Open Source Cybersecurity Workshop

daniel · 2019-01-07 18:31:22 UTC

Mirëdita! My name is Daniel Bohannon and I am a security researcher in the US for a company called Mandiant/FireEye. Over the past 8 years in the IT industry (and 5 years in security) I have developed several open source projects related to obfuscation and detection (listed at the end).

What I love more than CREATING open source projects is:

encouraging others to get involved in Open Source projects
introducing people to opportunities in cybersecurity
showing various ways people can get involved in the cybersecurity industry if they are interested

Is there any interest in one or both of the following presentations topics (light, interactive workshops) at Open Labs Albania any day from February 15, 2019 through March 16, 2019?

Topic 1 Title: Getting Into InfoSec via Open Source

This presentation is an overview of the vast career opportunities (both technical and non-technical) in the field of InfoSec (Information Security). This is meant to expose ICT enthusiasts to the wide array of career opportunities and community projects available in the InfoSec industry. In addition, this will highlight the numerous ways that Open Source can help you enter into the InfoSec community whether it is Open Source coding contributions, Open Source Intelligence (OSINT) gathering/sharing, Open Data publication, helpful Twitter accounts and blogs to follow for various InfoSec information, etc.

Of particular importance is highlighting to users that there are ethical ways to “hack” to identify coding vulnerabilities and to help create secure code while defending against hacking attacks. Exposing users to these ethical routes will help deter them from joining lucrative, illegal hacking activities, and will show them how they can benefit their community using their passions and skills.

While coding skills are not required for many roles in InfoSec, for those that are into coding this presentation will emphasize ways to create and contribute to Open Source projects related to InfoSec as a means of learning about security issues and tools. This is also an incredible way to connect with world-class security researchers and share your contributions via Open Source code creation, contribution and sharing in forums like hackerspaces, podcasts, workshops and even security conferences both local and abroad.

Topic 2 Title: Translating Open Source Software in InfoSec

A great way to get into coding or to learn a new programming or scripting language is to translate a small tool or project from one language to another. This is a very popular trend in the InfoSec community and is a great way to meet security enthusiasts and professionals if you want to enter into the InfoSec world. Since many tool developers and end users have a preferred language, porting smaller tools into various languages makes them plug-and-play options for all other tool developers in the target coding language.

Examples of Python --> PowerShell :: EyeWiteness
Examples of PowerShell --> Python :: Empire --> Empyre, Invoke-Obfuscation (sub-modules)
Examples of PowerShell --> CSharp :: PowerSploit --> SharpSploit
Examples of C++ --> CSharp :: Kekeo --> Rubeus

In addition, integrating multiple existing projects is another great way that several well-known security professionals started their InfoSec journey: CrackMapExec (Marcello Salvati, @byt3bl33d3r), ObfuscatedEmpire (Ryan Cobb, @cobbr_io), etc.

As a part of this talk I will highlight several specific small InfoSec projects with source and desirable target languages to get interested attendees started if they are looking for ideas.

tl;dr
WHO: Me, Daniel Bohannon (@danielhbohannon)
WHAT: Cybersecurity presentation/workshop(s) [see two topics above]
WHEN: Any day from February 15, 2019 through March 16, 2019
WHERE: Open Labs Albania
WHY: Because sharing is caring

Open source projects I have authored or co-authored:

silva.arapi · 2019-01-07 20:55:56 UTC

Hello @daniel,

Thanks for joining our forum!

The topics you are suggesting seem very interesting and are quite related to what our community has been promoting for some years now, so you are more than welcome to join us and host your sessions here.

This is the page on our wiki where we add the planned events which will take place at the hackerspace: https://wiki.openlabs.cc/faqja/Aktivitete where we can also plan for the date(s) and time. From what I see your suggested dates are free, so you can decide for one that suits you best. Also members of Open Labs can help with promoting the event via our social media channels and other logistics (I would volunteer to help with that).

–
Silva

daniel · 2019-01-08 00:47:04 UTC

Hi @silva.arapi, thanks for the kind welcome! I’m happy to hear that the topics are of interest. And thanks for the offer to volunteer for helping to promote the event.

