Newsletter

1/25/2020 - Important Blue Team Meeting - Mon. @ 6:00

Hello Whitehatters,

We have an important Blue Team Meeting this Monday. We need to finalize the roster for the upcoming SECCDC competition. As such, this meeting is mandatory for anyone wishing to compete at that competition, as we need to get you registered. Not sure if you qualify to compete? See the SECCDC rules page. Following team registration, we’ll resume our normal meeting material, and begin developing our training environment. All WCSC members are welcome to attend. These skills will be useful for other Blue Team competitions down the road, and in your future careers in security.

Blue Team (network defense)
Date: Monday, January 27, 2020
Location: TBD (check the #blueteam Slack channel on Monday)
Time: 6:00 PM - 7:30 PM


Christopher Greenland

WCSC Secretary

1/22/2020

Hello Whitehatters,

Thank you to everyone who attended our first meeting last Friday. It was a pleasure meeting you all! As discussed, our CTF Team (capture the flag) and Blue Team (network defense) will kick off their meetings this Wednesday, 1/22, with back-to-back meetings. Feel free to come to one or both as interested.

This week and next, we’ll be focusing on the basics of the Linux operating system, which is an important and foundational tool in computer and network security.

Here are the details for this week. If you have any questions, please post them to our Slack.

CTF Meeting - This Wednesday, Kevin (@ktrio3) will introduce the format of CTF meetings and give a brief overview of the types of challenges we will be working on in future meetings, including a preview of the WCSC CTF virtual machine. Note that this meeting will end early to allow interested members to attend this week's Blue team meeting (6 PM in the same room), as they have a competition coming up shortly.

CTF Meeting
Date: Wednesday, January 22, 2020
Location: Engineering III Building - ENC 1000
Time: 5:00 PM - 5:50 PM

Blue Team Meeting - What is a blue team, and how does it work? This meeting will introduce the role of the blue team in cybersecurity and network defense. Team Captain Emlin (@Emlin) will discuss cyber defense competitions like CCDC and SECCDC, followed by an introduction to Linux, but from a defensive perspective.

Blue Team (network defense)
Date: Wednesday, January 22, 2020
Location: Engineering III Building - ENC 1000
Time: 6:00 PM - 7:30 PM

Regular Friday Meeting - This Friday, WCSC will introduce virtualization and Linux, two important concepts for becoming a master CTF/Blue Team competitor. Topics include a brief history of Linux, why to use virtualization, and a brief demo of important Linux commands. Interested in getting hands-on Linux experience? Check out next week's CTF meeting!

Friday Meeting
Date: Friday, January 24, 2020
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM


Christopher Greenland

WCSC Secretary

1/16/2020

Hello Whitehatters,

Welcome back, and happy New Year! Last year was a great year for WCSC. We’ve seen our teams and members excel at many security competitions, and learn many useful skills along the way. Thank you for helping us get there in 2019. Please join us as we look to make 2020 even better!

Our first meeting of the semester is this Friday. At this meeting, we'll introduce new members to the club, show some cool computer security demos, and announce our plans for the semester. If you’re new to Whitehatters, this is a great opportunity to learn more about the club, what we do, and how you can do it too! Pizza will be provided 🍕.

First Friday Meeting
Date: Friday, January 17, 2020
Location: Center for Urban Transportation Research - CUTR 102 (CUT on parking map)
Time: 5:00 PM

WCSC is pleased to announce our Executive Board for the year 2020 (Slack names in parentheses):

  • Kevin Dennis (@ktrio3), President
  • Julie Gonzalez (@Jules), Vice-president
  • Patrick Farris (@Patrick), Treasurer
  • Christopher Greenland (@Christopher), Secretary
  • Alex Whitaker (@Whitaker), Public Relations
  • Emlin Charly (@Emlin), IT & Blue Team Captain

If you have any questions, please post them to our Slack.


Christopher Greenland

WCSC Secretary

11/21/2019

Hello Whitehatters,

It’s Whitehatters elections week! As announced, Blue Team held its elections this Tuesday, which was the last Blue Team meeting for this semester. Congratulations to Varghese Charly a.k.a Emlin, the next WCSC Blue Team Captain!

As you may have heard, the WCSC Blue Team recently placed in the top third nationally at the DOE CyberForce competition. Congratulations and thank you to those who participated!

A special thank you to our outgoing Blue Team Captain, Jacob Kesler (@JK), for his hard work and service to both the Blue Team and the WCSC E-Board. Over the past year, Jacob, with the participation of our members, and co-captain Emlin, rebuilt the WCSC Blue Team from near nonexistence into a competitive force. Thank you, and best of luck in your future endeavors!

We have two more meetings coming up, including elections on Friday. If you have any questions, please use our Slack.

CTF Meeting - This Thursday will be a “chill” CTF meeting. We will review what we have learned, answer any questions, talk about the progress of the CTF team, and listen to some hacker music! To wrap things up, we will talk about what you all would like to see next year.

CTF Meeting
Date: Thursday, November 21, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:30 PM

Friday Election Meeting - WCSC will hold its officer elections for President, Vice-president, Treasurer, Secretary, and Public Relations for the 2020 term. Here is a list of the candidates. Please join us for this important meeting. Voting is conducted in person. You must be a USF student and WCSC member on BullSync to vote.

Friday Election Meeting
Date: Friday, November 22, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM


Christopher Greenland

WCSC Secretary

11/14/2019

Hello Whitehatters,

Elections are coming up! WCSC will hold elections for Blue Team Captain at the next Blue Team meeting, November 5th at 6:00 PM. Election of our other officer positions will take place November 22nd at 5:00 PM. If you are interested in running for a position on the Whitehatters' E-Board, please apply here by 11:59 PM on Monday, November 18th. Information on each position can be found here. If you have any questions, email EBoard@whitehatters.org, or send us a message on Slack.

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - We’ll be practicing with Microcorruption, a wargame designed to familiarize students with debuggers and reverse engineering through the use of an online debugger simulation.

CTF Meeting
Date: Thursday, November 14, 2019
Location: Engineering III Building - ENG 003 (basement, tentative, check Slack for updates)
Time: 5:30 PM

Regular Friday Meeting - We’ll take a look at the classic buffer overflow attack, and review the details for our upcoming elections.

Friday Meeting
Date: Friday, November 15, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - Blue Team will be participating in the DOE CyberForce competition over the weekend. At this meeting the team will review the challenges and lessons learned from the competition. CyberForce is an ICS (industrial control systems) defense competition put on by the Department of Energy. Also at this meeting, WCSC will hold its election for Blue Team Captain. If you’re interested in the position, please apply here by Monday. Voting is open to all WCSC members.

Blue Team (network defense)
Date: Tuesday, November 19, 2019
Location: Engineering II Building - ENB 228 (tentative, check Slack for updates)
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

11/7/2019

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, please use our Slack.

There will be no CTF Meeting this week due to a scheduling conflict.

CTF Meeting
Date: null
Location: 404 location not found
Time: seg fault (core dumped)

Regular Friday Meeting - It’s almost time for the WCSC elections! This Friday we’ll have a short presentation on the different officer positions up for election and what their responsibilities are.

Friday Meeting
Date: Friday, November 8, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - Blue team will be preparing for the CyberForce competition. CyberForce is an ICS (industrial control systems) defense competition put on by the Department of Energy. We will be working on the actual competition network, hardening machines, and creating documentation for the competition.

Blue Team (network defense)
Date: Tuesday, November 12, 2019
Location: Engineering II Building - ENB 228 (tentative, check Slack for updates)
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

10/31/2019

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - We’ll take a look at Metasploitable, a virtual machine designed to be purposefully vulnerable for learning the Metasploit framework, including the basics of port and vulnerability scanning. Members are encouraged to follow the setup instructions in the above link before the meeting.

CTF Meeting
Date: Thursday, October 31, 2019
Location: Engineering III Building - ENC 1000
Time: 5:30 PM

Regular Friday Meeting - Meeting as usual. The topic is to be determined.

Friday Meeting
Date: Friday, November 1, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - Blue team will be preparing for the CyberForce competition. CyberForce is an ICS (industrial control systems) defense competition put on by the Department of Energy. We will be working on the actual competition network, hardening machines, and creating documentation for the competition.

Blue Team (network defense)
Date: Tuesday, November 5, 2019
Location: Engineering II Building - ENB 228
Time: 6:00 PM

10/23/2019

Hello Whitehatters,

We’re pleased to announce that we took 2nd place at Raymond James CTF 2019! Thanks for rooting for us. The top three scores (out of 13 college teams) were:

Purdue University 1483
University of South Florida 1385
University of Central Florida 1003

Here’s what’s coming up. If you have any questions, please use our Slack.

No Friday Meeting this week due to the Florida Cyber Conference. WCSC members will be attending the conference and competing in the CTF. If you’d like to attend the conference, we still have a few free tickets provided by Cyber Florida, please direct message @Christopher on our Slack.

CTF Meeting - Kevin (@ktrio3) will discuss solving CTF forensics challenges with Autopsy and Wireshark.

CTF Meeting
Date: Thursday, October 24, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:30 PM

Blue Team Meeting - Jacob (@JK) will provide some hands-on firewall exercises, as well as go over the configuration and advantages of using SIEM (Security Incident and Event Management) applications.

Blue Team (network defense)
Date: Tuesday, October 29, 2019
Location: Engineering II Building - ENB 228
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

10/16/2019

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, please use our Slack.

Please note: rooms for Thursday and next Tuesday are tentative, we’ll post updates to Slack if they differ from this announcement.

CTF Meeting - Since we didn’t get to our main topic last week, this week we’ll have a short review of the web challenges from a previous meeting, and we’ll look at a collection of steganography challenges. Steganography is the art of concealing information inside other information (usually images). This is a common category in many CTFs and it is a very fun and approachable type of puzzle.

CTF Meeting
Date: Thursday, October 17, 2019
Location: Kopp Engineering Building - ENG 003 (basement, tentative, check Slack for updates)
Time: 5:30 PM

Regular Friday Meeting - Christopher Greenland (@Christopher) will give a brief overview of Wireshark, and cover the basics of using this tool for CTF network forensics challenges. Time permitting we’ll review some other interesting challenges from this year’s SANS Cyber FastTrack.

Friday Meeting
Date: Friday, October 18, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - As we had a special guest speaker this week, next week’s topic is the same as previously planned. Jacob (@JK) will cover firewalls, with some hands-on firewall configuration challenges.

Blue Team (network defense)
Date: Tuesday, October 22, 2019
Location: Engineering II Building - ENB 228 (tentative, check Slack for updates)
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

10/9/2019

Hello Whitehatters,

Announcements:

We’re playing picoCTF through Oct. 11. More information on our Announcements page.

If anyone has experience with the CyberPatriot high school program, please reach out to our PR officer Julie (@Jules on Slack or wcscpr@whitehatters.org). She is working to develop an after school program to help students prepare for it.

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - We’ll have a short review of the web challenges from our last meeting, and we’ll look at a collection of steganography challenges. Steganography is the art of concealing information inside other information (usually images). This is a common category in many CTFs and it is a very fun and approachable type of puzzle.

