INFOSEC NIGHT: Practical Privacy with a slice of Pi

DATE: 10AUG2017
TIME: 1900-2200
TOPIC: INFOSEC NIGHT: Practical Privacy with a slice of Pi
SUMMARY:
Our privacy online has never been under more threat than it is today. With bulk data collection rampant, and ISPs obtaining the right to sell browsing history how do you maintain a practical level of privacy and take control of your digital life back.

In this talk we will discuss the different adversaries stalking you online, the common problems with your private information and data leakage, and how to protect your online presence in a practical manner on a sliding scale based on the level of impact and level of privacy that you are comfortable with.

Are you concerned with being tracked by Google, Facebook, and the like? You are not alone. Come to InfoSec Night, learn about your adversaries, and how to stay safe online. Bring a Raspberry Pi 3 and leave with a Wireless Access Point that will make TOR accessible to you.

GOAL:

1 Know your adversary and how to protect your privacy at a level of anonymity that you are comfortable with.
2 Build an AP that will use TOR to create another layer of privacy

Things to bring: Raspberry PI, sd card, power supply, crossover cable, case

Pis will be available on site in limited supply for sale.

SKILL LEVEL: Everyone
PRESENTER: httpLov3craft

Posted in Workshop | Leave a comment

INFOSEC NIGHT: Certifications Open Forum

SUMMARY:  For those in INFOSEC and starting out in INFOSEC there is a small barrier to entry to some jobs.  Ok there are a few barriers but those are not tonight’s topic.  We will talk about all the Alphabet soup Certifications that keep popping up on job requirements and the best way to tackle them.  Maybe you don’t need them and you want a leg up on your resume.  Maybe you just wanna know where to get started.  Well this night is for you.  And on that note the night is not for old INFOSEC curmudgeons to come in and talk bad about certs or your opinion on certs validity.  You will be deemed a troll and dealt with accordingly.  I should not have to say that and you know who you are.

This event is not a study group or a test prep.  It is for open discussion for those who don’t know how or where to get started.  If there is enough participation or lots of people interested in the SAME certification we can discuss the possibility of a study or prep group.  There are just too many certifications to start a class for all of them.

GOAL:  I want those that come in to get a better understanding of the Certifications their levels and how they pertain to certain jobs and job requirements.

Things to bring:  Questions, Curiosity, and a CAN DO attitude

Homework:

Find a few job requirements or job descriptions for your field or slice of INFOSEC.

SKILL LEVEL:  Everyone

PRESENTER: Wasabi

Please RSVP

Posted in Events | Leave a comment

INFOSEC NIGHT 20170727 Working Group Kali Sucks

Thank you to Everyone for coming out to INFOSEC NIGHT.

 

We started off a little slow and with some confusion and some help from the crowd I think we are on the right track.  I am not sure if I misrepresented what the idea was for the event.  I will just clarify so we are all on the same page.

 

First and foremost this is a Working Group NOT a class.  This is a thought exercise and a reason to learn some stuff or find a better way to do something.

 

I am the official cat herder.  I will attempt to do things diplomatically at first but will also keep this crazy train on track and may have to squash things to keep us going.

 

We are NOT making a new operating system.

We are NOT competitors in the hacking operating system market.

We are NOT building repositories or doing distribution.

We are NOT writing and building our own tools.

 

We are creating a script to customize vanilla Ubuntu 16.04 to our own custom build.

We are changing configs, setting, security, and a myriad of other things to the system itself.

Then we will figure out a good way to customize tool installation.

There will be files to fill out templates or lists or some way to make it specific to the 10 tools that make you the defensive or offensive person you are.

 

Saying Kali Sucks and building all this is to do the following:

Get you to stop downloading Kali and take a look at what you use for tools.

Get you to write some bash script and learn some ins and outs of configuring a OS.

Get you out of an easy comfort zone and press you to learn through beating your head against the wall.

To learn from each other.  Everyone has strengths in other areas we might be weak in.

 

 

Downloading Kali is easy, Having someone else do it is easy.  We are taking a hands on approach.  Fork it.  Make it yours.  Feel cool that you learned along the way.

 

THE HOMEWORK:

 

Again take a look at Dave Kennedy’s PTF from Trusted Sec.  This is to help us frame how we want to do this.

 

I am starting the outline for the first shell script.

