[OWASP-Bangalore] Fwd: [null] [null Bangalore Humla] | Social-Engineer Toolkit – Attacking the Human Element | 1st March 2014

Announcing null Humla session on the Social-Engineer Toolkit – Attacking the Human Element. Like all Bangalore Humla sessions, this is free but registration is compulsory. A group of participants will be selected based on the registrations since Humla is invite only and with prior registration and approval of the Humla champion. Here are the details:

Humla Title: Social-Engineer Toolkit – Attacking the Human Element
Humla Champion: Sagar Belure
When: 1st March 2014, 10 AM – 6 PM
Registration: http://goo.gl/YgrIk3
Humla Description: This will be a completely hands on session on using the Social-Engineer Toolkit (SET) and performing different attacks using the same. The following topics will be covered:

https://docs.google.com/forms/d/1U02XMupwOP2auhFm-8RMYIom73w03GN6JKgiVvGJCzQ/viewform

1. Introduction to Social-Engineer Toolkit
2. Verifying the setup
3. Spear-Phishing Attack Vector
4. Java Applet Attack Vector
5. Metasploit Browser Exploit Attack
6. Credential Harvester Attack
7. Tabnabbing Attack

Pre-requisite knowledge:
1. Virtualization software installed on the host [VirtualBox/VmWare etc.]
2. Kali Linux [Running as a VM] – Attacker
3. Windows XP SP2 [Mandatory] [Running as a VM] – Target

Short Bio:
Sagar Belure: Sagar has around 5+ years of experience and works as a Security Consultant in TUV Rheinland India Pvt. Ltd. He has worked on various internal/external network penetration tests, web application tests, forensics investigation projects. Besides security, he likes travelling and listening to all kinds of music.

Read Full Post »

Announcing null/OWASP/Garage4hackers/SecurityXploded Bangalore November meet-up on Saturday 24th November 2012

Announcing null/OWASP/Garage4hackers/SecurityXploded Bangalore November meet-up on Saturday 24th November 2012
>>
>> *Please note that all null meets are free for anyone to attend. Just come with an open mind and willingness to share and learn*
>>
>> The meet is as usual divided into two parts, the monthly talks and the training on Reverse Engineering. The Reverse Engineering training will start at 12:50 PM by the SecurityXploded/Garage4Hackers team.
>>
>> The schedule for this month’s meet is as outlined below:
>>
>> 09:30 – 10:15: Bug Bounty for Beginners – Himanshu Kumar Das
>> 10:15 – 10:30: Introductions
>> 10:30 – 10:50: Newsbytes – Nishant
>> 10:50 – 11:30: Metasploit Basics – Shubham Mittal
>> 11:30 – 11:50: Networking and Break
>> 11:50 – 12:30: Secure Coding in C/C++ – Amarjit
>> 12:30 – 12:50: Feedback and Topic discussion for next month meet
>> 12:50 – 13:50: Reverse Engineering: Future Roadmap – SecurityXploded Group
>>
>> VENUE DETAILS
>> ThoughtWorks, Ground Floor, ACR Mansion,
>> 147/f, 8th Main Road, 3rd Block, Koramangala,
>> Bangalore – 560034
>> Google Maps: http://goo.gl/bokSL
>>
>> Landmark : Next to Satya’s Bar and Mercure Hotel
>> + If you are coming from From Inner Ring road get on to Ooty
>> Chocolates road and after a small crossroad this will be on the right
>> hand side.
>> + If you are coming from the Raheja Residency road then take a left
>> turn at the small crossroad and this will be on your right hand side.
>> + If you are coming from Koramanagala BDA complex take a right turn at
>> the small crossroad and this will be on your right hand side.
>>

Read Full Post »

Nullcon Training ( Mobile Application Hacking – Attack and Defense )

Register Now: – http://www.nullcon.net/website/conference/registration.ht
“4th International conference on Information Security “Nullcon 2012 Delhi
“Gain the skill and knowledge that will prepare you moving to next level of success. “
Nullcon Training on “ Mobile Application Hacking ( Attack and Defense ) by Hemil Shah

Objectives-
Mobile application hacking and its security is becoming a major concern in today’s world. In last few years we have seen range of new attack vectors and method of exploitation for these devices. Smart phones and tablets running on iPhone, Android, Windows and Blackberry have taken over the market in frenzy. In today’s world email, social networking, banking everything is possible on the go with Smart phones and derived applications. These Smart phones are now equipped with features like data, Wi-Fi, voice and GPS functions and applications can leverage these features. The sudden growth in number of applications available for these smart phones does raise a certain level of concern for the user’s security and server supporting these applications.
Mobile applications are vulnerable to various set of different attacks like local storage, user data harvesting, activity spying, unauthorized event injection, UI Jacking, Tab Jacking, Traffic redirection, Logical attacks, hard coded keys and few other. At the same time Mobile applications are talking with server side over HTTP/HTTPS, it opens up few possible attacks on Web Services and APIs. The server side applications can be attacked with Injections. Several new technology stacks are evolving over Mobile like HTML5 and Silverlight which opens up new attack surface. In this context it is imperative for IT professional and corporate application owners to understand these attack vectors along with mechanism for securing. The class features real life cases, live demos, code scanning and defense plans. The course is designed by the author of “Web Hacking: Attacks and Defense”, “Hacking Web Services” and “Web 2.0 Security – Defending Ajax, RIA and SOA” bringing his experience in application and mobile security and research as part of curriculum to address new challenges. Following topics will be covered during the class.
Course Content