CTF Meeting
Date: Thursday, October 10, 2019
Location: Engineering III Building - ENC 1000
Time: 5:30 PM

Regular Friday Meeting - This Friday, Kevin (@Ktrio3) will give an introduction to x86 assembly language. Knowing how to read this low level code is useful for reverse engineering programs. Familiarity with the C programming language would be helpful, but is not necessary.

Friday Meeting
Date: Friday, October 11, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - Jacob (@JK) will cover firewalls, with some hands-on firewall configuration challenges. This topic was pushed back from last week due to the meeting being canceled.

Blue Team (network defense)
Date: Tuesday, October 14, 2019
Location: Engineering II Building - ENB 228
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

10/2/2019

Hello Whitehatters,

Quick announcement:

First, if anyone has experience with the CyberPatriot high school program, please reach out to our PR officer Julie (@Jules on Slack or wcscpr@whitehatters.org). She is working to develop an after school program to help students prepare for it.

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - This Thursday we will be working on a curated list of different challenges to introduce members to web exploitation and python programming. These challenges will come from our own CTF board, HackUCF's CTF board, and Hackthissite.org. Kevin (@ktrio3) will give a brief 10-15 minute overview of web exploitation, then we will start playing!

CTF Meeting
Date: Thursday, October 3, 2019
Location: Engineering III Building - ENC 1000
Time: 5:30 PM

Regular Friday Meeting - This Friday, Dr. Jean-François Biasse from the USF Department of Mathematics & Statistics will be presenting on vulnerabilities in random number generators in TLS, SSH and Bitcoin.

We will review a few vulnerabilities due to flawed random number generators (or the absence thereof) used in key derivations in certain cryptographic protocols. This can be exploited with large scale data collection over all of the Internet (or over the blockchain) to compute private keys and compromise the security of TLS/SSH hosts, as well as that of funds held on Bitcoin accounts.

Dr. Biasse would like to replicate/improve this study, and he has funds available to offer salary to self-motivated students with knowledge in internet security and programming. Dr. Biasse does not expect any prior knowledge in cryptography. He would offer training on the necessary aspects of PKC (public key cryptography) required for the project.

Friday Meeting
Date: Friday, October 4, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - Jacob (@JK) will will cover firewalls, with some hands-on firewall configuration challenges.

Blue Team (network defense)
Date: Tuesday, October 8, 2019
Location: Engineering II Building- ENB 228
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

09/25/2019

Hello Whitehatters,

Two quick announcements:

First, if anyone has experience with the CyberPatriot high school program, please reach out to our PR officer Julie (@Jules on Slack or wcscpr@whitehatters.org). She is working to develop an after school program to help students prepare for it.

Second, the Department of Computer Science and Engineering is looking for IT and CyS student volunteers to meet with its Industry Advisory Board next Monday (9/30). The planned time is 1:00 to 1:45pm in ENB 313. Since the four CSE programs (CS, CpE, IT, and CyS) are either ABET accredited, or are proposed for ABET accreditation, the department has an Industry Advisory Board that comes to USF once a year to discuss the programs and what industry sees as important for graduates. The panel wants to hear from students and see what their experiences are with the programs, and they are looking for IT and CyS students to participate in this meeting. Ideal candidates are students who are good ambassadors for their major, and can answer questions about their program accurately and truthfully. They are looking for between 10 and 20 students.

One plus for the students that volunteer is that the panel members are prospective employers or internship supervisors. So, if the students come “dressed for success” (not suits, but collars and pants) and with resumes in hand, this would be a great opportunity to impress. If interested, please contact our Whitehatters faculty advisor, Dr. Jason Lewis (jasonlewis@usf.edu).

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - We will be playing PicoCTF 2018 to prepare for PicoCTF 2019, which begins on Friday. PicoCTF is an introductory CTF, so this is a great chance to start learning the skills needed for competing in CTFs. Want to start practicing? PicoCTF 2018 can be found at https://2018game.picoctf.com.

CTF Meeting
Date: Thursday, September 26, 2019
Location: Engineering III - ENC 1000
Time: 5:30 PM

Regular Friday Meeting - WCSC alumni Brad Daniels will be presenting his progress on hacking his Honda Accord’s head unit. The head unit runs Android, so the talk will cover reverse engineering Android packages, Linux exploitation, and communicating with the automotive systems. He’ll be hungry afterwards so a trip to Dunderbak’s is called for.

Friday Meeting
Date: Friday, September 27, 2019
Location: Engineering III - ENC 1000
Time: 5:00 PM

Blue Team Meeting - We’ll explore more advanced networking concepts and important network services.

Blue Team (network defense)
Date: Tuesday, October 1, 2019
Location: Engineering II - ENB 228
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

9/19/2019

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - We’ll review our progress and some solutions from last week’s CSAW Qualification CTF, and discussing how to improve going forward. We will then check out Hack This Site!, a purposefully vulnerable website for learning web CTF skills.

CTF Meeting
Date: Thursday, September 19, 2019
Location: Engineering II - ENB 228
Time: 5:30 PM

Regular Friday Meeting - An introduction to the Python programming language and interpreter. In addition to being a popular and powerful programming language, Python is an extremely useful and versatile tool in CTF competitions, and computer security in general.

Friday Meeting
Date: Friday, September 20, 2019
Location: Engineering III - ENC 1000
Time: 5:00 PM

Blue Team Meeting - The next Blue Team meeting will focus on creating a CCDC-like lab environment for practice. CCDC (Collegiate Cyber Defense Competition) is the primary style of defense competition that our Blue Team competes in.

Blue Team (network defense)
Date: Tuesday, September 24, 2019
Location: Engineering II - ENB 228
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

9/11/2019

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, please use our Slack.

CTF Meeting - We’ll continue to cover the basics of CTFs by practicing with Microcorruption, a wargame designed to familiarize students with debuggers and reverse engineering through the use of an online debugger simulation. With CSAW coming up on Friday, we will also review a few past challenges.

CTF Meeting
Date: Thursday, September 12, 2019
Location: Engineering III - ENC 1000
Time: 5:30 PM

Regular Friday Meeting - As mentioned at last Friday’s meeting, we’ll be playing in the CSAW CTF Qualification Round 2019, an online CTF. We’ll be playing as a team, and there’s no limit on team size, so even new members can join the fun. Don’t worry, there’s no penalty for wrong answers. The best way to learn is to play. Registration instructions are on our announcements page.

Friday Meeting
Date: Friday, September 13, 2019
Location: Kopp Engineering Building - ENG 003 (basement)
Time: 5:00 PM

Blue Team Meeting - Now that we’re getting comfortable with Linux, this meeting will provide an introduction to computer networking. Note the room change to ENB 228, (2nd floor of Engineering II).

Blue Team (network defense)
Date: Tuesday, September 17, 2019
Location: Engineering II - ENB 228
Time: 6:00 PM


Christopher Greenland

WCSC Secretary

9/5/2019

Hello Whitehatters,

Welcome to those of you joining us this fall. Here’s what’s coming up. If you have any questions, please use our Slack.

To help get everyone started, we have several opportunities for you to learn the basics of the Linux operating system and capture the flag (CTF) challenges. CTFs are security competitions, featuring hands-on hacking challenges and puzzles, designed to test and improve your computer security skills. Starting off, we’ll have our first CTF meeting today (Thursday, 9/5). Sorry for the late notice, we only found out we had the room yesterday. This meeting will be an introduction to CTFs and Linux. We’ll be practicing with CTF 101 and the Bandit wargame.

CTF Meeting
Date: Thursday, September 5, 2019
Location: Engineering III - ENC 1000
Time: 5:30 PM

Regular Friday Meeting - In case you miss the first CTF meeting, want more practice, or have follow-up questions, Friday’s meeting will also focus on an introduction to Linux and CTFs, using CTF 101 and the Bandit wargame. These are foundational topics for most of the club’s competition activities, so we want to give you as many chances as possible to learn.

Friday Meeting
Date: Friday, September 6, 2019
Location: Kopp Engineering Building - ENG 004 (basement)
Time: 5:00 PM

Blue Team Meeting - In a similar fashion, the first Blue Team meeting will focus on an introduction to Linux in virtual machines (VMs), but from a defensive perspective. We’ll also discuss network defense competitions like SECCDC.

Blue Team (network defense)
Date: Tuesday, September 10, 2019
Location: Engineering III - ENC 1000
Time: 6:00 PM

Slack: Slack is our primary communication channel. If you have a mail.usf.edu or usf.edu email address, you can sign up for Slack here. Otherwise, to be added to our Slack team, please send an email to wcscsecretary@whitehatters.org.

Mailing List: To get updates about meeting times and other important information, please join our mailing list - http://lists.acomp.usf.edu/mailman/listinfo/wcsc.


Christopher Greenland

WCSC Secretary

8/25/2019

Hello Whitehatters,

We hope you had a great summer, and we’re glad that some of you chose to spend part of it with Whitehatters! Over the summer, WCSC volunteers helped organize and run two summer camps for highschoolers, we made our annual trip to DEFCON, and helped USF place 1st in Florida (and 25th nationally) for number of quarter-finalists in the SANS Cyber FastTrack program. Thank you all!

Here’s what’s coming up. If you have any questions, please use our Slack.

Stop by our table at the Computer Science & Engineering Week of Welcome Mixer (see attached flyer) Thursday, August 29, 5:00 PM - 6:30 PM in the ENB Hall of Flags (first floor lobby of Engineering II building, a.k.a the “Fishbowl”).

Our first meeting of the semester is this Friday. At this meeting. we'll introduce new members to the club, show some cool computer security demos, and announce our plans for the semester. If you’re new to Whitehatters, this is a great opportunity to learn more about the club, what we do, and how you can do it too!

First Friday Meeting
Date: Friday, August 30, 2019
Location: Kopp Engineering Building - ENG 004 (basement)
Time: 5:00 PM

Slack: Slack is our primary communication channel. If you have a mail.usf.edu or usf.edu email address, you can sign up for Slack here. Otherwise, to be added to our Slack team, please send an email to wcscsecretary@whitehatters.org.

Mailing List: To get updates about meeting times and other important information, please join our mailing list - http://lists.acomp.usf.edu/mailman/listinfo/wcsc.


Christopher Greenland

WCSC Secretary

Openings in CyberCamp and CodeBreakHERs

Hey Whitehatters,

Just letting you know that a couple of volunteer positions have opened up in the CodeBreakHERs camp. CyberCamp is also looking for more people. Volunteers for both camps earn a free trip to the DEFCON cybersecurity conference (tickets, travel, and hotel). It’s also a great opportunity to give back to the community and teach the next generation about cybersecurity. Links and descriptions for both programs can be found below.

CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. The camp takes place June 17–21 at USF.

