Welcome to SecKC

Kansas City's Hacker Hive

No shoes.jpg

JANUARY's SecKC Meeting

Don't forget, we take December off!

Eventbrite - SecKC | 2016

WHEN: Tuesday, January 10, 2017 from 6:00 PM to 9:30 PM (CST)

WHERE: Kanza Hall - 7300 W 119th St. Overland Park, KS 66213

6:00:* SecKC 101 — Intro to SecKC
6:30:* SecKC Open Source Intel Briefing



In January 2017 we are going to try something new.  No talks, no speakers, instead we will have 8 mini workshops running concurrently. Each workshop will be run twice per night (once at 7:00pm and once at 8:00pm) so that attendees will have the option to attend at least two workshops.

What is a workshop?  Generally speaking, a workshop that is a talk that requires attendee participation.

Workshops are:

  1. Instructor led, requires attendee participation
  2. Attendees walk away with SOMETHING they did not have before
  3. Extremely *101 level* (no prior knowledge needed)
  4. Highly specific, and achievable in 15 mins or less. (Each workshop will be given 30 minutes)

January 2017 Workshops:

SDR 101 Workshop - With SDR you can use a $12 USB dongle to receive all sorts of RF transmissions and maybe do some shenanigans. Ideally attendees would learn what SDR is, what you can use it for (tracking airplanes, decoding weather satellite photos, analyzing RF signals like garage door openers & electric meters), and then even possible SDR RF shenanigans

Choose Your Own Adventure in Packet Crafting with Scapy - This will be an abbreviated introduction into the world of writing your own network packets. we'll use Scapy to read, analyze, send/receive and write network packets. Attendees will walk away with instructions to build three different tools: A simple LLMNR poisoner (think: Responder) for offensive-oriented folks, a simple honeypot to detect LLMNR poisoning for the defenders among us, and a simple TCP fuzzer for those that like to break things.

LIVE by the KILL CHAIN DIE by the RECONNAISSANCE - Have you ever questioned what makes yourself or your organization a target? In this talk, we are going to show you what the bad guys can do to you without even stepping into your IP space and techniques you can do to even the score. Attendees will walk away with Tactics, Techniques & Procedures needed for reconnaissance.

Building your own Virtual Hack Lab - In this workshop, we will install and configure VirutalBox, and then install the latest Metasploitable hacking lab operating system.Attendees will walk away with a FREE virtual hack lab, that they can use to learn various hacking techniques in a safe and legal manner.

Investigating Internet Cyber Crime - This workshop is aimed at helping analysts gain additional context regarding some common sensor alerts that are presented, involving web threats. Examples are scams, exploit kits, malicious redirectors, and compromised websites.

Getting started with real-world hacking (Bug Bounties and XSS-on-fleek) - In this workshop, you will be introduced to bug bounties, a command-line xss scanner, and the ease of finding cross-site scripting bugs in websites.

Cheap bastards guide to log management featuring Graylog - Log management is a requirement of most legal compliance legislation, but how do you accomplish this on a shoe string budget? How do you measure the resources you will need to handle the size and composition of your environment? We will discuss configuration of Graylog, adding clients along with a quick and dirty overview of hardware requirements and scaling.

Building your first Docker container - Build a simple Docker container and commit it to DockerHub. Attendees will walk away with an idea of what dockerhub is and how to use it by building your first docker image.