Category: About

null Security Community in Numbers

null Security Community described in Numbers

When we started null – The Open Security Community, we didn’t really plan beyond the monthly gathering of infosec peeps and enthusiasts in cities like Pune and Bangalore.

We didn’t ask for registration, take any attendance (beyond a cursory head count) and things were swell.

What we didn’t really think about (atleast I didn’t) was that we would still be doing this with enthusiasm and passion 5 and 1/2 years after we started. It is quite natural to start thinking about the next level after gaining proficiency in doing security related events month after month.

@abh1sek was kind enough to create swachalit for us. Since then we realised that there is a need to track our progress and the metrics will help us do exactly that!

Numbers are a great way to see where have we reached from where we were. They offer an objective insight into how we are growing and hopefully we will be offering more of these in the coming months.

Please do let people in your networks know about the great work the tireless volunteers of null – Open Security Community are doing around India and now even in Europe!

Links to the infographics
http://null.co.in/wp-content/uploads/2014/12/null-infographic-2.jpg
http://null.co.in/wp-content/uploads/2014/12/null-infographic-1.jpg

null By numbers
null By numbers
null By numbers
null By numbers

null – The Open Security Community

null is a registered not for profit society set up to spread awareness about Information Security and to further research in this field as well. From its humble beginnings in Pune to being a national level organisation in just over 3 years has been possible because of the amazing community of volunteers who are definitely drawn to working with null due to its non-profit status.

While we have grown in stature and status our communication hasn’t always kept up with that growth. We plan to blog more so that we can keep you updated about how we are planning to grow and how you can help us in the same.

For now see the piece of paper which is evidence of us being a not for profit Society.

null Registered non-profit Society

FAQs

Question:  I want to learn hacking, should I do any certification? What certification are recommended for learning /ethical hacking?

Answer:  We believe certification won’t improve your “hacking” skills, however it won’t hurt them either :).
If you are seriously considering a career in security industry then certifications will surely help you build a profile. Following are few of the certifications for security professionals.

1. GIAC
2. CISSP/CSSLP
3. OSCP
4. CISA
5. CEH/ECSA/LPT
———————————————————————————————–

Question:  Which institute is good for doing XYZ certification?

Answer:  We do not suggest any name, it all depends on trainee / trainer skill / Interest levels. Whatever suggestion you will get from null members, that is totally based on their own personal experience and in no way reflects any recommendations from null.

———————————————————————————————–

Question:  I am a novice and have no previous knowledge of computers? How do I learn hacking?
How do I hack XYZ?

Answer:  Please don’t ask these questions in the mailing list.
Almost all technologies involved can be easily found and learned with a little search. If you get stuck and have pointed questions then do shoot at the list.
NOTE: These questions are universally considered “lame”, a query on your part can invite ridicule,criticism. So do a little hard work, others will always appreciate your effort.

Mailing List Charter

null mailing list charter

Introduction

null is an open forum dedicated to discussion and distribution of information pertaining to security vulnerabilities, exploits and security fixes. null aspires to nurture an active community of security researchers working towards addressing the most critical of security challenges, meanwhile spreading security awareness by encouraging responsible disclosure, conducting security trainings and awareness camps for corporations, students, government and other establishments.

Mailing list subscription

URL: http://groups.google.com/group/null-co-in

To request to subscribe to the group, please visit the following page:

http://groups.google.co.in/group/null-co-in/subscribe?hl=en-GB

To post to this group, send email to null-co-in@googlegroups.com

To unsubscribe from this group, send email to null-co-in+unsubscribe@googlegroups.com

Posting any Job Requirements – http://jobs.nullcon.net

For more options, visit this group at http://groups.google.co.in/group/null-co-in?hl=en-GB

Posting Guidelines

Post should NOT contain:

  • Any foul language, personal derogatory statements, attack towards any ethnic group, gender, religion or other affiliations.
  • Pornography, spam.
  • Personal replies. For example replies like: Thanks, Wow!, nice, I like it, nice email, nice idea, congratulations
  • Gratuitous advertising, marketing, self-promotion. If you would like to send a commercial email, please send a request to info |at| null.co.in. The final decision of allowing a commercial mail rests with the moderators.
  • Job Requirements/requests. If you want to advertise your Job requirements, kindly post them on n|u jobs portal http://jobs.nullcon.net. Job seekers kindly apply for jobs through the same portal.
  • Questions like “How do I hack Gmail/Yahoo/ password?” Or “How to hack this site?”
  • Content not related to information security.
  • Queries regarding null meets. null chapter monthly meets are open to all. There is no registration required. Anyone can attend the meets and invite their friends/relatives as well.
  • Post containing only shortened URLs. For example: nice hack – http:// bit.ly/ f00b4r
  • Everyone has a right to their opinion, criticism is acceptable but scolding, flaming, trolling will not be tolerated. In case you don’t appreciate criticism by other members please don’t email moderator(s), there is always the option to unsubscribe.
  • Please take the time to search through previous posts/FAQs/search engines to find answers before posting a new thread.
  • Irresponsible disclosures. If you would like to report a vulnerability, please send an email with the details of the vulnerability to keeda |at| null.co.in and we will make sure you get your due credit.

What we usually reject, with examples

  • This is a response received for someone asking a question on SQL Injection: “SQL Injection might be blocked, try SQLi.” Which, to be honest, makes no sense at all. If the person responding would have mentioned what he meant by SQLi we could have let it through.
  • Another set of question that gets asked quite often and is rejected: “Should I do CEH?” (or CISSP or ANY OTHER CERT) I mean, that’s the whole question. If there is no background on why you are in doubts to do it, this makes a very generic question. Give us some reasoning, some background and we’ll let it through for people to help you out. And another criteria for this sort of a question is that, it should not have been asked in the same month or two by someone else.
  • Other commonly rejected response is: “+1″, “Thanx!” etc. We usually accept the “Thanks” response from the person who posted the original question but not from others. If you found some question useful, add some more details like “Thanks! I found your reply useful for me as well because I could bypass our companies PHP filter with it”.
  • Repeat Answers, Yes! This is a very generic problem that we have but we don’t block it as often as we should. Once someone replies that you should “Use the XYZ framework and it will help you out” others reply with “Using XYZ framework should help”, “Framework XYZ is helping me a lot” etc. Unless you add something more than what the initial response said, refrain from posting.
  • Hijacking threads, A lot of people tend to post their question on someone else’s thread or a very old thread, which is not allowed to pass through to the list most of the time. Even if your initial part contains answer to the original question. So, please start a new thread, that’s the only advice we can give.

Moderation/ Administration

All new members are put under moderation by default. As and when they start posting to the list their IDs are removed from moderation. The list is expected to be self-policing like any other public mailing list, however on violation of any of the above mentioned rules, moderator(s) reserves the right to remove the mail thread or even ban the offending member from the forum with or without any warning.

Disclaimer

null or moderator(s) do not approve, validate, endorse or recommend any views, thoughts, content, tools, exploits, disclosures, vulnerability posted on mailing list by third party (i.e. anyone other than the moderator(s)). The list falls under public preview and due to the nature of the list where issues pertaining to security are discussed, members should exercise their discretion before posting any sensitive content on the null mailing list. The author will be held responsible and accountable for their post on the null mailing list. While moderator(s) makes every effort to remove any inappropriate content from the list, NULL OR ITS MODERATOR(S) CANNOT BE HELD RESPONSIBLE OR LIABLE FOR ANY DAMAGE CAUSED BY A POST IN ANY WAY. In case there are legal implications of a post, null stand to fully cooperate with any law enforcement agency that requires information available with us. This charter and its terms and conditions are subject to change without any prior intimation. The latest null Mailing list charter will be available at http://null.co.in and will also be circulated periodically through null mailing list. All the members should adhere to the current Terms and Condition of this charter. If you do not agree to the terms and conditions, please unsubscribe from the null mailing list.

What | Who | When | Where | Why | How

About null

null is an open security community for ethical hackers, security professionals and security enthusiasts, born out of the need for:

  • Promoting advanced security research.
  • Spreading security awareness among the netizens.
  • A Centralized knowledge base for security related information.

It was founded by Aseem Jakhar in Jan 2008.

Vision

Move towards immunity from security.

Mission

  • Advanced security research.
  • Create a disclosure platform.
  • Design/Develop innovative solutions to combat current/emerging threats.
  • Define a “Must-Have” security knowledge-base for different roles (programmer, QA, admin, end user).
  • Spread security awareness.
  • Organize Meetings/Conferences/Trainings/Awareness camps.