CodeBreakHERS volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

CyberCamp is a 5 day event that helps high school students explore careers in cybersecurity. The camp takes place July 8–12 at The Undercroft in Ybor City from 8:30 am to 3:00 pm. Volunteers from Whitehatters will act as mentors, helping to guide the students and answer questions as they participate in the camp, led by instructors from USF. If you’re interested, please fill out the volunteer form below. Important note: to better prepare you as a camp volunteer, you will need to be available not only during the camp hours, but also for professional development training at The Undercroft in Ybor. If you have any questions please email juliegonzale@mail.usf.edu or ninalewis@mail.usf.edu.

CyberCamp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSc_FTB2uC73lULeuvmdH0FDmALvtxAhXbAl1PBS494JxwzaLA/viewform?usp=sf_link


Christopher Greenland

WCSC Secretary

Happy summer Whitehatters,

We’re excited to announce another summer volunteer opportunity that could earn you a trip to DEFCON! CyberCamp is a 5 day event that helps high school students explore careers in cybersecurity. The camp takes place July 8-12 at USF. Even if you don’t have a chance to participate in the other camp, CodeBreakHERS, your participation in this one can still earn you a free trip to DEFCON! Volunteers from Whitehatters will act as mentors, helping to guide the students and answer questions as they participate in the camp, led by instructors from USF. If you’re interested, please fill out the volunteer form below. Important note: to better prepare you as a camp volunteer, you will need to be available not only during the camp hours, but also for professional development training, with the first session on May 20 at Undercroft. If you have any questions please email juliegonzale@mail.usf.edu or ninalewis@mail.usf.edu.

https://docs.google.com/forms/d/e/1FAIpQLSc_FTB2uC73lULeuvmdH0FDmALvtxAhXbAl1PBS494JxwzaLA/viewform?usp=sf_link


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

We hope your last weeks of the semester are going smoothly, and wish you the best of luck on your finals! Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Study Session - This week, we’re holding an informal study session during our Thursday meeting time to help members prepare for finals. Feel free to stop by and bring your classmates. There will be no meeting Friday, or the following week. We’ll have updates about our summer activities afters finals, so keep any eye on your inbox, Slack, and the Announcements page of our website.

Study Session

Date: Thursday, April 25, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

WCSC 24/7 CTF Board

No need to be bored over the summer, the WCSC 24/7 CTF Board has been revived! You can find the CTF here. Feel free to jump on and start practicing your CTF skills. We will be adding more challenges as the year progresses.

_____________________________________

Interested in attending the the DEFCON security conference? Want some extra money over the summer? Time is running out to apply for the CodeBreakHERS summer camp which takes place June 17 - 21. They are looking for volunteers and curriculum developers. All WCSC members, men and women, are welcome to apply in the forms below. A background check is required for camp volunteers only, so please apply soon. CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. Students that volunteer during the camp will have the opportunity to attend DEFCON this summer with funds from WCSC. Students that help design the curriculum for the camp will be paid directly.

Curriculum development form:

https://docs.google.com/forms/d/e/1FAIpQLSfrbLccaXtfKJdGDhbOVDcoDicIZa1VK4YZkVcsjdWhQ_H73w/viewform

Camp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

_____________________________________

CTFs - lol, what finals?

  • *CTF 2019—Sat, 27 April 2019, 01:00 UTC - Mon, 29 April 2019, 01:00 UTC
    • CTFTime
    • Register individually and join team WCSC
    • When you go to the site, be sure to hit EN in the top right corner for English :)
  • UUT CTF—Thu, 25 April 2019, 13:30 UTC — Sun, 28 April 2019, 13:30 UTC
    • CTFTime
    • Register individually and join team WCSC with the usual password


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - We will be doing a review session, discussing questions people have, and looking at some challenges from our new WCSC CTF board!

Exploitation Meeting

Date: Thursday, April 18, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - Whitehatters alumni Patricia Wilthew (@patrixia) will give a presentation on Cloud Computing and the Google Cloud Platform.

Friday Meeting

Date: Friday, April 19, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 5:00 PM

_____________________________________

Blue Team Meeting - Blue Team will not be meeting the week of April 22.

_____________________________________

WCSC Study Time!

It's time to hit the books! With finals coming up, WCSC normally cancels the meetings on the USF reading days. However, this year we will be holding study group sessions for members to meet up and tackle their studies together. The meet ups will be held during the normal meeting times on April 25th & 26th.

If you are interested in attending the study sessions, let us know by Friday, April 19th, what classes you are studying for so we can pair you up with other students using the following Google Form:

https://forms.gle/Nuk49MbKZTsVnxZZ6

_____________________________________

WCSC 24/7 CTF Board

The WCSC 24/7 CTF Board has been revived! You can find the CTF here. Feel free to jump on and start practicing your CTF skills. We will be adding more challenges as the year progresses.

_____________________________________

The Code BreakHERS summer camp is looking for volunteers and curriculum developers. All WCSC members, men and women, are welcome to apply in the forms below. A background check is required for camp volunteers only, so please apply soon. CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. Students that volunteer during the camp will have the opportunity to attend DEFCON this summer with funds from WCSC. Students that help design the curriculum for the camp will be paid directly.

Curriculum development form:

https://docs.google.com/forms/d/e/1FAIpQLSfrbLccaXtfKJdGDhbOVDcoDicIZa1VK4YZkVcsjdWhQ_H73w/viewform

Camp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

_____________________________________

CTFs

  • Blaze CTF—Sat, 20 April 2019, 20:20 UTC — Thu, 25 April 2019, 16:20 UTC
    • CTFTime
    • Registration is not yet open. Kevin will make sure he get's the details right this time :)
  • There are several other CTFs listed on CTFTime for this weekend, but we will be focusing on BlazeCTF
    • Feel free to check the others out, or discuss them in the OpenCTF channel on Slack


Christopher Greenland

WCSC Secretary

Study Time! - April 25 & 26

Hello Whitehatters,

It's time to hit the books! With finals coming up, WCSC normally cancels the meetings on the USF reading days. However, this year we will be holding study group sessions for members to meet up and tackle their studies together. The meet ups will be held during the normal meeting times on April 25th & 26th.

If you are interested in attending the study sessions, let us know by Friday, April 19th, what classes you are studying for so we can pair you up with other students using the following Google Form:

https://forms.gle/Nuk49MbKZTsVnxZZ6


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - This week, WCSC Vice-president Kevin Dennis (@ktrio3) will discuss Linux and Linux security (setuid, permissions, and exploitation in Linux).

Exploitation Meeting

Date: Thursday, April 11, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - Whitehatters alumni Sean (@duck) will present on Z3-Python/Z3Prover (commonly used in Angr), and talk about a couple challenges from 0CTF/TCTF. After the meeting, join us at Mr Dunderbak's.

Friday Meeting

Date: Friday, April 12, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 5:00 PM

_____________________________________

Blue Team Meeting - Note the time and room change. Monday we will be defending and attacking a mock network. Covering servers, firewalls, and network configurations. Please bring a laptop with an ethernet port or ethernet dongle.

Blue Team (network defense)

Date: Monday, April 15, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 6:30 - 7:30 PM

_____________________________________

The Code BreakHERS summer camp is looking for volunteers and curriculum developers. All WCSC members, men and women, are welcome to apply in the forms below. A background check is required for camp volunteers only, so please apply soon. CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. Students that volunteer during the camp will have the opportunity to attend DEFCON this summer with funds from WCSC. Students that help design the curriculum for the camp will be paid directly.

Curriculum development form:

https://docs.google.com/forms/d/e/1FAIpQLSfrbLccaXtfKJdGDhbOVDcoDicIZa1VK4YZkVcsjdWhQ_H73w/viewform

Camp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

_____________________________________

CTFs

  • PlaidCTF—April 12th at 21:00 UTC, through April 14th at 21:00 UTC
    • CTFTime
    • No registration available yet, so we will update you with login info all once we can register
  • There are several other CTFs listed on CTFTime for this weekend, but we will be focusing on PlaidCTF
    • Feel free to check the others out, or discuss them in the OpenCTF channel on Slack


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - This week, WCSC Vice-president Kevin Dennis (@ktrio3) and other members will be reviewing some of the CTF challenges they solved from the recent TAMU and Sunshine CTFs.

Exploitation Meeting

Date: Thursday, April 4, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - WCSC Secretary Christopher Greenland (@Christopher) will go over two challenges from the 2019 Sunshine CTF from B-Sides Orlando. These challenges will be cryptography and image related. All members are welcome to present challenges they solved as well. We will be playing SwampCTF together at 6 after the Friday meeting, along with having open discussion.

Friday Meeting

Date: Friday, April 5, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 5:00 PM

_____________________________________

Blue Team Meeting - This week we will continue working on building our VM (virtual machine) lab environments.

Blue Team (network defense)

Date: Monday, April 8, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM

_____________________________________

The Code BreakHERS summer camp is looking for volunteers, and curriculum developers. All WCSC members, men and women, are welcome to apply in the forms below. A background check is required for camp volunteers only, so please apply soon. CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. Students that volunteer during the camp will have the opportunity to attend DEFCON this summer with funds from WCSC. Students that help design the curriculum for the camp will be paid directly.

Curriculum development form:

https://docs.google.com/forms/d/e/1FAIpQLSfrbLccaXtfKJdGDhbOVDcoDicIZa1VK4YZkVcsjdWhQ_H73w/viewform

Camp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

_____________________________________

CTFs

  • SwampCTF—April 5th 18:00 → April 7th 18:00 EDT
    • CTFTime
    • Typical login information found in the OpenCTF channel on Slack
  • There are several other CTFs listed on CTFTime for this weekend, but we will be focusing on SwampCTF
    • Feel free to check the others out, or discuss them in the OpenCTF channel on Slack


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Due to scheduling and availability reasons, there will not be a Blue Team meeting this Monday, 4/1/2019 (nope, this is not April Fools' joke). Other meetings should continue as usual.


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - This week, we will be doing a review session. Members can bring in questions they have about any of the previous meetings, or any challenges they have recently attempted, and we will go over them. If we don't have many questions, we will go over some other cool challenges.

Exploitation Meeting

Date: Thursday, March 28, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - Jean Baptiste Subils, a PhD student in CSE, will be presenting collaborative authentication, or coauthentication, a single-factor technique in which multiple registered devices work together to authenticate a user. The technical aspects of coauthentication will be described. The paper can be found here: http://www.cse.usf.edu/~ligatti/papers/Coauthentication.pdf

Friday Meeting

Date: Friday, March 29, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 5:00 PM

_____________________________________

Blue Team Meeting - TBD (expect an update this weekend).

_____________________________________

The Code BreakHERS summer camp is looking for volunteers, curriculum developers, and a social media specialist. All WCSC members, men and women, are welcome to apply in the forms below. A background check is required for camp volunteers only, so please apply soon. CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. Students that volunteer during the camp will have the opportunity to attend DEFCON this summer with funds from WCSC. Students that help design the curriculum for the camp will be paid directly.