To make the most of time spent traveling from the U.S. to Albania, I have contacted the Prishtina Hackerspace as well about giving a short workshop there and am looking for any other opportunities to spend time hanging out with people/clubs/organizations interested in InfoSec .

If it is okay then let me find a week during this time frame that works for both and then I can propose those dates here.

Thanks,
Daniel

rskikuli · 2019-01-08 15:28:03 UTC

Dear Daniel, welcome our community We would be more than happy to host you @ our modest hackerspace.
Prishtina Hackerspace people are good friends and you will definitely enjoy your time there, but keep in mind the food in Tirana is better Personally I would be more into the first topic. In general Saturdays are a good option for events that are more like a workshop and from the description your proposal seems to fit in this category. The first step in my opinion is to have the date booked and start promoting it a bit. keep in mind that based on our experience the group of people expected in such events is approximately 15-20, which is quite a good setup if you want people to get as much as possible knowledge out of your event. Looking forward having you in town.

R.S

daniel · 2019-01-08 16:14:24 UTC

Faleminderit Redon! Nice to meet you and thanks for the warm welcome.

Given your food comment, I will have to perform thorough research of Albanian and Kosovar food during my visit and will report my findings back to you though I already know that Kosovo’s cappuccino game is strong so I will be searching out the best coffee shops in Tirana when I visit to see how they compare.

15-20 sounds like a great size. I always enjoy a more interactive discussion and getting to know attendees better rather than just “talking at them.” I should be close to proposing a week once I hear back from one other correspondence about scheduling.

Cheers,
Daniel

rskikuli · 2019-01-08 16:19:28 UTC

Challenge accepted friend

R.S

daniel · 2019-01-14 22:45:25 UTC

Does Saturday, March 2 work for the Topic 1 “Getting Into InfoSec via Open Source”?

nshehu · 2019-01-17 21:51:46 UTC

Hey Daniel,

thank you for the proposed workshop :). March 2 sounds good, I have added the event to our wiki: https://wiki.openlabs.cc/faqja/Aktivitete.

I will also help with promoting the event.

Thank you,
Nafie

silva.arapi · 2019-01-17 22:17:07 UTC

Coolio, we have a date now! March 2 seems good

daniel · 2019-01-17 22:30:32 UTC

Thanks so much, @nshehu! I can’t wait

daniel · 2019-02-26 19:08:49 UTC

Mirëmbrëma Everyone I’m excited to meet you all this weekend at the workshop. I arrive Thursday night, so if anybody wants to hang out Friday, Saturday or Sunday morning then I’ll be sampling as much coffee as I can and walking around Tirana to see the local sights. See you all in a few days.

rskikuli · 2019-02-27 13:29:39 UTC

Hey Daniel, welcome in town! Myself and other hackerspace members will be more than happy to make a mini guide of the city. Feel free to ping me or other hackerspace members with a DM.

R.S

daniel · 2019-02-27 18:28:22 UTC

Faleminderit Redon. I would love to see the city with you all I just DM’d you with my mobile contact info. I fly out in a few hours so I will see you all soon in Tirana.

daniel · 2019-03-03 00:43:37 UTC

Thanks everyone for the warm welcome and for letting me join your community these past several days! It’s been awesome to experience it firsthand. I’m already looking forward to my next visit to Tirana

I had a great time at the workshop and the several conversations afterwards at the hackerspace and into dinner. I now have many new ideas to brainstorm

Here are the slides from tonight’s workshop: Getting Into InfoSec via Open Source - Open Labs Albania.pdf (2.7 MB)

Happy to continue the conversation and answer any questions, and I’m sure I’ll have several questions of my own for my newfound Open Source community! I’ll be back in Tirana Friday afternoon for one more night so happy to hang out with anybody who is around. FLM Mirupafshim!

Ares · 2019-03-03 10:15:42 UTC

I couldn’t join this event due to a course I’m attending that coincided with it though I’d love to because I have a keen interest in Cybersecurity. I’d be really looking forward to the next event / meetup! Thank you for bringing such info here!

rskikuli · 2019-03-04 12:23:27 UTC

Thank you Daniel for hosting the event and for the conversations after your presentation. Looking forward to your next visit at the hackerspace and why not @ OSCAL? Call for speakers is opened: https://oscal.openlabs.cc/call-for-proposals/

R.S