Category: Camps

[null][Humla][Pune]Hack the Invisble … Air Borne Humla – Strike – II

Hi nulls,

With the successful first strike of our Air Borne Humla, we are pleased to announce the second schedule of the HUMLA … Boost up your armory and dust your jet wings for the Air Borne Humla Part – 2.

“Hack the Invisible . . . Air Borne HUMLA PART 2″

Well, nowadays Cracking WiFi passwords is not a big challenge. But the problem can arise as per different situations. There might not be same scenario for cracking process every time. This PART 2 of Wireless Security session will walk you through different scenarios which may arise in WPA/2 cracking process and how to tackle these different problems.

Contents for Part 2:
Part 1 had focused on Basics of Wireless Security and Cracking of WEP in different scenarios.
Part 2 will focus different attacks on WPA/WPA2 PSK from Basics to Advanced level.

Overall Contents will be as :-
0. Lab Setup
1. Understanding of WPA/2
2. Cracking of WPA/2
3. Cracking WPA/2 in different real-life Scenarios
4. Cracking WPA/2 for Non-Dictionary pass-phrase.

Who is the Air Commander … ?
Mr. Swaroop YermalkaR
Swaroop is a Student in MIT Institute, Pune. He has done significant amount of work in Wireless Security. His articles on Wireless Security were published in ClubHack Magazine in the issues of month September 2012, October 2012, November 2012 and December 2012.He has also presented in Pune null Meets on topics like “Cracking WPA-WPA2 using Non-Dict Attacks.” and “Hijacking Bluetooth Headsets.” He has also worked with Cyber Cell Pune Police in Programs such as ‘Cyber Safe Pune’.

When will we strike… ?
20th January 2012, Sunday.
10:00 AM to 01:00 PM

What Do I need to Get Along…?
1.) Own Laptop. – Mandatory
2.) Own Wireless Hacking Kit / Hardware – Preferred

We will be selecting the participants. Please fill in the form below. Selected participants would be informed about the Address (but would be in Pune) of the session.

http://goo.gl/kwxCK

Participants are expected to read and go through the Wireless Security before attending.

Humla Sessions are Free for all, but only Selected participants are allowed.
For more information on “null Humla Sessions” please visit http://null.co.in/2011/05/16/announcing-null-humla-offensive-hacking-workshops/

Regards
push

[null][Humla][Pune] Hack the Invisible . . . Air Borne HUMLA

Hi nulls,

Do you know your Data is in the Air??? Anyone around can breathe in your Data…
Wireless Data Networks or more commonly known as WiFi are now found everywhere around us. Government, Private Malls, Organizations have now been providing Free WiFi access to public, customers and its employees. Free WiFi zones are setup on public places like Airports, Markets, Railway Stations, etc. Users also use other Wireless Technology like Bluetooth, Infra-red, etc. in their Mobile Phones, Cars, TVs,etc.
The feasibility to access these networks have made it popular among the masses and the demand has been increasing.

But at the same time, are the users sure that these Networks are secure or not. An attacker can compromise into the Wireless Networks and use the connection without authorization. Attacker may sniff your data being transferred over the Wireless Networks.
So the Hows this Air Borne HUMLA done and how can we users prevent it…

We will be having Wireless Security Humla Session…
“Hack The Invisible . . . Air Borne HUMLA”
This will be one of the first session in this series.

What will You Learn… ?
The contents for the first part can be like below-
0. Lab Setup
1. Basics of WiFi
2. Basics of WiFi Cracking
3. WiFi sniffing
4. WEP cracking

Since it is the first session, we will be starting from Basics of Wireless Security. Next session will move on to Advance Wireless Security. Participants who are willing to participate in advance sessions, will be expected to attend this session as well. They can share their knowledge among others.

We will be selecting the participants. Please fill in the form below. Selected participants would be informed about the Address (but would be in Pune) of the session.

http://goo.gl/BNWP4

When is it … ?
15th December 2012, Saturday.
09.30 AM to 12.30 PM

Who is the Air Commander … ?
Mr. Swaroop Yermalkar
Swaroop is a Student in MIT Institute, Pune. He has done significant amount of work in Wireless Security. His articles on Wireless Security were published in ClubHack Magazine in the issues of month September 2012, October 2012, November 2012. He has also presented in Pune null Meets on topics like “Cracking WPA-WPA2 using Non-Dict Attacks.” and “HIjacking Bluetooth Headsets”

What Do I need to Get Along…?
1.) Own Laptop. – Mandatory
2.) Own Wireless Hacking Kit / Hardware – Preferred

Participants are expected to read and through the Wireless Security Basics before attending.