1. Introduction to Mobile Applications
2. Understand OS structure and permission
3. Understanding Android platforms
4. Understanding Windows Phone Platforms
5. Write your own Application
6. Set up Attack environment
7. Mobile Application Attacks
8. HTML 5 Attacks on Mobile
9. Reverse Engineering & Code Analysis
Who should attend?

· Information Security Professionals
· Anyone with interest in Mobile Application Security
· Penetration Tester
· Mobile Application Developer
Sponsored By: – MICROSOFT, PRAXEVA, Associate Sponsor – HACKER5
Cocktail Sponsor – SANS
Executive Brefing Sponsor – Watchguard
Dates: – 26 -29 September 2012 | Venue – Hotel Leela Kempinski , Gurgaon.
For more details Contact – Harshit Mahajan +91 09004017799 Email- harshit@nullcon.net
Register Now: – http://www.nullcon.net/website/conference/registration.ht
| Website -www.nullcon.net |

Read Full Post »

Information Security Training’s @ Nullcon Conference Delhi-2012

http://www.nullcon.net/website/conference/registration.html
Register Now- http://www.nullcon.net/website/conference/registration.html

“4th International conference on Information Security “Nullcon 2012 Delhi

Dear,

Nullcon’s 4th International Conference on IT security on 26 & 29 Sep 2012 at The Leela Hotel, Gurgoan.This conference enagages you in thought provoking sbjects and latest hacks in the Industry. Delivering its passion through its reasearch nullcon has chosen the selcted few. Industry practioners and subject matter experts will share their experince thorugh live case discussion at nullcon New Delhi 2012.

You can choose from the options of SEVEN different subjects of One Day and a Two Day Programme, they are :

1. Secure Software Development Life Cycle
2. Attack Incident Investigation by Log Analysis.
3. Web Hacking Workshop
4. Xtreme Android Hacking
5. Reverse Engineering and Malware Analysis.
6. Mobile Application Hacking -Attack and Defense.
7. Xtreme Xploitation.

The above mentioned training has been designed at par with the International Standards. Courses are taught by real-world practitioners who are the best at ensuring you not only learn the course ware, but that you can apply it immediately to your work.

These trainings were earlier attended by technology geeks from various large , mid level organisations also by Govt. organisations. To name a few Adobe, ADP, Palantir, Indian Navy, Indian Air Force , DIARA etc. Please also find attached the Details of the training as attachment. Should you require further details about any of the programes, please feel free to contact me.

Sponsored By: – MICROSOFT, PRAXEVA, Associate Sponsor – HACKER5
Cocktail Sponsor – SANS
Executive Brefing Sponsor – Watchguard
Register Now: – http://www.nullcon.net/website/conference/registration.ht
Dates: – 26 -29 September 2012 | Venue – Hotel Leela Kempinski , Gurgaon.
For more details Contact – Harshit Mahajan +91 09004017799 Email- harshit@nullcon.net

| Website -www.nullcon.net |

Read Full Post »

null/OWASP/Garage4hackers/SecurityXploded Bangalore Monthly Meetup : 14th July 2012

[OWASP-Bangalore] Fwd: [null]

We will have this month’s null/OWASP/
Garage4hackers/SecurityXploded Bangalore meetup on Saturday 14th July
2012 starting at 09:30 AM. No registrations, no fees, just come with
an open mind 🙂

The Bangalore meet, as usual, is divided into 2 parts, the monthly
talks and the Training on Reverse Engineering. The Reverse Engineering
training will start at 12:30 PM by the SecurityXploded/Garage4Hackers
team.

The schedule for this months meet is as outlined below:

09:30 – 10:10: Hands on Web Application Security: Mutillidae –
Vulnerable Web App – Satish
10:10 – 10:25: Introductions
10:25 – 11:05: Burpsuite for Beginners – Saran
11:05 – 11:20: Networking
11:20 – 12:00: Basics of IDS/IPS – Pravin
12:00 – 12:20: Feedback & Topic discussion for next monthly meet
12:20 – 12:30: Break
12:30 – 01:50: Advanced Malware Analysis – Monnappa

VENUE DETAILS
Kieon, 3rd Floor, 302 Prestige Sigma,
3 Vittal Mallya Road,
Bangalore 560001
Opposite Bishop Cottons Girls School, Above Emirates Airlines office.
Map Location: http://g.co/maps/dahhv
Parking is available in the building. See you there.