Curriculum development form:

https://docs.google.com/forms/d/e/1FAIpQLSfrbLccaXtfKJdGDhbOVDcoDicIZa1VK4YZkVcsjdWhQ_H73w/viewform

Camp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

Social media specialist: The duties of this position are to populate a webpage, Facebook account, Twitter account (and other social media outlets to be determined) with content relevant to the camp. Basic graphic design would be a plus. Dates: Start date ASAP, end date June 28th 2019 (one week after the camp is over). Salary: Negotiable with respect to the involvement of the candidate. Typically a total remuneration between $1,000 and $2,000.

https://docs.google.com/forms/d/e/1FAIpQLSc0KJbRRNXEFVCyqtwetSl88_NlgbaHuhkrXoRBiLu2C4SsyQ/viewform

_____________________________________

B-Sides Orlando is this Saturday. It’s a local security conference with presentations, exhibits, a lock picking village, and IoT/normal CTFs. Student tickets are free! Pop into our #bsides-orlando-2019 channel if you’re going, or have questions.

_____________________________________

CTFs

  • Sunshine CTF 2019—Sat, 30 March 2019 9:00 AM EST — Sun, 31 March 2019, 9:00 PM EST
    • CTFTime
    • Typical login information found in the OpenCTF channel on Slack
  • There are several other CTFs listed on CTFTime for this weekend, but we will be focusing on Sunshine CTF
    • Feel free to check the others out, or discuss them in the OpenCTF channel on Slack


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Just a quick update to let you know that there will be a Blue Team meeting today. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Blue Team Meeting - This week Blue Team Captain Jacob Kesler (@JK42) will be demonstrating how to set up a lab environment using VMs (virtual machines).

Blue Team (network defense)

Date: Monday, March 25, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM

Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - WCSC Vice-president Kevin Dennis (@ktrio3) will be discussing return oriented programming (ROP).

Exploitation Meeting

Date: Thursday, March 21, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - We're changing things up at our Friday meetings. This week we want to hear from our members; we'll be having an informal round table discussion. Introduce yourself, and get to know your fellow Whitehatters. Have an idea you want to pitch to the club? This is your chance! Tell us what you want to see in future club meetings. Talk about a cool challenge you solved, or a useful resource you found. We’ll also have updates on the CodeBreakHERS camp, and other upcoming security events.

Friday Meeting

Date: Friday, March 22, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 5:00 PM

_____________________________________

Blue Team Meeting - System rebooting, please stand by (we’ll update you over the weekend).

_____________________________________

The Code BreakHERS summer camp is still looking for volunteers and curriculum developers. A social media specialist position is now available as well! Sign up in the forms below. CodeBreakHERS is a new cybersecurity summer camp aimed towards high-school girls with an interest in cybersecurity and computer science. Students that volunteer during the camp will have the opportunity to attend DEFCON this summer with funds from WCSC. Students that help design the curriculum for the camp will be paid directly.

Curriculum development form:

https://docs.google.com/forms/d/e/1FAIpQLSfrbLccaXtfKJdGDhbOVDcoDicIZa1VK4YZkVcsjdWhQ_H73w/viewform

Camp volunteer form:

https://docs.google.com/forms/d/e/1FAIpQLSeMj6i4FGkvA4MCM8G1j2ctGtrC7mIPQGI4z72YfPoQY48GMQ/viewform

Social media specialist: The duties of this position are to populate a webpage, Facebook account, Twitter account (and other social media outlets to be determined) with content relevant to the camp. Basic graphic design would be a plus. Dates: Start date ASAP, end date June 28th 2019 (one week after the camp is over). Salary: Negotiable with respect to the involvement of the candidate. Typically a total remuneration between $1,000 and $2,000.

https://docs.google.com/forms/d/e/1FAIpQLSc0KJbRRNXEFVCyqtwetSl88_NlgbaHuhkrXoRBiLu2C4SsyQ/viewform

_____________________________________

CTFs

  • 0CTF/TCTF 2019 Quals—2:00 AM Sat. 23 Mar. to 2:00 AM Mon. 25 Mar.
    • CTFtime
    • Registered for 0CTF for now
    • Create your own account, then join team WCSC with invite code c8e6863f16ac24e9314261a964c8aa14
  • UTCTF—12:00 PM Sat. 23 Mar. to 12:00 PM Sun. 24 Mar.
    • CTFtime
    • Limited to 5 members per team. Create your own team or ask in Slack to join up with some club members


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Just a quick announcement that there will not be a meeting today (Monday, 3/18/2019). We apologize for the late notice and any inconvenience. Stay tuned for information on our other weekly meetings.

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - WCSC Vice-president Kevin Dennis (@ktrio3) will be discussing exploit countermeasures such as Stackguard, ASLR (address space layout randomization), and NX (no-execute) bits.

Exploitation Meeting

Date: Thursday, March 7, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - Logan Lopez (@hiyo) will introduce us to Voice over IP (VoIP) systems and various attack vectors related to VoIP, such as wiretapping and flooding. We will use an Asterisk server and audience-interactive demonstrations of various attacks along with a short primer on SIP (session initiation protocol). Then we will show various methods, such as encryption, to secure against these attacks, and talk about potential future VoIP security research areas.

Friday Meeting

Date: Friday, March 8, 2019

Location: Kopp Engineering Building - ENG 003 (basement)

Time: 5:00 PM

_____________________________________

Spring “break” is March 11 - 17, so there will be no Whitehatters meetings that week. Enjoy it if you can!

_____________________________________

CTFs - Since spring “break” starts this weekend, you have plenty of time to put off that reading assignment and improve your pwning skills.

  • Pragyan—7:30 AM Fri. 08 Mar. to 7:30 AM Sun. 10 Mar.
    • CTFtime
    • Registration is currently not available. We will update the WCSC website Announcements page with login info ASAP.
  • UTCTF—8:00 AM Sat. 09 Mar. to 8:00 AM Mon. 11 Mar.
    • CTFtime
    • Limited to 5 members per team. Create your own team or ask in Slack to join up with some club members


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - WCSC Vice-president Kevin Dennis (@ktrio3) will be discussing format string vulnerabilities. Note the room change this week to ENG 004 (basement, across the hall from our normal Friday meeting room). Also be aware of the Alumni Drive closure from 8:00 am to 4:00 pm.

Exploitation Meeting

Date: Thursday, February 28, 2019

Location: Kopp Engineering Building - ENG 004 (basement)

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - Whitehatters will take part in the Cybersecurity Meet & Greet this Friday from 3:00 pm to 5:00 pm. We’ll have our regular Friday meeting at 5:00 pm immediately after the event in the same room, ENA 105. WCSC President Truvis Thornton (@truvis) will discuss red team vs. blue team; how to attack machines on a network, and how to defend them from attack.

Friday Meeting

Date: Friday, March 1, 2019

Location: Engineering Teaching Auditorium - ENA 105 (directly north of ENG)

Time: 5:00 PM

_____________________________________

Blue Team Meeting - Blue Team Captain Jacob Kesler (@JK42) will be giving a overview on networking, and going over the basics: protocols, hardware, etc.

Blue Team (network defense)

Date: Monday, March 4, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM

_____________________________________

CTFs - We’re making progress in TAMUctf, which continues through Sunday. Bsides San Francisco’s CTF also starts on Sunday.

  • TAMUctf 19—7:00 PM Fri. 22 Feb. to 7:00 PM Sun. 03 Mar.
    • CTFtime
    • Typical CTF! Find the login information in the usual place on Slack
  • BSides SF 2019 CTF—12:00 PM Sun. 03 Mar. to 8:00 PM Mon. 04 Mar.
    • CTFTIME
    • Individual registration, click here to register with WCSC (team code ed71707c3a0e)


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - WCSC Vice-president Kevin Dennis (@ktrio3) will be introducing several tools. In particular, we will be reviewing GDB (with pwndbg), pwntools, Binary Ninja, and briefly introducing Angr. Angr and concolic execution may be the subject of a future talk.

Exploitation Meeting

Date: Thursday, February 21, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - Dr. Nathan Fisk (@nwfisk) will give a brief overview of the history of hackers and hacker culture from 1950 to today, explaining how the history and culture of hacking has shaped the field of cybersecurity.

Friday Meeting

Date: Friday, February 22, 2019

Location: Kopp Engineering Building - ENG 003

Time: 5:00 PM

_____________________________________

Blue Team Meeting - The team will discuss the SECCDC qualifier competition, and go over future plans. Got questions about Blue Team or SECCDC? Check out the #ccdc-blueteam channel on Slack.

Blue Team (network defense)

Date: Monday, February 25, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM

_____________________________________

CTFs are back this weekend! We have two coming up for you to play with. You don’t really want to do your homework, right?

  • STEM CTF: Cyber Challenge 2019—2:00 PM Fri. 22 Feb. to 2:00 PM Sat. 23 Feb.
    • CTFtime
    • Teams are limited to 4 members, so we will be playing as small individual groups. Send a message in the #openctf channel on Slack if you need a team!
  • TAMUctf 19—7:00 PM Fri. 22 Feb. to 7:00 PM Sun. 04 Mar.
    • CTFtime
    • Typical CTF! Find the login information in the usual place on Slack


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - This week, WCSC Vice-president Kevin Dennis (@ktrio3) will go over web technologies and cross-site scripting (XSS). See #exploitation-meeting channel on Slack for a detailed agenda.

Exploitation Meeting

Date: Thursday, February 14, 2019

Location: Kopp Engineering Building - ENG 3

Time: 5:00 PM - 6:15 PM

_____________________________________

There will be no Friday Meeting this week. Insted, come join us at USF Engineering Expo! Sign up to volunteer here: https://goo.gl/forms/SkOZdmApIrpGVQgi1, or stop by our table and say hello. Volunteering at Expo is a great opportunity to practice your skills at articulating basic security principles to a non-technical audience, something you’ll need to do throughout your career. It’s also a great way to help the club, and a good way to be considered for our summer camps and other activities. Plus, you have the chance to introduce thousands of young students to the STEM field we love. See http://expo.eng.usf.edu for details on the event.

Join us at USF Engineering Expo

Date: Friday, February 15, & Saturday, February 16, 2019

Location: See event map (when published)

Time: 9:00 AM - 4:00 PM

_____________________________________

Blue Team Meeting - SECCDC is almost upon us. This will be the final meeting before the qualification competition on February 23. Blue Team Captain Jacob Kesler (@JK42) will be going over the roster and some last minute details for the competition. Got questions about Blue Team or SECCDC? Check out the #ccdc-blueteam channel on Slack.

Blue Team (network defense)

Date: Monday, February 18, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org.

Exploitation Meeting - WCSC Vice-president Kevin Dennis (@ktrio3) will go over SQL and code injection attacks. See #exploitation-meeting channel on Slack for a detailed agenda.

Exploitation Meeting

Date: Thursday, February 7, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

Regular Friday Meeting - WCSC Treasurer Alex Whitaker (@Whitaker) will discuss the current frameworks of international law, and how they allows for cyber attacks to be the ultimate option in warfare. Former WCSC President Farooq Shaikh (@bao) will also discuss a research opportunity with the club.


