20160914-YDTL0121[1].jpg

Welcome to SecKC

Kansas City's Hacker Hive

e201806121941-IMG_1756_1920_1280.jpg

August's SecKC Meeting

Eventbrite - SecKC | 2016

 

August's SecKC Meeting

WHEN: Tuesday, August 14th, 2018 from 6:00 PM to 9:30 PM (CST)
WHERE: Kanza Hall - 7300 W 119th St. Overland Park, KS 66213

6:00-6:30 -* SecKC 101 — Welcome to SecKC & - SecKC Open Source Intel Briefing

 

6:45-7:30 - Matt Clemons

The Art of Detection

Labbing up some popular attack tools and defending against them. Gathering indicators of compromise and making them actionable.

 

7:45-8:15 - Arden Meyer @DSM_Locksport @SecDSM @that_guy_ego

Privilege Escalation in Mechanical Master-Key Systems

The mechanical pin and tumbler locks we use on our homes, schools, and businesses have not changed much in over 100 years. Sure, there have been some exotic new designs but most are just not fiscally feasible compared to their relatively minor improvements (if any) in security. A feature desired on large scale deployments is called Master Keying, which allows for many unique key/lock combinations while supporting multiple permission levels commonly referred to as "janitor keys" or "security keys" that can open multiple locks. While these systems are still in use around the globe in medium-to-large scale businesses, schools, and government buildings, they are also susceptible to what some consider to be the original privilege escalation attack. We will talk about an optimization attack against the most common master keyed lock systems in use today, reducing the potential attack surface from 1,000,000 permutations for an SC4 keyway system down to 42 steps to find the highest privilege key.

 

September's SecKC Meeting

WHEN: Tuesday, September 11th, 2018 from 6:00 PM to 9:30 PM (CST)
WHERE: Kanza Hall - 7300 W 119th St. Overland Park, KS 66213

6:00-6:30 -* SecKC 101 — Welcome to SecKC & - SecKC Open Source Intel Briefing

 

6:45-7:30 - Ryan Presto @awsmhacks

Classify me plz

Access management services are providing attackers insta-pwn capabilities. I'll demonstrate how devices meant to protect the network actually provide an avenue of attack. Apologies ahead of time, you might have to go back in to work tonight.

 

7:45-8:30 - Gared Seats

So you wanna build a Security Lab?

Have you ever wanted a lab or development setup, so you can try things, test things, figure out problems or just have a great time? This session covers the basics or setting up a great lab environment without breaking the bank. We know budgets are tight for businesses or home. This session will show you how to set up a quality build that will last a while for you. We’ll also go over some software recommendations and scenarios for how to use and deploy this system. (Bonus – an actual mobile lab system will be at the session so you can see it in person.)

 

 

October's SecKC Meeting

WHEN: Tuesday, October 9th, 2018 from 6:00 PM to 9:30 PM (CST)
WHERE: Kanza Hall - 7300 W 119th St. Overland Park, KS 66213

6:00-6:30 -* SecKC 101 — Welcome to SecKC & - SecKC Open Source Intel Briefing

 

6:30-6:45 - Mark Bayley - @dispareo

Getting started in a security career

For budding hackers - how to go from 0 IT experience to being a security practitioner

 

6:50-7:30 - 

Submit to speak at https://talk.seckc.org!

 

7:45-8:20 - Andy Nelson - @Anelson425

Injection Attacks: Defending an Application Takedown

With the release of the OWASP (Open Web Application Security Project) Top 10 for 2017, injection is again at the top of the list. As software engineers, most of us are aware that injection attacks exist. However, we are rarely aware of how easy they are to perform or what it takes to defend them. In this talk, I will create a simple test application that has some injection vulnerabilities that you might find in applications you work on today. Then I will show you how easy they are to exploit both manually and with “h4ck3r t00lz”. Lastly, I will show you how to change your code to defend against these attacks. If you are a software engineer that wants to have a better understanding of how easy it is to defend your application, then this talk is for you.

 

November's SecKC Meeting

WHEN: Tuesday, November 13th, 2018 from 6:00 PM to 9:30 PM (CST)
WHERE: Kanza Hall - 7300 W 119th St. Overland Park, KS 66213

6:00-6:30 -* SecKC 101 — Welcome to SecKC & - SecKC Open Source Intel Briefing

 

6:??-7:?? - Ryan Moore

Hacking Labs 101 - Lets Pop Some Shells!

A demo and overview of the tools needed to start hacking servers (aka popping shells) and an introduction to some of the better, free hacking lab resources out there, including HackTheBox, VulnHub, and ImmersiveLabs.

 

7:??-8:?? - 

Submit to speak at https://talk.seckc.org!

 

 

Eventbrite - SecKC | 2016

Twitter