 

Join Slack

Join Github

 

 

We are doing once a Month at this time.  Most of our communication will be done via Unallocateds Slack channel #infosec.  We dont have to be in the same room to contribute to the github so that makes it easy.

 

 

See you next time.

Posted in Events | Leave a comment

InfoSec Night: Working Group-Build a better Kali Kick Off

TOPIC: Working Group-Build a better Kali Kick Off
SUMMARY: Kali Linux is like that Swiss Army Knife that everyone has with 127 tools on it.
Some tools are used more often and for the most part the rest of it is just bloat and goes
unused. I am not saying Kali is unusable and is terrible, but wouldn't it be nice to have your own
build that is suited for you and updates and builds things the way you like every time. No
matter what you do Blue Team or Red Team you have your go to tools and development
environments. I want to start building scripts and use Dave Kennedy’s Pen Testers Framework
(PTF) to create something people can use to deploy their own environment.
I want to start building this idea and over time we make it better and better. We will all
code/script and contribute to the end goal. We all have our specialty: Wireless, Defense,
Pentesting, Compliance, Forensics, HAM, and a few more.
This is a group effort. I will not be telling you what to type into your computer to create this. We
are all creating together. We will step outside our comfort zone together and learn and grow as
INFOSEC professionals. This will be an on going Work Group that will meet on a as needed
and hopefully frequent basis to meet our goal.
GOAL:
Create custom script/framework that we can deploy on boxes for our RED/BLUE needs. Have it
on Github to share and work together. If it takes 4 repos to make different builds then so be it.
We are not gonna be perfect but we can get pretty damn close. Maybe
Things to bring:
Laptop
Github account
Ideas to make a custom RED/BLUE OS

Homework:
Download and check out Dave Kennedy’s PTF
https://github.com/trustedsec/ptf
List the tools you use and like and their pre reqs.
SKILL LEVEL: Everyone
PRESENTER: Wasabi

InfoSec Night: Working Group-Build a better Kali Kick Off

Thursday, Jul 27, 2017, 7:30 PM

Unallocated Space
512 Shaw Court Unit 105 Severn, MD

2 Members Attending

SUMMARY:Kali Linux is like that Swiss Army Knife that everyone has with 127 tools on it.Some tools are used more often and for the most part the rest of it is just bloat and goesunused. I am not saying Kali is unusable and is terrible, but wouldn't it be nice to have your ownbuild that is suited for you and updates and builds things the way yo…

Check out this Meetup →

Posted in Events | Leave a comment

INFOSEC NIGHT 20170720 Raspberry Pi Hacking/ INFOSEC After Action Report

Thank you to Everyone for coming out to INFOSEC NIGHT.

 

We had a great turn out.  I like seeing the new faces in the crowd.  I am glad more and more people are learning about INFOSEC and about Unallocated and what we have to offer.

 

I hope everyone liked the presentation.  I tried to show concepts and ideas through my own adventures with the Raspberry Pi.  This was not a hands on event because there are so many possibilities and things that can be done with this mini linux machine.

 

I absolutely take feedback and based on class interest I will work with Understudy to prepare classes for the following that were requested:

 

Bro on a Pi

-Build from a fresh OS a BRO IDS Node.

 

PiHole

-Building and Deploying a PiHole to your network

 

Raspberry Pi-neapple (build your own Wifi Pineapple)

-Take the concept of the Wifi Pineapple and build a custom angry AP for your needs

 

Wifi Pineapple Class (not Raspberry Pi but it was a class that was requested)

-101 Basics out of the box use and familariaty

-201 Intermediate (building on knowledge of Modules, Plugins, Apps or Infustions)

-301 Expert (I will be looking for help on this one.  I have not mastered this myself yet)

 

These will be classes rather than just being a Overview or Talking Point Presentation.  I will put together a parts list and class framework so keep an eye out.  Since I just got the ideas on 20July I don’t have a date for you yet when I will have these completed and are ready for public consumption.

 

If you have other ideas for talks or classes we are always open to your feedback like our kick off night.  And we are still going over the 50 ideas that were offered that night as well and finding a good time for those as well.