Friday Meeting

Date: Friday, February 8, 2019

Location: Kopp Engineering Building - ENG 003

Time: 5:00 PM

_____________________________________

Blue Team Meeting - The team will continue preparing for SECCDC. Room is tentatively ENC 1000, we’re waiting on confirmation. Keep an eye on Slack and the mailing list for updates. Got questions about Blue Team or SECCDC? Check out the #ccdc-blueteam channel on Slack.

Date: Monday, February 11, 2019

Location: ENC 1000 (tentative)

Time: 6:00 - 7:30 PM


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org

Exploitation Meeting - WCSC Vice-president Kevin Dennis (@ktrio3) will talk about buffer overflow attacks. Note the room change to ENC 1000 this week.

Date: Thursday, January 31, 2019

Location: Engineering III Building - ENC 1000

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - WCSC President Truvis Thornton (@Truvis) will walk through several different applications, best practices, and first steps to help jump-start you on your hacking journey. We’ll cover how to use GitHub, along with other important everyday resources for hackers and developers.

Date: Friday, February 1, 2019

Location: Kopp Engineering Building - ENG 003

Time: 5:00 PM

_____________________________________

Blue Team Meeting - The team will work on installing and configuring services on AWS hosted VMs. Feel free to ask questions in the #ccdc-blueteam channel on Slack.

Date: Monday, February 4, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM

_____________________________________

CTFs - NeverLAN CTF runs from 3:00 AM on Thursday, 1/31 to 4:00 PM on Sunday, 2/3. We will be meeting at 1:30 PM on Saturday as usual in the C4 Lab (ENB 216) This is a Middle School focused CTF, but open to everyone, so it is an especially good opportunity for beginners to practice their CTF skills.


Christopher Greenland

WCSC Secretary

Hello Whitehatters,

Here’s what’s coming up. If you have any questions, use our Slack, or email wcscsecretary@whitehatters.org, do not reply to this email as it goes to everyone on the list.

Exploitation Meeting - The first Exploitation Meeting is this Thursday. Kevin Dennis (@ktrio) will begin with an introduction to what exploitation meetings are all about. We’ll be talking about the style of the these meetings, as well as introductory topics like C, assembly, and where to learn them. We will also vote on what topics will be discussed this semester. A laptop with a Linux VM is recommended.

Date: Thursday, January 24, 2019

Location: Kopp Engineering Building - ENG 004

Time: 5:00 PM

_____________________________________

Regular Friday Meeting - We have a special treat for you this Friday. As part of the Enhancing Cybersecurity in Public Transportation project, the Whitehatters meeting will be held in room CUT 202 (the upstairs classroom in the CUTR building) at the usual meeting time. Experts from Mission Secure and USF student researchers will allow students to interact with the CUTR traffic cabinet (used for controlling traffic lights, and their related systems). They will discuss the technologies inside the cabinet and demonstrate vulnerabilities in those technologies. Mission Secure is a cybersecurity firm specializing in developing solutions for cyber-physical systems.

Date: Friday, January 25, 2019

Location: Center for Urban Transportation Research (CUTR) - CUT 202

(CUTR is located between the Beard garage and ENB)

Time: 5:00 PM

_____________________________________

Blue Team (network defense) - For next week's Blue Team Meeting, make sure you have VirtualBox/VMware installed and ready to use. Feel free to ask questions in the #ccdc-blueteam channel on Slack.

Date: Monday, January 28, 2019

Location: ENC 1000

Time: 6:00 - 7:30 PM


Christopher Greenland

WCSC Secretary

Hi Whitehatters!

For this week’s exploitation meeting, Kevin (@kevin) will be hosting another series of challenges to test the skills that you’ve built up over this semester. These challenges will be up for a few months and if you can exploit them, the box is yours!

Date: Thursday, November 15, 2018

Location: ENB 337

Time: 5:00 PM

This Friday Christopher Greenland (@christopher) will be giving an introduction to TLS/SSL (the protocols behind secure internet communications) and discuss some attacks and mitigations.

Date: Friday, November 16, 2018

Location: Kopp Engineering Building - ENG003

Time: 5:00 PM

The end of the semester is almost here and along with that comes election time for the 2019 Officers. As you may have seen, there is an officer position interest application on the #wcsc slack channel. I have also linked the form here. If you are interested, don’t hesitate to fill out the form with the position(s) you are interested in. Candidates that are interested should also prepare a short speech on why they are the best fit for the position. The application will close on Thursday (11/15) at midnight.

After the elections and the talk, we will be having an end-of-the-year/farewell get together, the address for the location will be provided at the meeting. There will also be pizza!


Link to the 2019 Officer Interest Application: https://goo.gl/forms/DsHcTdK0qoCl2qAo2


Oshien Nellissery

WCSC Secretary

Hi Everyone,

For this week’s exploitation meeting, Kevin (@kevin) will be hosting a series of challenges to test the skills that you’ve built up over this semester. These challenges will be up for a few months and if you can exploit them, the box is yours!

Date: Thursday, November 8, 2018

Location: ENB 337

Time: 5:00 PM


This Friday Kevin Dennis (@ktrio3) will be giving a talk on the “Enhancing Cybersecurity in Public Transportation" project. Transportation technologies have become increasingly interconnected in recent years. For example, many transit agencies deploy mobile fare payment applications, allowing users to purchase tickets online. As part of the "Enhancing Cybersecurity in Public Transportation" project, the project team will talk about mobile security, and reversing techniques for Android devices. If you would like to follow along, be sure to download an Android emulator. More details on the project and suggested tools can be found at https://www.cutr.usf.edu/2018/07/enhancing-cybersecurity-in-public-transportation/

Date: Friday, November 9, 2018

Location: Kopp Engineering Building - ENG003

Time: 5:00 PM


If you haven’t heard already, we will be holding 2019 Officer Elections on November 16, 2018. If you are interested in running, please fill out this form with the positions you are interested in. https://goo.gl/forms/DsHcTdK0qoCl2qAo2


Oshien Nellissery

WCSC Secretary

Hi Whitehatters,

These are our plans for this week:

Thursday 11/01/18 at 5 PM in ENB 337, Exploitation meeting.

Kevin Orr (@kevin) will speak about symbolic and concolic execution and he will show a demo with angr (a concolic framework), which is also a useful tool for some CTF challenges.

Friday 11/02/18 at 5 PM in ENG 003, Weekly meeting.

Christopher Greenland (@christopher) will introduce TLS/SSL, the protocol behind secure internet communications, and discuss some attacks and mitigations.

We are happy to announce that WCSC's 2019 Officer Elections are scheduled for November 16th. If you are interested in running for a position, express so in here: https://goo.gl/forms/DsHcTdK0qoCl2qAo2

Patricia Wilthew

WCSC Treasurer

On October 11th, 2018, WCSC members participated in the Dual Challenge CTF at the Florida Cyber 2018 conference.

Kudos to Logan Lopez for obtaining second place in the Individual category!

Hi Whitehatters!

Here is the information about this week’s meetings.

Thursday 10/25/18 at 5 PM in ENB 337, Exploitation meeting.

Kevin Orr (@kevin), will show tools for Return-Oriented Programming (ROP) and show some ROP CTF challenges.

Friday 10/26/18 at 5 PM in ENG 003 (Kopp Engineering Building), Weekly meeting.

Truvis Thornton (@thattechkitten), will go over the basics of Powershell and how to weaponize it for exploits.


Patricia Wilthew

WCSC Treasurer

Hi all,

Thursday 10/18/18 at 5 PM in ENB 337: In this week's exploitation meeting, Kevin Orr (@kevin) will be going over the challenges looked at 2 weeks ago and introduce Return-Oriented Programming (ROP).

Friday 10/19/18 at 5 PM in ENG 003: Patricia Wilthew (@patrixia) will talk about the different flaws in traditional enterprise networks and will describe a superior network security model known as Zero Trust.

Since last week, our Friday meetings moved to ENG 003. This is the Kopp Engineering Building.

Looking forward to seeing you this week!

Patricia Wilthew

WCSC Treasurer

Hello Whitehatters,

Just a recap of last Fridays' meeting.

Reliaquest is collaborating with USF for a free training program in cybersecurity fundamentals. An information session and company tour are planned for this Friday 09/14. You need to RSVP Abigail Mauch to attend this event.

Also, if interested you can sign up for the APP testing research project with Dr.Fisk

https://doodle.com/poll/x8x3kivx38svk43z


Farooq Shaikh

WCSC President

Hey Whitehatters,

Here are the presentation slides for yesterdays meeting. It contains all the information you need to get started.

https://drive.google.com/open?id=125YnTONeAlOYI1cJe5g9bsX4n0PegbcY


Farooq Shaikh

WCSC President

Hey Whitehatters,

Welcome back from Summer! This Friday will be our first meeting of the semester. We will be giving 2 demos, getting new members on-board, and announcing our plans for this semester.

Date: Friday, August 24, 2018

Time: 5 - 7 p.m.

Place: EDU 252

Also, this weekend we will be playing NightHawk CTF from Saturday August 25 04:00 EDT - Sunday Aug 26 19:00 EDT. Make sure to join #openctf on Slack.


Farooq Shaikh

WCSC President

Hello Whitehatters,

Brandon Ward from Raytheon SI is hosting a cyber boot camp for members of the club. Although the day and times vary the group mostly meets on Thursdays at FAO, 168. Interested students can join the cyber-boot-camp channel on our slack to get more information.

Farooq Shaikh

WCSC President

Hello Whitehatters,

Blue Team Meeting

Date: April 19, 2018

Time: 5 - 7 pm

Location: ENB 313

Weekly Friday Meeting - @duck will be giving a presentation.

Date: April 20, 2018

Time: 5 - 6:30 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Hello Whitehatters,

Exploitation Meeting

Date: April 10, 2018

Time: 5 - 7 pm

Location: ENB 313

Blue Team Meeting

Date: April 12, 2018

Time: 5 - 7 pm

Location: ENB 337

Weekly Friday Meeting - Brad will be giving a presentation about Spectre/Meltdown.

Date: April 13, 2018

Time: 5 - 6:30 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Hey there Whitehatters,

This Friday we will be having a speaker, Z, coming to talk with us. Z is a senior software engineer at Novetta. He will be giving a talk on new technology and knowing when to use them vs. when not to use them in the workplace.

The meeting will be held on March 30 at 5pm in room EDU 252.

Hope to see you all there.

Oshien Nellissery

WCSC Secretary

Hello Whitehatters,

This week’s meeting times are as follows:


Exploitation Meeting

Date: March 27, 2018

Time: 5 - 7 pm

Location: ENB 313


Blue Team Meeting - This Thursday we will be looking into scripting for defense side competitions and other automated features.

Date: March 29, 2018

Time: 5 - 7 pm

Location: ENB 337

Weekly Friday Meeting - Speaker to be announced soon.

Date: March 30, 2018

Time: 5 - 6:30 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Hey there Whitehatters,

I have another announcement for this Friday, we will be playing/competing in the Volga CTF 2018 Quals. Our team name and link to the website is provided below:

Team Name: WCSC

https://quals.2018.volgactf.ru/

Hope to see you participate!

