lots of cool projects on various flavors of RaspberryPis that we can try talk about or give feedback on. Anything and everything from using a Pi Zero to make a Usb Injection tool to a makeshift Angry Access Point to a rogue network device. Bring your ideas bring your after action reports and let’s all learn about some cool projects we can go home and try or definitely not try. I will specifically go over two projects I am working on, and two I want to work on and the rest will be discussion and other people sharing projects.
SKILL LEVEL: Everyone
PRESENTER: Wasabi

Please RSVP on Meetup

Posted in Events | Leave a comment

EPIC LAN Party: This Satuday, July 15th!!

It’s that time again — time for another EPIC event of the LAN Party variety!!

 

That’s right. another epic twelve hours of gaming and fragging fun!!

Bring a dish or snacks to share, if you wish, and we’ll have a spread for lunch and snacking! We’ll likely order pizza around the dinner hour, so bring $5-10 to get in on that action. 

Bring your gaming rig, whether laptop or desktop, your **UPDATED** games/clients/OS, potluck item(s), and an appetite for destruction and mayhem (virtual, that is.) 

Approximate Schedule: 

  •  12pm – 2pm Setup
  •   2pm – 5pm Free Play (we’ll see what people are interested in)
  •   5pm – 6pm Minecraft Hunger Games Style Deathmatch
  •   6pm FOOD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  •   6pm ~ 7pm TBD Tournament ‘Hot Seat’ + Dinner Break
  •   7pm- 12am Free Play (we’ll see what people are interested in)

Continue reading

Posted in Workshop | Leave a comment

InfoSec Night – Home Network Security

TOPIC:  HOME NETWORK SECURITY

SUMMARY: There were a few people really interested in improving their home network security or sharing tools and settings.  So this week we will talk about how to improve your security at home.  Some people just have the Internet Service Provider Router and the configuration it was installed with.  We will cover many topics and questions from attendees about firewalls, switches, routers, security settings for wireless routers, and much much more.

SKILL LEVEL: Everyone

PRESENTER: Wasabi

Please RSVP on Meetup

Posted in Events | Leave a comment

General Game Dev Meetup

Unallocated Space is hosting Baltimore Indie Game Developers Group for their General Game Dev Meetup on Saturday, July 8th 2017 from 11:00 am to 12:30 pm.

Come join us for a great discussion and will also be a great opportunity to discuss any games you are working on, show your game to attendees, and get them to playtest it and also a great opportunity to get feedback from the group

There will also be plenty of time to discuss game ideas and talk shop.

We’ll also gauge interest in a meetup for Ludum Dare 39, which is scheduled for July 28 2017.  If you have any interest please make sure to share that with the group.

Please feel free to visit our Meet Up and RSVP for the event!

Posted in Workshop | Leave a comment

Field Day 2017 was a success!

Field Day Seyup

Our antennas all setup during ARRL Field Day

Thank you to all who made it out to W3UAS’s 2017 ARRL Field Day operation. The event went smoothly from setup to tear down. ARRL Field Day is the single most popular on-the-air event held annually in the US and Canada. On the fourth weekend of June of each year, more than 35,000 radio amateurs gather with their clubs, groups or simply with friends to operate from remote locations. The radio operators demonstrate their ability to provide emergency communications when other infrastructure such as power, internet, and cell phones becomes unavailable.

This year Unallocated Space operated Field Day at Corey’s house in Pasadena. Thanks to the support provided by the Unallocated Space community we had good food, good fun, and an operator at the radio almost the full 24 hours of the event. We made 214 contacts cumulatively between 6 operators the 80, 40, 20, and 15 meter bands.

Besides the radio fun, we also had a pretty awesome cookout Saturday afternoon. The pork chops, burgers, and sausage were all delicious, credit to our grill masters. When the BBQ was over there was certainly no shortage of snacks to keep everyone going throughout the night. Thank you again to all who made that happen!

At the end of the day on Sunday we had some extra hands for tear down. We were all packed up in no time and we all got a chance to relax before heading back to the space.

I hope that next year we will find a location at a park or field near by the space. We’ll be able to set up a few more transmitters and get a lot more people to stop by and hang out.

Posted in Events, Ham Radio Night, Party | Tagged , | Leave a comment

An Open Forum On Incident Response with Jeff Wichman

Join us at the space for the first official InfoSec night hosted by Wasabi and Understudy77 with special guest speaker Jeff Wichman, the director of Enterprise Incident Management with Optiv security.

New or experienced in InfoSec topics, come out and enjoy some pleasant conversation and a transfer of knowledge regarding digital forensics, IT consulting, Malware analysis, security monitoring, and how fast you can get two consultants to Argentina.

Posted in Events, Workshop | Leave a comment

SDRcon at UAS

SDRCon

Exciting news! Coming Saturday, June 3rd, 2017 Unallocated Space will be hosting our second SDRcon. SDRcon is a day of talks related to Software Defined Radio (SDR), digital signal processing, reverse engineering and exploitation of wireless controlled systems, and other radio related topics.

There will be a "Show and Tell" period for those that have a brief presentation or demo. Bring your project and show it off!

Talks begin promptly at 11AM. Please be seated by 10:45

I am excited to announce some of the presenters:

  • Regi Eisenblatt presenting the BooyaSDR

    The Booya software demodulates the signals down to baseband at the full bandwidth. The Booya digitizer boards plug into the Cypress USB 3.0 SuperSpeed Explorer Kit, included. The Cypress Explorer Kit provides the USB 3 interface to the PC. The Booya SDR includes an active Mini Whip antenna to allow good radio reception in the 0 to 32 MHz band. The BooyaSDR free open source software on the PC provides a fully functioning SDR receiver application demonstrating the full Booya digitizer capability.

    http://booyasdr.sourceforge.net

  • Michael Ossmann presenting Low Cost, Open Source Spectrum Monitoring

    Over the past few months, we and other open source software developers have devised new tools allowing low cost Software Defined Radio platforms to rapidly sweep across radio frequencies in order to monitor the spectrum around us.  Our base platform is HackRF One, and we are able to monitor 1 MHz to 6 GHz every 0.75 seconds, allowing us to build up a near real-time picture of radio usage around us.  Now we are looking at new ways to visualize, analyze, and interpret this information.  This will be a look at open source hardware and software tools that enable us to monitor, analyze, and track down radio signals.

  • Adam presenting Practical Foxhunting 101

    The basic skills needed to quickly locate wireless emitters are easy to learn and no special equipment is required. Despite this, relatively few people have the know-how to put their equipment to work locating emitters as part of penetration testing, RF environment mapping, or tracking their geriatric neighbors using the emanations from their pacemakers. In this talk, you'll learn simple techniques for finding wireless emitters in the environment using readily-available equipment, and how to select and configure foxhunting gear. You'll also get a brief introduction to some more-advanced topics and techniques.

  • Corey Koval presenting Why your antenna is more important than your SDR

    You just got your first RTL-SDR, you plug in the little 4 inch antenna, turn on your SDR software, and you don't see any signals. Your SDR isn't broken, the default antenna just isn't the right tool for the job. We'll explore the different types of antennas and RF adapters that exist and explore what one will be right for you. 

 

Posted in Conferences | 1 Comment