Previous Meets

Wednesday, October 5th 2016 - The Glassroom - Napier University, Merchiston Campus - Venue from 18:00 - Start at 18:30

Being a pentester, an informal chat with Miguel

So Uni just started and you're excited with all the new challenges and subjects.
You might have an idea of what you want to follow but Computer Science and Information Technology is such a broad universe! What should your focus be? In fact, Information Security itself is also a tiny universe that allows for a multitude of roles and skills!
Security managers, pentesters, malware analysts, NOC/SOC personnel, social engineers, security researchers just to name a few! Will you be able to choose and how?
This will be an informal talk where Miguel will talk about his experience as a security tester to help clarify the role of a pentester in the grand scheme of things.

This will not be on our usual location or day of the week! It will be in The Glassroom at Napier University on a Wednesday.

August 2nd 2016 - The Glassroom - Napier University, Merchiston Campus - Venue from 18:00 - Start from 19:30

Solving challenges - A Collaborative Method

Following up on Lex's presentation on how he did NOT solve the SANS 2015 Holiday Hack Challenge where the audience ended up chipping in their two cents on how to continue, we thought it would be a good idea to try to complete other challenges using a collaborative effort.
Starting from basics such as "what do I need to start?" to "argh, can't make it past this last hurdle!", there should be something for everyone.
Bring your own laptop as we will try to go over a couple of challenges with explanations and discussion on each step. The challenges VM will be provided at the start of the event.
Will we be able to complete at least one?

This will not be on our usual location! It will be at The Glassroom at Napier University.

April 5th 2016 - The Beehive Inn - Venue from 19:00 - Talks from 19:30

Biometrics! Everyone is doing it, why should we?, by Miguel Marques

Biometrics have been used by humans ever since the birth of "society".
Now that machines are part of society, it makes sense that we try to teach them a thing or two about it.
What are the ramifications of this?

P.S. - This will not be a talk on how to bypass the fingerprint reader on your mobile...yet.

February 2nd 2016 - The Beehive Inn - Venue from 19:00 - Talks from 19:30

How I did not Solve the SANS 2015 Holiday Hack Challenge, by Lex Sobrinho

SANS have been running hack challenges for a number of years. Each challenge is designed for both, experts and beginners. Sometimes, in contexts where learning is the main focus, understanding the thought-process can be more beneficial than arriving at the results: beginners get exposure to how more advanced users solve these challenges, whilst more advanced geeks get to compare their thought-processes to others'; hopefully learning something new.

As 2015 was my very first live hack competition, rather than simply giving the answers to the challenge, I wanted to share my experience with trying-and-failing before each stage of the challenge, until arriving at the desired result. My intentions are to encourage beginners to take part in these challenges, and to gain insight on how more advanced users would solve the same or a different problem. This talk is delivered for the absolute beginner to follow, whilst still (hopefully) keeping the experts slightly entertained.

December 1st 2015 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

David Stubley @DavidStubley

Taking the phish - We were hired to do a phishing job. We got to working, we did our share of research, we deployed the campaign, we collected results, job done. Then, the unexpected happened! This talk will describe some of the quirks and unexpected results we observed. We know what we did, but what did YOU do?

October 6th 2015 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

Michael Jack @MikeyJck

Crypto Wars 2.0 - A walk through the history of modern cryptography, it's spread and subsequent scrambling by governments to control the technology. The main focus will be the renewed efforts by governments to control crypto, circa 2012 onwards, with a quick background in the first crypto wars circa 1990s. I'll finish with a more positive countermeasures section. Slides here!

June 9th 2015 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

Gordon Gray @gor_zilla

Just how secure are public WiFi networks? What are the risks of doing your online banking from a coffee shop?
This talk will aim to cover the basics of local network attacks, starting with WiFi exploits and then going over a typical LAN setup to show how easily an attacker could control your network traffic and potentially even your whole computer.
Finally there'll be some discussion of the mitigations and what to be aware of to stay safe.

April 7th 2015 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

Miguel Marques

Pentesters don't do programming (not very well, at least!). Programmers don't do security (usually). It doesn't need to be this way.
Miguel is going to go through OWASPs Secure Coding practices in his own words. Here's to hoping developers gain critical and basic knowledge to prevent a lot of the most common attacks on applications.
And yes, burp will be mentioned again :)

February 3rd 2015 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

Lex Sobrinho

Lex is going to touch on some of the basic mathematical concepts used in modern (and to some extend ancient) cryptography such as Prime Numbers, Password Entropy Calculation and Probability Theory, with a focus on Modular Arithmetic. With that, he hopes to be able to demonstrate how the Diffie-Hellman key exchange works in practice by making use of a simple example with small integers.

December 2nd 2014 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

Miguel Marques

Burp is probably the only tool Miguel refuses to test without.
He is going to try to make sense of it and show an actual example in which it could be used to find interesting information on a webapp.
Let's call it a free demo but without the commercial mumbo-jumbo.
Miguel <3's burp!

October 9th 2014 - The Beehive Inn - Venue from 19:00 - Talks from 19:45

Ross Bingham

Ross studied Digital Security, Forensics and Ethical Hacking at Glasgow Caledonian University.
This talk is about the differences he found between the course syllabus and his internship at an InfoSec company and how he ended up working for them.

Paul Mason

A few years ago Paul, an English teacher by trade, decided to try his hand at some of the cybersecurity challenges that were out there. He was rather surprised to find that he won. Not only won but had made it to a semifinal. This encouraged him to up his skill set dramatically. Following that, Paul continued to succeed in similar challenges, ending up in national and international finals, getting to meet "the spies" and ending up in Bletchley Park, beating professional scores at SANS's Netwars. This lead to a job as a penetration tester which he vowed to "give it at least a year". Paul is just about to finish his first full year in the industry and will be sharing the highs and lows of his journey, the successes and the occasional failure and revealing the secret of going from Noob to Leet in twelve months.