Oshien Nellissery

WCSC Secretary


Hello Whitehatters,

I hope everyone had a good spring break! This week’s meeting times are as follows:

Exploitation Meeting

Date: March 20, 2018

Time: 5 - 7 pm

Location: ENB 337


Blue Team Meeting - This Thursday we will be looking into wireless WEP and WPA2 security, along with an introduction to scripting for defense side competitions.

Date: March 22, 2018

Time: 5 - 7 pm

Location: ENB 313


Weekly Friday Meeting - This Friday we will be having lightning talks, this is a good opportunity for anyone who is interested in talking about a security related topic. The talks could be about anything from projects, events, or cool tools.

Date: March 23, 2018

Time: 5 - 6:30 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Hey Whitehatters,

I hope everyone’s semester and exams are going good. Last week before spring break!

Exploitation Meeting - Going over some more assembly to learn basic shellcoding. Talk about mitigations, how to circumvent those mitigations, and how to mitigate those circumventions. Not required but recommended to install nasm (sudo apt install nasm, or sudo dnf install nasm)

Date: March 6, 2018

Time: 5 -7 pm

Location: ENB 337

There will not be a Blue Team or Friday Meeting this week due to midterms.


Oshien Nellissery

WCSC Secretary


Hey there Whitehatters!

This week’s meeting times are as following:

Exploitation Meeting

Date: February 27, 2018

Time: 5 - 7 pm

Location: ENB 313


Blue Team Meeting - This Thursday the Blue Team will be discussing and reviewing what occured in the Southeast Regional Cyber Defense Qualification.

Date: March 1, 2018

Time: 5 - 6:30 pm

Location: ENB 313

Weekly Friday Meeting - Patricia Wilthew (@patrixia) will be going over the Linux Command line: commonly used commands, basic text manipulation, vim, users, permissions, processes, etc. Make sure to have any Linux distribution virtual machine.

Date: March 2, 2018

Time: 5 - 6:30 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Greeting Whitehatters,

This week’s meeting times are as following:


Exploitation Meeting

Date: February 20, 2018

Time: 5 - 6:30 pm

Location: ENB 313

Blue Team Meeting - This Thursday the Blue Team will be practicing for the upcoming Cyber Defense Competition. Feel free to join and shadow the process.

Date: February 22, 2018

Time: 5 - 7 pm

Location: ENB 313

Weekly Friday Meeting - Dr. Fisk will be giving a talk this Friday. We will also be playing NeverLAN CTF and have pizza as well.

Date: February 23, 2018

Time: 5 - 6:30 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Howdy Whitehatters,

I hope that everyone's semester is going good! I have a couple of announcements for this week’s meetings.

Exploitation Meeting

Date: February 13, 2018

Time: 5 - 7 pm

Location: ENB 313

Blue Team Meeting

Date: February 15, 2018

Time: 5 - 6:30 pm

Location: ENB 313

Friday - Jeremy Rasmussen (@triple-h) will be giving a talk about cloud computing and security.

Date: February 16, 2018

Time: 5 - 6:30 pm

Location:EDU 252

Oshien Nellissery

WCSC Secretary

Hey there Whitehatters,

Exploitation Meeting

“This Tuesday we will be reviewing buffer overflows, I'll talk about using pwntools and gdb to easily write exploits for buffer overflows, and I'll give a challenge to work on” – Kevin Orr

Date: Tuesday 6, 2018

Time: 5pm – 6:30pm

Location: ENB 313

Blue Team Meeting

Date: Thursday 8, 2018

Time: 5pm – 7pm

Location: ENB 313

Weekly Friday Meeting

This Friday @inferno will be giving a talk about Doxing, what it is and how it works along with a demonstration of Doxing.

Date: Friday 9, 2018

Time: 5pm – 7pm

Location: EDU 252

Oshien Nellissery

WCSC Secretary

Hello Whitehatters,

We have a date and location for the Blue Team meetings. We will be meeting every Thursday at 5 pm in FAO 168 unless otherwise noted.

The Exploitation meeting times and dates are still in the works so please be on the look out for that!

Our general meetings will always be on Fridays at 5:00 PM (in EDU 252). But always check your email to make sure a specific meeting was not canceled.

This Friday at 5 pm, our previous president, Brad Daniels, will be giving a talk.


Farooq Shaikh

WCSC President

Hey there Whitehatters,

This Friday at 5pm Elias Torres, CTO and Co-founder of Drift, a Boston-based startup and USF alum, will be visiting us. He will be talking about what the company does and the challenges he faces as a CTO. They are also expanding to the Tampa Bay area and are interested in hiring.

Exploitation meeting and Blue Team meeting times will not be affected.

Oshien Nellissery

WCSC Secretary

Exploitation Meeting

Date: January 30, 2018

Time: 5 pm – 7 pm

Location: ENB 337

Blue Team Meeting - This Thursday we will be introduced to the Windows Internet Information Services (IIS). Ensure you download Windows Server 2016 from https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016 and have the ISO installed and running before the meeting. The lecture will be led by Farooq (@bao).

Date: February 1, 2018

Time: 5 pm – 7pm

Location: ENB 337

Weekly Friday Meeting – This week Kevin Dennis (@ktrio) and Farooq (@bao) will be going over some of the challenges on pwnable.kr

Date: February 2, 2018

Time: 5 pm – 7 pm

Location: EDU 252


Oshien Nellissery

WCSC Secretary

Hello Whitehatters,

Blue Team: be every Thursday at 5 pm in FAO 168 unless otherwise noted.

This Friday (5 pm) in EDU252: we will be having Kevin Orr (Vice President) will be holding the Binary Exploitation Meeting.

“This week we will have our binary exploitation meeting. If you went to Brad's meeting last week, we learned about basic reverse engineering skills and got a taste of Binary Ninja. I will go over some of the other basic tools we use and start to explain how C code is compiled into machine code. Before we meet on Friday, please have a Linux VM ready. I've posted instructions in a github repo that we will be using ( https://github.com/KevOrr/ctf-training/blob/master/2018-01-26/pre-meeting.org ). If you have any questions, shoot me a message on slack @kevin or drop a message in #general” - Kevin Orr


Oshien Nellissery

WCSC Secretary

Hello Whitehatters,

We have a date and location for the Blue Team meetings. We will be meeting every Thursday at 5 pm in FAO 168 unless otherwise noted.

The Exploitation meeting times and dates are still in the works so please be on the look out for that!

Our general meetings will always be on Fridays at 5:00 PM (in EDU 252). But always check your email to make sure a specific meeting was not canceled.

This Friday at 5 pm, our previous president, Brad Daniels, will be giving a talk.


Farooq Shaikh

WCSC President

Hi Everyone,

The Whitehatters Computer Security Club will be having its first official meeting of the spring semester.

Date: Friday 12th, 2018

Location: EDU252

Time: 5:00 PM


We will be talking about the club and its activities along with multiple hacking demos by club members.

Our website has all the information you need to get started including a beginner friendly guide. https://www.wcsc.usf.edu/

Two important communication channels are:

- Mailing List [http://lists.acomp.usf.edu/mailman/listinfo/wcsc]

-Slack [send an email to president@whitehatters.org or wcscsecretary@whitehatters.org to get added to slack]

Hope to meet you all this Friday and have an amazing semester.

Oshien Nellissery

WCSC Secretary

We are not having a meeting this Friday as USF will be closed.

(6:30 PM) Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.


Patricia Wilthew

WCSC Secretary

We are not having a meeting this Friday as we will be attending the Florida Center for Cybersecurity Conference!

(6:30 PM) Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.


Patricia Wilthew

WCSC Secretary

Hello Whitehatters!

(5:00 PM) This Friday: We’ll be playing Pwn2Win CTF (https://ctftime.org/event/427). Come and join for this unusual and interesting CTF (and food)!

(6:30 PM) Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.


Patricia Wilthew

WCSC Secretary

Thank you to everyone who came out for the CSAW Quals! (two weeks ago).

Writeups for the challenges we solved will be going up on our GitHub repo over the next few days: https://github.com/WCSC/writeups

If you have a write-up to contribute please let me know and I'll give you write permissions on GitHub.

(5:00 PM) This Friday: We’ll be going reviewing some of the challenges we solved from CSAW Quals. This is great opportunity for everybody to learn what CTFs are about and why they are a great way to develop new skills and learn interesting cyber-stuff!

(6:30 PM) Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.


Patricia Wilthew

WCSC Secretary

(5:00 PM) This Friday: From the perspective of the security consulting industry, we invite Jonathan Singer, a Senior Security Consultant working with companies to find gaps in their enterprise. He will discuss how he broke into the security industry and what his day-to-day tasks include, at least what he can share with us sans NDA.

(6:30 PM) On Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.


Patricia Wilthew

WCSC Secretary

(5:00 PM) This Friday: We will have Alan Gay from LGS Innovations as a guest. He is an Embedded Software Engineer and he wants to share with us what his company does as U.S. Department of Defense contractor. He is looking forward to meeting Whitehatters who are interested in Summer internships.

(6:30 PM) On Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.

Hope to see you there!


Patricia Wilthew

WCSC Secretary

(6:30 PM) Today: Blue Team's (defense) meeting!

(5:00 PM) This Friday: We have duck coming in from out of town to give us a guest lecture on x86 architecture! This talk will be useful to anyone wanting to get into binary exploitation and reverse engineering. We highly recommend you attend.

Howdy everyone, I'm Sean (duck on Slack). I graduated a couple years back, but I like to still visit and give back to the club. I will start with presenting on some x86 basics including the stack. This will be helpful for those of you working on getting your feet wet with exploitation and reverse engineering. After that, I'll go somewhat in depth with a proof-of-concept and exploration of some Intel processor misbehavior. Get ready for `mmap`ing to address 0, shellcode, and C programs with inline assembly.

Location: EDU252 is the place of our two weekly meetings.


Patricia Wilthew

WCSC Secretary

Hello, Whitehatters!

As campus reopens on Thursday, we will have our regular meeting this Friday.

(5:00 PM) This Friday we will play CSAW Qualifications CTF (https://csaw.engineering.nyu.edu/ctf)! And we will order pizzas.

(6:30 PM) On Tuesday: Blue Team's (defense) meeting.

Location: EDU252 is the place of our two weekly meetings.

Hope to see you there!


Patricia Wilthew

WCSC Secretary

We are not having a meeting this Friday. USF will be closed.

Hi, Whitehatters!

Good news! We have a date and location for our Blue Team meetings. We will meet every Tuesday at 6:30 PM at EDU 252 unless otherwise noted.

Our general meetings will always be on Fridays at 5:00 PM (also in EDU 252). But always check your email to make sure a specific meeting was not canceled.

This Friday at 5:00 PM, I will go over Linux and the CLI; hopefully we have some time left to write some Bash scripts. Please make sure you have any form of Linux available. Get yourself a nice virtualizer (VirtualBox, VMware) and create a virtual machine of any Linux distribution you like!

We are looking forward to seeing you!


Patricia Wilthew

WCSC Secretary

Here are my slides from last Friday's talk.

WCSC Intro Talk Fall 2017

Thanks everyone for coming out!