 

Again Thank You very much for coming out and I hope you enjoyed INFOSEC Night.  Dont forget to check out, use, and contribute to the GitHub: https://github.com/thewasabiguy/INFOSECNIGHT-20170720-RASPI

 

Don’t forget we operate on a donation and membership model to keep things up and running.  If you can please give back in anyway possible and we will keep the lights on keep the classes running.  If you have only visited for INFOSEC night take a look at our website and calendar for all kinds of other events going on at the space.

 

Have a great weekend and see you all next week.

Posted in Workshop | Leave a comment

Linux 102 Test Run – Post event announcement

Hey all,

Earlier tonight (7/17) I ran a Test Run of a Linux class that I am developing. I did so with the goal of revealing any issues with the exercises, infrastructure, and the flow of the course.
I wanted to reach out and thank all who showed up, participated, and provided the wealth of great feedback, as well as a special thanks to Bowie for letting me use the space on Project Night.

I’m compiling and organizing all of the feedback tonight, and will get started on updates to the course tomorrow which will continue up until the release of the class.
There are a ton of improvements to make and I want to thank you again for bearing with the Severn area Comcast internet outage, and the rough edges in the presentation.

I’m really encouraged that we had a full house of people interested in the finished event, and am trying to work quickly to finish up the exercises while doing service to the topic.

I am shooting for a Final release in October

For those who asked how to donate to UAS for providing free area education you can do so through: http://www.unallocatedspace.org/uas/donations-and-dues/

Thanks again!
– Flay

Posted in Events | Leave a comment

InfoSec Night: RaspberryPi Hacking/InfoSecProj­ects

TOPIC: RaspberryPi Hacking/INFOSEC Projects
SUMMARY: There are lots of cool projects on various flavors of RaspberryPis that we can try talk about or give feedback on. Anything and everything from using a Pi Zero to make a Usb Injection tool to a makeshift Angry Access Point to a rogue network device. Bring your ideas bring your after action reports and let’s all learn about some cool projects we can go home and try or definitely not try. I will specifically go over two projects I am working on, and two I want to work on and the rest will be discussion and other people sharing projects.
SKILL LEVEL: Everyone
PRESENTER: Wasabi

Please RSVP on Meetup

Posted in Events | Leave a comment

EPIC LAN Party: This Satuday, July 15th!!

It’s that time again — time for another EPIC event of the LAN Party variety!!

 

That’s right. another epic twelve hours of gaming and fragging fun!!

Bring a dish or snacks to share, if you wish, and we’ll have a spread for lunch and snacking! We’ll likely order pizza around the dinner hour, so bring $5-10 to get in on that action. 

Bring your gaming rig, whether laptop or desktop, your **UPDATED** games/clients/OS, potluck item(s), and an appetite for destruction and mayhem (virtual, that is.) 

Approximate Schedule: 

  •  12pm – 2pm Setup
  •   2pm – 5pm Free Play (we’ll see what people are interested in)
  •   5pm – 6pm Minecraft Hunger Games Style Deathmatch
  •   6pm FOOD!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
  •   6pm ~ 7pm TBD Tournament ‘Hot Seat’ + Dinner Break
  •   7pm- 12am Free Play (we’ll see what people are interested in)

Continue reading

Posted in Workshop | Leave a comment

InfoSec Night – Home Network Security

TOPIC:  HOME NETWORK SECURITY

SUMMARY: There were a few people really interested in improving their home network security or sharing tools and settings.  So this week we will talk about how to improve your security at home.  Some people just have the Internet Service Provider Router and the configuration it was installed with.  We will cover many topics and questions from attendees about firewalls, switches, routers, security settings for wireless routers, and much much more.

SKILL LEVEL: Everyone

PRESENTER: Wasabi

Please RSVP on Meetup

Posted in Events | Leave a comment

General Game Dev Meetup

Unallocated Space is hosting Baltimore Indie Game Developers Group for their General Game Dev Meetup on Saturday, July 8th 2017 from 11:00 am to 12:30 pm.

Come join us for a great discussion and will also be a great opportunity to discuss any games you are working on, show your game to attendees, and get them to playtest it and also a great opportunity to get feedback from the group

There will also be plenty of time to discuss game ideas and talk shop.

We’ll also gauge interest in a meetup for Ludum Dare 39, which is scheduled for July 28 2017.  If you have any interest please make sure to share that with the group.

Please feel free to visit our Meet Up and RSVP for the event!

Posted in Workshop | Leave a comment