Humla Sessions are Free for all, but only Selected participants are allowed.
For more information on “null Humla Sessions” please visit http://null.co.in/2011/05/16/announcing-null-humla-offensive-hacking-workshops/

Regards
push

[null] null Humla Workshop | Basic Android Hacking | Bangalore 21st July 2012

Android is a Linux-based operating system for mobile devices such as
smartphones and tablet computers. It is developed by the Open Handset
Alliance, led by Google. Android offers various security features and
sandboxing for its applications. Understanding the architecture and
its API will allow us to learn android application assessment, reverse
engineering techniques and malware analysis of android applications.

What will I learn?
There has been a lot of interest amongst null members towards Android
Hacking and Reverse Engineering. There are several areas of Android
Hacking that will be covered in future Humla sessions, however this
being the first, will cover the Basics of Android Security. Humla
champion Ankur Bhargava will lead us through the journey of Android
Security right from the setup of all the required tools, SDK and
various documentation to the mastery of performing Security review and
assessments including reversing Android apps and possibly even
developing methods to finding vulnerabilities that can be used to root
Android devices.
Although there is a lot of documentation for Android Hacking, what we
need to learn is how to use it effectively. *Selected hackers will get
the detailed course contents. *

Who is this Humla Champion?
Ankur is a seasoned Android Security expert from the null Bangalore
chapter and is working as a Security Analyst in IBM ISL. His area of
interest are Web and Mobile Security. He has presented in many of the
security conferences and workshops like C0c0n(2010,2011), Nullcon 2012
on topics like PDF Exploits and Android Security.

When is it?
* Saturday 21st July 2012 *

Where is it?
null Bangalore Chapter

What do I need to get?
1. Get a laptop. You will need it to try out all the hands-on
work.
2. Get something to munch and drink.
3. Get some lunch money.
The android SDK and all the documentation will be provided.

More Information about null Humla
null Humla Offensive Hacking Workshops
Announcement [http://null.co.in/2011/05/16/announcing-null-humla-
offensive-hacking-workshops/]

Regards,
karniv0re
http://www.riyazwalikar.com

[null][Humla][Pune]WebApp )-(umla, The Next Frontier, (Part -II)

Hi nulls,

And we are Back… :)

After successfully Capturing the First Frontier, we are ready with our Armour to march ahead –


WebApp, The Next Frontier (Part -II)

What to expect here?

Remaining OWASP Top vulnerabilities.
Advanced Web Application Testing Scenarios.
Live Target Attacks. (Sample Application)
Any one CMS website exploitation.

We will focus on letting the users expose the application and allow them to find as much flaws as possible.

Humla In-Charge :

Prashant Mahajan a.k.a corrupt

Prashant is one of the Moderators for null Pune Chapter. Prashant has developed “Kunsa – Web Application Fingerprinting Scanner Tool”. Prashant leads the null job portal.
Prashant has been very active with Pune Cyber Crime Cell, and assisting them on various technical investigation.

Anant Shrivastava

Anant is working as a Information Security Professional at Infosys Ltd.He holds a CEH and RHCE. Has special interest in GNU / Linux, Open Source, web 2.0 and Android systems. Specially interested in web app pen testing and Android Security.

Humla Date :


27th, November, 2011
1100 Hrs to 1700 Hrs

Troop Recruitments :

Since the session would be second into the series, we expect a bit experienced crowd this time. People who wish to participate in the session, please fill up the following form.

http://goo.gl/qEz9M

Selected participants would be informed about venue and other details of the session. Applications would be accepted till 20th, November.

For more information on null Humla : http://null.co.in/2011/05/16/announcing-null-humla-offensive-hacking-workshops/

cheers
push

Moderator – null Chapter Pune

[null][Humla][Pune] WebApp Humla | 16th, October,2011

Web App Humla

“Have you seen a CD of Google? Where is the data of Google? All the data is stored into the Cloud (Rain Clouds…). All your documents are stored into the cloud. It is called Cloud CD. When you connect your computer to internet, all your data is transferred from the cloud to your computer. BUT…yet there has been no study on, what will happen if it starts raining? What if the storm comes and the situation of the cloud changes? …” – says Vishwa Bandhu Gupta, former I-T Commissioner.

 

The point is indeed giving a thought…hmm… J

Pune Chapter has decided to take Mr. I-T Commissioner’s point, with its utmost seriousness and so here we are with our first Humla Workshop

Web Application Testing (study to test the cloud… :P)

Jokes apart.

 

We are very pleased to have our first Humla Workshop.


What do we plan in have it?

Starting right from the basics of the Web Applications, the workshop would involve complete insight into WebApp attacks, and methods used to thwart those. OWASP guidelines would be our theme and we would try to cover the top 4 vulnerabilities defined.


So whos our I-T Comissioner? (Trainer)


Rahul Sai a.k.a fb1h2s

Rahul is an Information Security Researcher, currently working with iSight Partners. He was the youngest speaker during nullcon – dwitiya, 2011. Rahul has also been listed in the Google Hall of Fame. Rahul has expertise in Web Application Testing and Security.

 

Who can attend it?

Null Humla workshops are allowed only for limited attendees. Interested candidates please fill up the below form. Please fill up the form in detail, so that it would help us to shortlist the attendees.

http://goo.gl/COKRM

 

When and Where?


16th, October, 2011, Sunday.

The shortlisted attendees would be informed about he place and timings of the Humla.

 

For more information on null Humla : http://null.co.in/2011/05/16/announcing-null-humla-offensive-hacking-workshops/

 

So join us in the in-depth study of the clouds… 😛

 

null Humla Hyderabad 18th June 2011 – Tour de Metasploit

*null Humla Hyderabad 18th June 2011 – Tour de Metasploit *

Metasploit framework is a well known Open source Penetration testing
framework,
with lots of exploits and payloads.The project was initiated by HD
Moore and supported by a large community of security professionals.

*What will we do?*

We will start with the basics and move to more advanced usage of msf.

*So how do I get to attend this? *

If you are interested, please drop a mail to

*l30[at]null[dot]co[dot]in*
(or)
*imranceh[at]gmail[dot]com *

with the subject line: *null Humla Hyderabad 18th June 2011 – Tour de Metasploit *

*When ?*

Saturday 18th Of June 2011,1600 onwards

*Where?*

The selected people will be informed about the venue.

*What do I need to get?*

1. Get a laptop with wifi support.you need this to try metasploit *
2. bootable Backtrack / Matriux DVDs/USBs (Installed are preferable)
3. Something to munch and drink.

null Humla Hyderabad 21st May 2011 – Aircrack Hawae jugaad

null Humla Hyderabad 21st May 2011 – Aircrack Hawae jugaad

Aircrack-ng suite is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. A tool for auditing wireless network

What will we do?

Try to learn the basics underlying the wireless networks and their encryptions and cracking the WEP and WPA keys.

So how do I get to attend this?

Since this is a first of its kind in Hyderabad null chapter, initially we try to implement it in a closed group. Members who are considered to attend this event are already mailed about the venue and timings.
Others whoever are interested are requested to mail l30[at]null[dot]co[dot]in with the same subject line and request to attend
When ?

Saturday 21st May 2011

and for the timing check your attendance mail

Duration ?

?????????? (depends)

Where?

The selected people will be informed about the venue. We will be conducting this in Hyderabad.

What do I need to get?

  1. Get a laptop with wifi support. You will need it to try out all the hands-on work.
  2. bootable Backtrack / Matriux DVDs/USBs (Installed are preferable)

Announcing null Humla – Offensive Hacking workshops

Humla (meaning attack in Hindi) is a completely hands-on workshop with the clear focus on learning the tools, techniques and approaches of offensive hacking using simulated servers and networks.

Humla is different from a normal null meet in its focus and duration. The focus is on learning specific tools and techniques and the duration is about 5-6 hours of hands-on work.

null Humla Basics

  • null Humla events are invite only

Keeping them exclusive allows for keeping the logistics simple, the course content focussed and the interactions very engaging.

  • null Humla events are completely hands-on

The idea is to learn offensive hacking, therefore everyone is expected to come prepared and do the hands-on in a group.

  • null Humla events require you to get your laptop

There is no pairing up while doing hands-on. The point is to ensure that you actually get the practice while learning.

  • null Humla events are about 5-6 hours

This is an ideal time to get all 10 people up to speed and comfortable. This amount of time allows for everyone to become comfortable with the topic at hand.

  • A null Humla event is led by 1-2 champions in that particular topic

One or two hackers who have the experience and skills are assigned as Humla Champions for a particular topic. They are completely responsible for the course content and ensuring that all the group members learn the concepts and the attacks.

null Humla MO

  1. Applications to take part will be invited from null members.
  2. The champions will select the ten best applications for the topic. This is based on the profile of the applicants and the champion’s discretion.
  3. Once selected the hackers will be informed and they need to come to the workshop with the required things like laptop etc.

null Humla Topics

The following are the some of the proposed Humla workshops. These may change based on availability of Humla Champions

  • Metasploit Kung-Fu
  • Hacking a Web Server using SQL Injection
  • Wireless Hacking 101 and Wireless Hacking 201
  • Getting n00bs ready for Humla
  • Backtrack Super User
  • Reversing and Exploiting
  • Malware Analysis in depth

New workshops will be announced on the null mailing list.

 

Security Awareness camp at MindTree Bangalore

Security awareness camp for MindTree Bangalore

Date and Time: 23rd Nov 2010 3:00 PM onwards

Time Talk Speaker
03:00 PM – 05:00 PM Web Security and OWASP Top 10 Akash Mahajan