Brad Daniels

WCSC President

Welcome, everyone!

Whitehatters will have the first official meeting of the new Fall semester this Friday at 5 PM in EDU252.

We will show some demos, and we will introduce former members to the club. If you have not already noticed, the Whitehatters calendar has been updated, and if you haven't subscribed to the mailing list, now it is a great time to do so. Slack is our primary chat room. To be added to our Slack team, please send an email to wcscsecretary@whitehatters.org

This semester, we will hold our general meetings at 5 PM on Fridays at EDU252 (4202 E Fowler Ave, Tampa, FL 33620).

We also plan on having CTF workshops most Saturdays at 1 PM, but each one will be announced beforehand.

During Fall, our CTF Team will participate in at least 5 CTFs... We need you! So now it is the best time to sudo apt-get good. To learn more about CTFs and their importance, read this.

Additionally, by the end of Fall, we will hopefully have selected the students that will make up the Blue Team to represent WCSC in SECCDC.

Looking forward to a busy and awesome Fall semester. See you all on Friday.


Patricia Wilthew

WCSC Secretary

Hi Whitehatters,

We've made a new CTF practice board running on CTFd!

We aim for it to be a repository for all Whitehatter created CTF challenges. There are a number of beginner friendly challenges, so if you're new it's a great way to build up your CTF skills if you're new.

If you have any challenges you've created as a Whitehatter please feel free to send them to me and I'll put them up.

We're also accepting challenge submissions from Whitehatters to be included in the CTF we're putting on for the Florida Center for Cybersecurity Conference in October. More details about the CTF are coming soon.

Thanks,

Brad Daniels

WCSC President

Hey, all!

This summer, Whitehatters contributed to the CyberCamp 2017. This camp was designed to introduce high school kids to the field of cybersecurity, giving them some experience with technical skills, and providing opportunities to talk with cybersecurity students and professionals over the course of 5 days. We had a lot of fun teaching them about Raspberry pi, the Linux CLI, basic Python scripting, networking, and more.

Additionally, Whitehatters who participated in this summer camp were able to attend DEFCON25 in Las Vegas, NV!

Thanks to all of you who participated in the CyberCamp. Hopefully, we will have more opportunities like this one in 2018.


Patricia Wilthew

WCSC Secretary

Hi Whitehatters,

Hopefully, you are all having a great summer.

On Friday @5:00 P.M., we will be joining Jonathan Singer at ISA 5021.

Jonathan started as a member of WCSC who later founded HackUCF. He is a Senior Cybersecurity Engineer at GuidePoint Security and a master's student of Information Assurance.

Introduction to Practical Security in Application Development.

Maybe you have heard of the OWASP Top 10, and maybe you have not. For those that have, the importance is widely understood for all application developers from a security standpoint. And for those have not, be prepared for an introduction to practical security in application development. This information will apply to all facets of applications including web and enterprise software.

During this talk, we will discuss each of the Top 10 application security risks in depth, provide some examples and solutions, and even companies that have been affected by these vulnerabilities in the real world. Expect to walk away with a better understanding of what application developers face from a security risk point of view.


Patricia Wilthew

WCSC Secretary

Hi Whitehatters,

Congratulations to our sophomore WCSC members who won 2nd place in the Raymond James CTF this past Saturday!

As a reminder, we will not have more meetings this semester.

See you next Fall, 2017


Patricia Wilthew

WCSC Secretary

Hey Whitehatters,

For this week,

Thursday at 6:30 PM: ReliaQuest, the sponsor of our club, will host a Cybersecurity talk in our meeting room (ISA 5021). "Through a focus on training and development of highly motivated individuals who deliver customized security services, ReliaQuest enables rapid maturity of its customers' security programs. ReliaQuest is a force-multiplier, helping organizations remain secure and compliant as the world of IT security rapidly changes".

Last meeting of the semester, Friday at 5:00 PM: Presentation on Filesystems [Definition, Uses, Types, and Examples] by @patrixia in ISA 5021. I will also share a script I wrote to solve the problem of having inaccurate available-space numbers in an all-flash array storage such as XtremeIO (Content Aware Storage) caused by the way Linux's filesystems work.

We will get food and beers afterward! We hope to see you all.


Patricia Wilthew

WCSC Secretary

Hello WCSC folks!

Wednesday at 6:30 PM: We'll go over some Hacking challenges!

Thursday at 6:30 PM: As always, practical CTF meeting with @nullp0inter.

Friday at 5:00 PM: "Python: Tips, Tricks, and Aberrations" by our special guest @duck

Meeting place: ISA 5021.


Patricia Wilthew

WCSC Secretary

Hello all,

For this week,

Wednesday at 6:30 PM: Application Program Interface (API) and Security with @kclonts.

Thursday at 6:30 PM: Practical CTF meeting with @nullp0inter.

Friday at 5:00 PM: We will have our general club meeting and will get dinner and drinks afterward.

Meeting place: ISA 5021.

Patricia Wilthew

WCSC Secretary

Hi, Whitehatters!

For this week,

Wednesday: We will have a speaker in ISA 5021 at 6:30 pm.

Richard Rauscher, PhD – Richard Rauscher has been working with and supporting Internet technologies for 30 years. He has been responsible for cybersecurity for several organizations including the USF College of Engineering. He was the first information security officer for Moffitt Cancer Center. Most of his career has been spent as an IT leader at various academic health care organizations. He is currently the Executive Vice President of Miva, Inc., an e-commerce (PaaS) company.

He will present a short talk on historical perspectives of cybersecurity based on his own experiences (1987-2016). He will also discuss the current state of cybersecurity, focusing on health care.

Thursday: Practical CTF meeting with @nullp0inter in ISA 5021 at 6:30 pm.

Friday: We will have a speaker In ISA 5021 at 5:00 pm.

From the perspective of the security consulting industry, we invite Jonathan Singer, a Senior Security Consultant working with companies to find gaps in their enterprise. He will discuss how he broke into the security industry and what his day-to-day tasks include, at least what he can share with us sans NDA.


Patricia Wilthew

WCSC Secretary

Just a reminder that we're playing in 0CTF this weekend starting at 8pm tonight. It runs for 48 hours and will end at 8pm on Sunday.

To play for with our team please join us on #openctf on Slack.


Brad Daniels

WCSC President

Hi there,

For this week:

Wednesday at 6:30 PM: @bao will make a presentation about Access Control Lists (ACL).

Thursday: Canceled.

Friday at 5:00 PM: We will have our general club meeting and will head to Dbaks for dinner and drinks afterwards!

We will not have meetings in Spring Break.


Patricia Wilthew

WCSC Secretary

Because of midterms, Wednesday and Friday meetings are canceled.

Thursday: Practical CTF meeting with @nullp0inter in ISA 5021.

Friday @ noon, iCTF:

This weekend we will be playing the iCTF starting at Friday noon. It's an attack-defense CTF and people who are playing will need to find vulnerabilities and be in the same room.

We will decide the meeting place (ISA 5021 or our hackerspace) after we have a headcount of the people playing. If you want to join us (which you should), message me @patrixia in Slack or @brad_d and we will add you to a private channel.


Brad Daniels

WCSC President

This Friday the Whitehatters will be exhibiting at the engineering expo: http://expo.eng.usf.edu/

Wednesday meeting is canceled

Thursday: Ian (@nullpointer) will hold the practical reverse engineering session/workshop.

Friday meeting is canceled.

Meeting place: ISA 5021.

Meetings during Spring 17:

  • Wednesdays @ 18:30;
  • Thursdays @ 18:30;
  • Fridays @ 17:00.


Patricia Wilthew

WCSC Secretary

Hey Whitehatters,

Tomorrow we will be at the Involvement Invasion from 11:00 to 13:00 in the MLK West Lawn.

Our first meeting of the semester will be held this Friday, January 13th @ 17:00 in ISA 5021. Our new club President, Brad Daniels, will introduce the club to new members and talk about our plans for the semester.

Wednesday and Thursday meetings will commence next week (January 18th and 19th).

Meetings: During the Spring semester, we will still meet three times a week:

  • Wednesdays @ 18:30;
  • Thursdays @ 18:30;
  • Fridays @ 17:00.

New Officers: The club elected new officers for 2017.

  • President: Brad (@brad_d);
  • Vice President: Farooq (@bao);
  • Secretary: Patricia (@patrixia);
  • Treasurer: Kyler (@kclonts).


Patricia W.

WCSC Secretary

Hi Whitehatters,

https://i.redd.it/e5uylwsqzizx.jpg

We'll be holding all three regular meetings this week before the month-long winter break. During the break we'll still be active on Slack and IRC if you wanna hack stuff. We might plan some informal meetups over the break as well so stay tuned on Slack.

Wednesday: 6:00 PM in ISA 5021 we'll be holding our regular practical security meeting.

Thursday: 6:30 PM in ISA 5021 I will show you how to exploit a CTF challenge and get a shell via a ret-to-libc exploit. I'll talk about ASLR, leaking memory, and tools and techniques for exploiting vulnerable services.

Friday: 5:00 PM in ISA 5021, @nullp0inter will wrap up the semester for us by giving an intro to return-oriented programming.


Thanks,

Brad Daniels

WCSC Secretary

Due to the holiday we will not be having any Whitehatter's meetings this week. We'll still be hanging out on Slack and IRC if you get bored though!

Thanks,

Brad Daniels

WCSC Secretary

Thank you to everyone who came out last weekend for the CSAW Quals! The competition is over, but the challenge board is still available if you want to practice or follow along with some writeups: https://ctf.csaw.io/

Writeups for the challenges we solved will be going up on our GitHub repo over the next few days: https://github.com/WCSC/writeups

If you have a writeup to contribute please let me know and I'll give you write permissions on GitHub.

Wednesday: Wednesday at 6PM we'll be covering more Windows material. Make sure you're running the Windows 10 VM that was posted in the #ccdc channel. If you have any trouble setting it up please let us know on #ccdc.

Thursday: 6:30 PM in ISA 5021 we'll be reviewing some of the more difficult challenges from CSAW Quals.

Friday: 5:00 PM in ISA 5021 we'll be going over some of the more beginner-friendly challenges that we solved at CSAW last weekend. Afterwards we'll be heading to Dunderbaks for food and drinks.

TUM CTF: Next Friday 9/30 at 12 noon TUM CTF kicks off. We encourage everyone to play. If you don't have much CTF experience go ahead and ask on Slack and we can provide you with plenty of good CTF training resources.


Brad Daniels,

WCSC Secretary

Wednesday: At 6PM in ISA 5021 we'll be diving into Windows. Please bring a laptop with a Windows 10 Professional VM installed and ready to go.

Thursday: 6:30 PM in ISA 5021, we'll be going over some CTF challenges. If you want to get some practice in before CSAW Quals this is a good chance.

Friday: 5 PM in ISA 5021 we'll be competing in the NYU CSAW CTF Qualification round. The competition begins at Friday 6 PM and ends at 6 PM Sunday 9/18. We'll be in the lab all weekend playing.

To play in the CTF make sure you're in the private #ctf channel on Slack (message me or another officer for access).

We encourage people of all experience levels you to come out and play. This is a collaborative effort so the more heads we have tackling challenges the better we'll do. Come out even if you just want to shoulder-surf.


Brad Daniels

WCSC Secretary

Thank you to everyone who still participated in the Thursday and Friday meetings online last week even though the campus was closed.

Wednesday: 6 PM in ISA 5021, we'll be covering the basics of networking. No matter what topics you're interested, this will be an important meeting. Networking basics are essential to being able to administer any kind of system. Bring a laptop.

Thursday: 6:30 PM in ISA 5021. We're going to have our first in-person meeting of the 0x28 CTF team in this room. Xan will be around this week so he'll be leading us though some past CTF challenges to see what we can learn from them.

Friday: 5:00 PM in ISA 5021. I'll be giving a presentation on getting around firewalls with DNS tunnels. I'll go over some of the common security measures that are put in place in organizations to stop data exfiltration and the circumvention of security policies. Afterwards the crew will be heading out for drinks at Dunderbaks.

CSAW Quals: CSAW Quals start September 16th. If you've never played a CTF before you're welcome to join. It's a good idea to review some of last years CSAW Quals writeups here: https://github.com/ctfs/write-ups-2015/tree/master/csaw-ctf-2015. There are plenty more CSAW write-ups from other years available as well.


Brad Daniels

WCSC Secretary

Hi Whitehatters,

Thank you to everyone who showed up to our Intro meeting last Friday. There were at least 80 of you in attendance which is more than I've ever seen at a Whitehatter's meeting.

If you liked what you heard and want to know how to get more involved check out our New Members guide here: http://www.wcsc.usf.edu/noobs

If you're new run through OverTheWire.org's Bandit challenge. It'll teach you a lot of the basic UNIX CLI tools you'll need to play in CTF competitions. http://overthewire.org/wargames/bandit/

Xan's slides from Friday are available here: https://drive.google.com/open?id=10cP7pK9eKjivz2W6xTzjFlYGWwoiu_hAXR2FM7DN_r8

Wednesday: At 6:00 PM in ISA 5021 we'll be having our first Practical Security meeting of the semester. Wednesdays will feature hands-on guidance in securing and administering Windows and Linux systems with several Whitehatter veterans and alumni standing by to offer support. If you want to learn real world skills in network security that you can add to your resume, come out to Wednesday and get involved.

Thursday: 6:30 PM in ISA 5021 will be our first ever CTF training meeting. This meeting is designed to strengthen our CTF skills by solving CTF challenges together as a team. This will not be as beginner friendly as Wednesday and Friday, but anyone is welcome to come out and participate. Bring some Linux. @nullp0inter just compiled an Ubuntu 14.04 ISO with a lot of hacking tools pre-installed. If something is broken be sure to pester him on Slack. Download here and check it out: https://drive.google.com/file/d/0B-r6ID_je1xmZU1wYk02Rk1HV0U/view

Friday: This Friday at 5:00 PM in ISA 5021 @nullp0inter will be giving a talk on basic buffer overflows. If you're new to CTFs it will be a great talk that will provide you with a good starting point in binary exploitation. Bring some Linux or at least a C compiler to follow along. Afterwards we'll be heading out for drinks, which is a great way to get to know everyone in the club.

IceCTF: The competition is over, but the challenges are still up if you want to practice. It's a great CTF with challenges for all skill levels. If you get really stuck, check out our write-ups on GitHub, but please, try your best to do it on your own, you'll learn a lot more.

IceCTF: https://play.icec.tf/challenges/

Writeups: https://github.com/WCSC/writeups/tree/master/icectf-2016


Brad Daniels

WCSC Secretary

Thanks for everyone who attended our first meeting. We had such a great turnout with over 70 people. For our new members we hope you found it interesting and we will see you next week! Don;t forget to subscribe to the calendar and to our mailing list.

Here are the slides from yesterday.

https://drive.google.com/open?id=10cP7pK9eKjivz2W6xTzjFlYGWwoiu_hAXR2FM7DN_r8

Also if your interested the ICEctf still has its challenges up and write-ups are out. This is a good intro ctf and if you have time you should take a look at it.

https://icec.tf/

Xan

WCSC President

It's been an exciting summer for the Whitehatters. The two summer camp programs we put on with FC2, GenCyber and PreCollege Cyber Defense Boot Camp, went very well. It's looking good that both of those programs will be happening again next year. The camps provided us with the means to cover airfare, hotel, and registration for Whitehatters to attend DEF CON 24 in Las Vegas. Thank you to all those who helped out.

Meetings: Our first meeting of the semester will be held this Friday August 26th at 5 PM in ISA 5021. Club President Kris (Xan) will introduce the club to new members, and talk about our plans for the semester.

Wednesday and Thursday meetings will commence next week.

IceCTF: Several of our members have been playing the IceCTF lately. It's a really fun CTF with tons of challenges for all skill-levels. It ends Friday at noon. You can get started at https://play.icec.tf/, but be sure to check out #ctf on Slack to play with the rest of the Whitehatters.


Brad Daniels

WCSC Secretary

Thanks to all of you who helped out with GenCyber and Precollege and got your free trip to DEFCON. Everyone was really impressed with how it turned out.

Since we're all recovering from DEFCON and getting ready to start the semester, we are not having any meetings this week. Stay tuned to the mailing list and Slack for updates on when the next meeting will be.


Brad Daniels

WCSC Secretary

Due to our involvement in GenCyber and PreCollege, and the subsequent trip to DEFCON in Las Vegas, we will not be holding any meetings until August 10th.

Enjoy the rest of your summer break!


Brad Daniels

WCSC Secretary

CTF: Boston Key Party is coming up March 4th through 6th. https://ctftime.org/event/252

Wednesday Meeting: Tomorrow at 6PM we will be meeting in ISA 5021 to go over Wi-Fi security. Please bring a Kali install and a Wi-Fi card that supports monitor mode to join in on the fun.

Friday Meeting: Our flagship meeting is at 5PM every Friday in ISA 5021.

Below is our tentative presentation schedule:

2/26: brad_d, Windows authentication

3/4: nullp0inter, buffer overflow

3/11: ReliaQuest, Cybercrime and Blackhat hackers

If you want to present at Whitehatter's please send me an email with your topic idea and any date restrictions.

You don't have to be a hacking prodigy to present. If you're working on something cool, or want to learn something new, preparing a presentation is a great way to sharpen your understanding on a topic. You can review past presentations on our GitHub.

Brad Daniels

WCSC Secretary

Blue Team Wednesday: Today at 6PM in ISA5021, we're going to be reviewing our performance at SECCDC Quals. We'll be going over what we could have done better during the competition, and the future direction of the Wednesday meetings. We'll be discussing the summer pre-college program, and opportunities for an expenses-paid trip to DEFCON 2016.

0x28 Council: WCSC is restarting the 0x28 Council. The council is a group of club members who play a more active role in the club. Council members will be expected to contribute more to the club, but in return, have a greater voice in club decisions, and greater involvement in special projects and work opportunities. More details on the 0x28 council will be discussed today at the Wednesday meeting, and again at the Friday meeting.

Expo: Tomorrow at 5PM we will be meeting up in the ISA5021 lab to go over our plans for the USF Engineering Expo. This is a great opportunity to get more active in Whitehatters. To get involved, please message nullp0inter on Slack or IRC, or email him at ian@whitehatters.org.

Friday Meeting: This Friday at 5PM in ISA 5021, we will hold our regular Friday meeting. Xan will be giving a talk on Malware Analysis that you should not miss. Afterwards, we'll head to Dunderbaks for drinks and food.

Keeping in Touch: Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. Much of the chatting has moved to Slack now. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org.


Brad Daniels

WCSC Secretary

Watch this 2010 short doc about the Whitehatters! https://www.youtube.com/watch?v=TvmaCNJnSZ8

Wednesday Blue Team: Tomorrow night at 6 PM in CIS 1035 we will be having our next Blue Team meeting. If you want to get practical hands on experience administering and securing Linux and Windows systems, come join us! It's never too late to get involved.

Friday Meeting: This Friday, Dec. 4th at 5 PM in CUTr 202 we will be having our last regular WCSC meeting of the semester. Cybersecurity professional Brandon Ward of Raytheon SI will be giving a talk on using emulators to find bugs.

Bull Market: nullp0inter, GH0S1 and others will be out in front of the Marshall Center tomorrow for Bull Market. Come by and check out our table tomorrow between 8:30 and 3.

Good luck on finals everyone!


Brad Daniels

WCSC Secretary

Blue Team: Tonight at 6pm in CIS 1035, we're having our weekly Blue Team meeting. It's not too late to get involved! If you want to join the Linux team please bring Ubuntu 14.04 and CentOS 7 VMs. If you wanna join the Windows team bring a Windows Server 2012 R2 VM, which you can get through Dreamspark.

For Linux command line practice, OverTheWire.org has a great wargame for learning the basics at http://overthewire.org/wargames/bandit/

Don't sell yourself short and look up the solutions! Use the man command for help!

CigarCitySec: After the Blue Team meeting, we'll be heading over to CigarCitySec for beers. CigarCitySec is a monthly informal gathering of Tampa Bay computer security professionals. More information can be found at http://cigarcitysec.com/.

If you need a ride, let us know on IRC or Slack.

Friday Meeting: 5pm this Friday in Cutr 202, former WCSC president rastii will be giving a talk on SQL Injection! He has challenges ready for all experience levels after the presentation. It should be a fun evening. Afterwards, we'll be hitting up Dunderbaks, as usual.

Keeping in Touch: Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org.

Brad Daniels

WCSC Secretary

A couple of us from WCSC made it out to the third meeting of CigarCitySec last night. Hopefully it will continue to keep growing. It's a really awesome time to meet people in the Tampa security community. If you haven’t been yet come join us next month. Meeting dates are on the WCSC calendar.

http://cigarcitysec.com

https://twitter.com/cigarcitysec


Welcome Everyone!

This Friday (January 23) in MSC 2703 at 5pm Whitehatters will start the first official meeting of the new Spring semester. I wanted to take some time to welcome new and past members who will be joining us.

If you have not already noticed the Whitehatters calendar has been updated and if you haven't subscribed now is a great time to do so. Whitehatters Calendar

Last week, Whitehatters competed in Ghosts In The Shellcode accomplishing some great work for our first CTF of the new year. Hopefully, we will have write-ups of some of the challenges up soon.

This semester we have some great events planned out. USF Engineering Expo is coming up on February 13th and 14th and Whitehatters will be there once again. It will be exciting to show off our new demo this year related to cyber security. Of course, CTFs are important to the club and Whitehatters will be out in full force this semester competing in Boston Key Party, PlaidCTF, SECCDC, and several others before finishing out the semester with DEFCON 23 Quals.

If you haven't already, you should join the discussion with our several communication outlets including our...

Mailing List

IRC: irc.hackint.org/9999 #WCSC

Twitter

Bullsync


Looking forward to a busy and awesome Spring semester.

See you all on Friday!


Xan

WCSC President