null – The open security community n|u

[null][Humla][Pune]WebApp )-(umla, The Next Frontier, (Part -II)

// November 23rd, 2011 // No Comments » // Camps, Events

Hi nulls,

And we are Back…

After successfully Capturing the First Frontier, we are ready with our Armour to march ahead -

WebApp, The Next Frontier (Part -II)

What to expect here?

Remaining OWASP Top vulnerabilities.
Advanced Web Application Testing Scenarios.
Live Target Attacks. (Sample Application)
Any one CMS website exploitation.

We will focus on letting the users expose the application and allow them to find as much flaws as possible.

Humla In-Charge :

Prashant Mahajan a.k.a corrupt

Prashant is one of the Moderators for null Pune Chapter. Prashant has developed “Kunsa – Web Application Fingerprinting Scanner Tool”. Prashant leads the null job portal.
Prashant has been very active with Pune Cyber Crime Cell, and assisting them on various technical investigation.

Anant Shrivastava

Anant is working as a Information Security Professional at Infosys Ltd.He holds a CEH and RHCE. Has special interest in GNU / Linux, Open Source, web 2.0 and Android systems. Specially interested in web app pen testing and Android Security.

Humla Date :

27th, November, 2011
1100 Hrs to 1700 Hrs

Troop Recruitments :

Since the session would be second into the series, we expect a bit experienced crowd this time. People who wish to participate in the session, please fill up the following form.

http://goo.gl/qEz9M

Selected participants would be informed about venue and other details of the session. Applications would be accepted till 20th, November.

For more information on null Humla : http://null.co.in/2011/05/16/announcing-null-humla-offensive-hacking-workshops/

cheers
push

Moderator – null Chapter Pune

[null][Humla][Pune] WebApp Humla | 16th, October,2011

// October 2nd, 2011 // No Comments » // Camps, Events

Web App Humla

“Have you seen a CD of Google? Where is the data of Google? All the data is stored into the Cloud (Rain Clouds…). All your documents are stored into the cloud. It is called Cloud CD. When you connect your computer to internet, all your data is transferred from the cloud to your computer. BUT…yet there has been no study on, what will happen if it starts raining? What if the storm comes and the situation of the cloud changes? …” – says Vishwa Bandhu Gupta, former I-T Commissioner.

The point is indeed giving a thought…hmm… J

Pune Chapter has decided to take Mr. I-T Commissioner’s point, with its utmost seriousness and so here we are with our first Humla Workshop

Web Application Testing (study to test the cloud… )

Jokes apart.

We are very pleased to have our first Humla Workshop.

What do we plan in have it?

Starting right from the basics of the Web Applications, the workshop would involve complete insight into WebApp attacks, and methods used to thwart those. OWASP guidelines would be our theme and we would try to cover the top 4 vulnerabilities defined.

So whos our I-T Comissioner? (Trainer)

Rahul Sai a.k.a fb1h2s

Rahul is an Information Security Researcher, currently working with iSight Partners. He was the youngest speaker during nullcon – dwitiya, 2011. Rahul has also been listed in the Google Hall of Fame. Rahul has expertise in Web Application Testing and Security.

Who can attend it?

Null Humla workshops are allowed only for limited attendees. Interested candidates please fill up the below form. Please fill up the form in detail, so that it would help us to shortlist the attendees.

http://goo.gl/COKRM

When and Where?

16^th, October, 2011, Sunday.

The shortlisted attendees would be informed about he place and timings of the Humla.

For more information on null Humla : http://null.co.in/2011/05/16/announcing-null-humla-offensive-hacking-workshops/

So join us in the in-depth study of the clouds…

Security Awareness camp at SCIT on August 27th 2011

// August 26th, 2011 // No Comments » // Camps, Events

Security awareness camp for SCIT (Hinjewadi) campus.

Date and Time: 27th August 2011 17:00 onwards

Schedule:

null Humla Hyderabad 18th June 2011 – Tour de Metasploit

// June 13th, 2011 // No Comments » // Camps, Events

*null Humla Hyderabad 18th June 2011 – Tour de Metasploit *

Metasploit framework is a well known Open source Penetration testing
framework,
with lots of exploits and payloads.The project was initiated by HD
Moore and supported by a large community of security professionals.

*What will we do?*

We will start with the basics and move to more advanced usage of msf.

*So how do I get to attend this? *

If you are interested, please drop a mail to

*l30[at]null[dot]co[dot]in*
(or)
*imranceh[at]gmail[dot]com *

with the subject line: *null Humla Hyderabad 18th June 2011 – Tour de Metasploit *

*When ?*

Saturday 18th Of June 2011,1600 onwards

*Where?*

The selected people will be informed about the venue.

