[tog] Security Night

Schrodinger schrodinger at konundrum.org
Thu Aug 18 17:58:17 CEST 2016


On 2016/08/18 15:16, Paul Mc Quade via tog wrote:
> I was wondering could we have a night based on pentest tools and techniques.
> The internet is growing fast and there are more threats surfacing each day.
> Information gathering tools are easy now like "Datasploit" and "Recon-ng". 
> 
> ​We should show how to defend networks from attacks and stop social
> engineering. Kali Linux and its tools make attacks a lot easier.
> 
> I hope to get more people interested in infosec and pentesting.
> --
> Regards,
> Paul McQuade
> 
> GPG Public Key:
> www.github.com/paulmcquad/gpg
> 

https://dublin.2600.org/

You might find a more infosec enthusiastic audience there. Also it's
mostly TOG/ex-TOG people :D

I think if you want to get a night going in TOG then you need something
more specific. You've mentioned offence, defence and social attacks.

Maybe pick a topic from one of these and say you'll be in TOG to discuss /
practise it on that night if anyone wants to join you.

E.g.:

 "I'll be in TOG on $day and I will be taking a crack at this, basically,
 free OSCP style environment. https://lab.pentestit.ru/"

Another night you could pick the topic of open source web application
firewalls like mod_security and discuss how to implement them. You can
mix in showing an attack and then using mod_security to block it. Maybe
the end goal of erecting a defence layer in front of say a Wordpress
blog.

I did a mod_security workshop a few years back showing common attacks on
web servers and blocking them with mod_security. I then showed how you
can use mod_security to detect an attackers IP address and inject the
BeEF Javascript hook to try and exploit the attackers browser for, eh,
reconnaissance.... :)

Another night you can tell people that if they come to TOG they can give
you their email password and you'll let them know if it's secure or not.

HTH,
Schrodinger.
-- 
+---------------------------------------------------------------+
Quidquid latine dictum sit, altum sonatur.
ICQ: 112562229
GPG: http://www.konundrum.org/schro.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.tog.ie/pipermail/tog/attachments/20160818/eb42f8a1/attachment.sig>


More information about the tog mailing list