Read Full Post »

null/OWASP/Garage4hackers/SecurityXploded Bangalore meetup on Saturday 16th June 2012

We will have this month’s null/OWASP/Garage4hackers/SecurityXploded
Bangalore meetup on Saturday 16th June 2012 starting at 10:00 AM. No
registrations, no fees, just come with an open mind 🙂

The Bangalore meet, as usual, is divided into 2 parts, the monthly
talks and the Training on Reverse Engineering. The Reverse Engineering
training will start at 12:45 PM by the SecurityXploded/
Garage4Hackers team.

Also, as discussed in the last month’s meet, we will have a basic 30
minute primer on SQL Injection by Satish at 9:30 AM, before the main
talks begin at 10:00 AM. All those who would be interested to learn,
understand the basics of SQL Injection and to watch some cool demos
are requested to be present at 9:30 AM.

TALKS
1. News Bytes – Sumeer
2. JavaScript Obfuscation – Prasanna
3. SSL VPNs – Rajesh

12:45 PM onwards:
4. Practical Reversing: Part3 – Memory Forensics – Monnappa

VENUE DETAILS
Kieon, 3rd Floor, 302 Prestige Sigma,
3 Vittal Mallya Road,
Bangalore 560001
Opposite Bishop Cottons Girls School, Above Emirates Airlines office.

Map Location: http://g.co/maps/dahhv

Parking is available in the building. See you there.

_______________________________________________
OWASP-Bangalore mailing list
OWASP-Bangalore@lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-bangalore

Read Full Post »

OWASP-Bangalore] null Bangalore meet on 9th October 2010

Announcing null Bangalore meeting on 9th of October 2010.

Talks
1. Linux ASLR by Aditya Lad
2. Exploit Development 3 by Anish and team
3. Reverse Engineering 2 by Chinmaya and Saurabh
4. PDF Exploits AcroJS by Ankur
5. Security Newsbytes by Vikas and Vardhan

No registration, no fees, just come with an open mind.

Please tweet, share on facebook with the tag #null

Date & Time
Saturday 9th September 2010 10:00 AM Sharp

Venue
Praxeva India Services Pvt. Ltd,
Atrium Business Center,
66/1 2nd Floor,
Coles Road,
Frazer Town,

Please note this is above Pizza Hut outlet and near Cafe Coffee Day.

Map for the venue http://bit.ly/9m5K4K

Read Full Post »

[OWASP-Bangalore] null Bangalore meet on 4th September 2010

Announcing null Bangalore meeting on 4th of September 2010.

Talks
1. Reverse Engineering by Saurabh and Team
2. Egg Hunting Demo by Anish and Team
3. How aircrack works in theory by Sunil
4. Client side exploits using PDFs by Ankur and Basu
5. Newsbytes by Akash

No registration, no fees, just come with an open mind.

Please tweet, share on facebook with the tag #null

Date & Time
Saturday 4th September 2010 10:00 AM Sharp

Venue
Praxeva India Services Pvt. Ltd,
Atrium Business Center,
66/1 2nd Floor,
Coles Road,
Frazer Town,

Please note this is above Pizza Hut outlet and near Cafe Coffee Day.

Map for the venue http://bit.ly/9m5K4K

Read Full Post »

[OWASP-Bangalore] Bangalore Null/OWSAP Meet Saturday, 13th of March 2010

 

Praxeva India Services Pvt Ltd

Above Pizza Hut

Oculus Workspaces

66/1, 3rd floor

Coles Road, Frazer Town

Bangalore – 560005

Venue :

Read Full Post »

OWASP NULL MEET 19th Sep 2009

OWASP is combined with NULL Bangalore

19th September 2009

The following talks are scheduled

1. SSL Cipher Ennumeration by Gursev
This is what he will be covering
    # Aim: Enumerate all ciphers suites supported by the web server.
    # Application: Auditing of cipher suites supported by web server.
Testing ciphers supported by web servers is mandatory for various
activities like PCI tests, Penetration testing
       and possibly other compliance issues.
    # Discuss about SSL basics (very basics)
    # Then we dig down and write a quick script using OpenSSL and Ruby
to help achieve the same.

2. Demonstration of a tool – Amit Parekh
3. Demo of the GIFAR attack – Amit Gupta
4. Discussion on security incidents in the past – Led by Gursev //
This may or mayn’t happen depending on the time we have

The talk Practical Aspects of Taking your Application to the Cloud by
Simran Gambhir is postponed till after he recovers from a broken foot.
Get well soon dude!

VENUE DETAILS

    Praxeva India Services Pvt. Ltd, Atrium Business Center, 66/1 2nd
Floor, Coles Road, Frazer Town, Bangalore-560005

Praxeva India Office Location on Google Map –
http://www.praxeva.com/contact_us.html

* End of mosque road there is a CCD, from there, if you look
diagonally opposite (onto coles road), you will see a pizza hut
(approx 100 meters). The office is on the 3rd floor of the pizza
hut building.

Read Full Post »