*What do I need to get?*

1. Get a laptop with wifi support.you need this to try metasploit *
2. bootable Backtrack / Matriux DVDs/USBs (Installed are preferable)
3. Something to munch and drink.

null Humla Hyderabad 21st May 2011 – Aircrack Hawae jugaad

// May 20th, 2011 // No Comments » // Camps, Events

null Humla Hyderabad 21st May 2011 – Aircrack Hawae jugaad

Aircrack-ng suite is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. A tool for auditing wireless network

What will we do?

Try to learn the basics underlying the wireless networks and their encryptions and cracking the WEP and WPA keys.

So how do I get to attend this?

Since this is a first of its kind in Hyderabad null chapter, initially we try to implement it in a closed group. Members who are considered to attend this event are already mailed about the venue and timings.
Others whoever are interested are requested to mail l30[at]null[dot]co[dot]in with the same subject line and request to attend
When ?

Saturday 21st May 2011

and for the timing check your attendance mail

Duration ?

?????????? (depends)

Where?

The selected people will be informed about the venue. We will be conducting this in Hyderabad.

What do I need to get?

1. Get a laptop with wifi support. You will need it to try out all the hands-on work.
2. bootable Backtrack / Matriux DVDs/USBs (Installed are preferable)

Announcing null Humla – Offensive Hacking workshops

// May 16th, 2011 // 5 Comments » // Camps, Events

Humla (meaning attack in Hindi) is a completely hands-on workshop with the clear focus on learning the tools, techniques and approaches of offensive hacking using simulated servers and networks.

Humla is different from a normal null meet in its focus and duration. The focus is on learning specific tools and techniques and the duration is about 5-6 hours of hands-on work.

null Humla Basics

• null Humla events are invite only

Keeping them exclusive allows for keeping the logistics simple, the course content focussed and the interactions very engaging.

• null Humla events are completely hands-on

The idea is to learn offensive hacking, therefore everyone is expected to come prepared and do the hands-on in a group.

• null Humla events require you to get your laptop

There is no pairing up while doing hands-on. The point is to ensure that you actually get the practice while learning.

• null Humla events are about 5-6 hours

This is an ideal time to get all 10 people up to speed and comfortable. This amount of time allows for everyone to become comfortable with the topic at hand.

• A null Humla event is led by 1-2 champions in that particular topic

One or two hackers who have the experience and skills are assigned as Humla Champions for a particular topic. They are completely responsible for the course content and ensuring that all the group members learn the concepts and the attacks.

null Humla MO

1. Applications to take part will be invited from null members.
2. The champions will select the ten best applications for the topic. This is based on the profile of the applicants and the champion’s discretion.
3. Once selected the hackers will be informed and they need to come to the workshop with the required things like laptop etc.

null Humla Topics

The following are the some of the proposed Humla workshops. These may change based on availability of Humla Champions

• Metasploit Kung-Fu
• Hacking a Web Server using SQL Injection
• Wireless Hacking 101 and Wireless Hacking 201
• Getting n00bs ready for Humla
• Backtrack Super User
• Reversing and Exploiting
• Malware Analysis in depth

New workshops will be announced on the null mailing list.

Security Awareness camp at MindTree Bangalore

// December 1st, 2010 // No Comments » // Camps

Security awareness camp for MindTree Bangalore

Date and Time: 23rd Nov 2010 3:00 PM onwards

Talk on Cyber warfare and hacking at National Police Academy, Hyderabad

// December 1st, 2010 // No Comments » // Camps

Talk on Cyber warfare and hacking at Sardar Vallabhbhai Patel National Police Academy.

Date and Time: 30th July 2010 12:00 PM

Venue: National Police Academy, Shivaramapalli, Hyderabad – 500 052, India

Security awareness camp at MindTree Pune on 26th July 2010

// December 1st, 2010 // No Comments » // Camps

Security awareness camp for Mindtree at their Pune (Hinjewadi) campus.

Date and Time: 26th July 2010 10:00 AM onwards

Venue: MindTree Ltd., Plot No. 37,
Rajiv Gandhi InfoTech & Biotech Park,
Phase – 1, MIDC, Hinjewadi, Pune 411 057

Security awareness camp at Credit Suisse Pune on 25th May 2010

// December 1st, 2010 // No Comments » // Camps

Security awareness camp for WCS-IT-Park-Pune CPE Study Circle at Credit Suisse Pune (Hinjewadi) campus.

Date and Time: 25th May 2010 01:30 PM onwards

Venue: CREDIT SUISSE | Wipro Complex,
Phase II, Rajiv Gandhi Infotech Park,
Hinjewadi, Pune-411 057, India

Schedule: