HiPoCrypt
Open IT Security "Meetup": Everyone welcome!
We're a bunch of people/friends/colleagues either with an IT security background or interested in the topic. Some of us know each other in person, some only online---and some not at all. We're especially glad to meet other interested life forms :)
As part of our assembly, we hope to host a few "mini workshops" where everyone is welcome to bring their own interest/side-project/idea/... to talk about. While we obviously share a background/interest in IT security, the topics don't need to be directly IT security related. This ranges from the small things we're excited about or proud of, such as our very-special-editor-config, to the very latest PoC/vuln we found. The idea is to get to know each other as persons (with their own interests) and not to show off how awesome you are (we believe you are <3).
Location
We're located in Room 8/USB-C/Assembly 2.
Workshop/Topic List
Please edit/add your own here!
Let's Play: Portswigger Labs
Mainly targeted at newcomers to web security, we use the free online Portswigger Labs to teach each other fundamentals in web security. All you need is a system running BurpSuite Community (or better).
When: TBA. Who: Bere.
Future Proofing my Printer with Reversing
My printer is only supported through proprietary drivers using a custom CUPS filter to convert PDFs/Images/... into a printer-specific Page Description Language such as PJL or PCL. However, CUPS is to deprecate filter based printer drivers in favor of IPP which every new printer supports. Mine doesn't. However, CUPS/OpenPrinting have designed PAPPL, a library to turn old printer filters/drivers into "Printer Applications". These are self-contained (and thus sandboxable) small daemons that provide an IPP server on localhost for applications to interface with, and spit out the commands necessary to talk to the printer in question. My goal is to write such a printer application for my printer. I havehad no previous knowledge of printing in general and on Linux and UNIX/macOS specifically, so this is taking rather long (and is by no means finished).
I have only started reversing the original driver and trying to piece together some proof-of-concept replacement. I still have no idea how to write a PAPPL, but I've learned so much on the way, maybe you want to learn this to and help me? A small warning though: You'll be the person everyone asks on how to setup printers from then on :'-D
- PoC opensource filter
- Linux driver This is a PE32.exe but you can simply
unzip
it and get an RPM file which you can extract usingrpm2cpio
from rpm-tools andcpio
.
When: TBA. Who: Leo/Janis
Lockpicking Workshop
We won't host our own Lockpicking workshop, but there's a workshop in the c-base, refer to Lockpicking.
Understanding Attacks On AI
The field of AI security, or more specifically ML security, is only just developing. Although a growing number of attack types on ML training data, training, models, and deployments have been discovered, there is no agreement on a clear taxonomy yet. In this workshop we will look at different ML attack types and try to come up with a systematization and a mapping to cyber/infosec attack types and tools.
When: Dec 29 or Dec 30 Who: David (0xdhf)
Impostor Syndrome
70% of all people experience "impostor syndrome" at least once in their life. In this workshop we will explore the phenomenon and the feeling in ourselves and in group setting by discussing and trying out some of the techniques that have been found useful in countering the paralyzing effects.
When: Dec 29 or Dec 30 Who: David (0xdhf)
Your Idea Here!
When: Your preferred timeslot(s). Who: Who are you, you awesome person?