March 13th @ Elsie’s: Breaking Enterprise Wifi
David Bryan from Trustwave’s SpiderLabs will be presenting on just how fun it is to break Wifi Authentication, such as enterprise standards like PEAP and EAP-TTLS. Most of the time it falls back to the security of the desktops or the users to make the decisions. Which can be misconfigured, or the user is unaware of the attack. David will do a demo, and talk about how you can install the tool set on Kali Linux. (He might even have a blog post ready by then so you can do this at home too). http://blog.spiderlabs.com/
Agenda:
6:00PM – 6:30 Get in, get food/drinks
6:30PM – David Bryan – Breaking Enterprise Wifi
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413
February 13 Meeting 6pm @ Elsie’s
For our February meeting (2/13/14) Brandon McCann is going to be presenting on Phishing Frenzy, an open source phishing campaign tool. Below is the description of the talk and bio.
Presentation Description:
Phishing attacks are a prevalent threat against organizations large or small. As professionals in the security field we need to be able to give our clients the “look” and feel of what a real “bad guy” may do to attack an organization. Creating a phishing campaign can often times be a complex and time consuming process. This is why Phishing Frenzy was created to manage phishing campaigns, phishing templates, and generate advanced statistics.
Feast your eyes on the new addition to the open source and infosec community. “Phishing Frenzy” is a feature rich phishing framework written in ruby on rails to help streamline your phishing process. The framework allows for the creation, customization and execution of phishing campaigns.
Bio:
Brandon McCann is a senior security consultant with Accuvant LABS’ attack and penetration team with over seven years of experience in the information technology industry. Brandon specializes in focused penetration testing, antivirus avoidance and advanced email phishing tactics.
Brandon is co-founder of pentestgeek.com and the founder of the Phishing Frenzy open source project. Additionally, Brandon is an active part of the metasploit project with over 10 committed metasploit modules and continues to be very active within the security community.
Agenda:
6:00PM – 6:30 Get in, get food/drinks
6:30PM – Brandon McCann
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413
January 9th Meeting 7pm @ Elsies
We will be getting together this Thursday 7pm @ Elsie’s. Please note the late start. Elsie’s has a banquet immediately before us so we cannot get in until 7pm. We do not have a formal presentation or demo lined up. We are just going to get together for food, drinks, and discussions. Topics may include privacy, cryptology, and other relevant security topics.
Agenda:
7:00PM – Networking / Discussions
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413
December 12th Meeting 6pm @ The Hack Factory
This month we are going to have a project night at The Hack Factory. If you have a project you want to work on, or have a project you just want to show off, bring it in. Rumor has it that someone may be working on a t-shirt cannon. As always, anyone and everyone are welcome.
Agenda:
6PM-??? – Project Night
See you Thursday!
-DC612
Hack Factory is located in the Seward neighborhood.
November 14th Meeting 6pm @ Elsies
Karl Fosaaen will be presenting on Attacking iOS Apps with Proxies at the November 14th DC612. This presentation will cover the basics of attacking iOS applications (and their back ends) using a web proxy to intercept, modify, and repeat HTTP/HTTPS requests. From setting up the proxy to pulling data from the backend systems, this talk will be a great primer for anyone interested in testing iOS applications at the HTTP protocol level. There will be a short primer on setting up the intercepting proxy, followed by three practical examples; showing how to intercept data headed to the phone, how to modify data heading to the application server, and how to pull extra data from application servers to further an attack. All of these examples will focus on native iOS apps (Game Center and Passbook) and/or functionality (Passbook Passes).
Karl is a senior security consultant at NetSPI. This role has allowed Karl to work in a variety of industries, including financial services, health care, and hardware manufacturing. Karl specializes in network and web application penetration testing. In his spare time, Karl helps out as an OPER at THOTCON and a swag goon at DEF CON.
Agenda:
6:00PM-6:30PM – Get in, get drinks and food ordered
6:30PM – Karl Fosaaen – Attacking iOS Apps with Proxies
Elsie’s Restaurant Bar and Bowling
729 MarshallStreet N.E.,
Minneapolis, MN 55413