Open Source Cybersecurity Workshop

(Daniel Bohannon) #1

Mirëdita! My name is Daniel Bohannon and I am a security researcher in the US for a company called Mandiant/FireEye. Over the past 8 years in the IT industry (and 5 years in security) I have developed several open source projects related to obfuscation and detection (listed at the end).

What I love more than CREATING open source projects is:

  1. encouraging others to get involved in Open Source projects
  2. introducing people to opportunities in cybersecurity
  3. showing various ways people can get involved in the cybersecurity industry if they are interested

Is there any interest in one or both of the following presentations topics (light, interactive workshops) at Open Labs Albania any day from February 15, 2019 through March 16, 2019?

Topic 1 Title: Getting Into InfoSec via Open Source

This presentation is an overview of the vast career opportunities (both technical and non-technical) in the field of InfoSec (Information Security). This is meant to expose ICT enthusiasts to the wide array of career opportunities and community projects available in the InfoSec industry. In addition, this will highlight the numerous ways that Open Source can help you enter into the InfoSec community whether it is Open Source coding contributions, Open Source Intelligence (OSINT) gathering/sharing, Open Data publication, helpful Twitter accounts and blogs to follow for various InfoSec information, etc.

Of particular importance is highlighting to users that there are ethical ways to “hack” to identify coding vulnerabilities and to help create secure code while defending against hacking attacks. Exposing users to these ethical routes will help deter them from joining lucrative, illegal hacking activities, and will show them how they can benefit their community using their passions and skills.

While coding skills are not required for many roles in InfoSec, for those that are into coding this presentation will emphasize ways to create and contribute to Open Source projects related to InfoSec as a means of learning about security issues and tools. This is also an incredible way to connect with world-class security researchers and share your contributions via Open Source code creation, contribution and sharing in forums like hackerspaces, podcasts, workshops and even security conferences both local and abroad.

Topic 2 Title: Translating Open Source Software in InfoSec

A great way to get into coding or to learn a new programming or scripting language is to translate a small tool or project from one language to another. This is a very popular trend in the InfoSec community and is a great way to meet security enthusiasts and professionals if you want to enter into the InfoSec world. Since many tool developers and end users have a preferred language, porting smaller tools into various languages makes them plug-and-play options for all other tool developers in the target coding language.

Examples of Python --> PowerShell :: EyeWiteness
Examples of PowerShell --> Python :: Empire --> Empyre, Invoke-Obfuscation (sub-modules)
Examples of PowerShell --> CSharp :: PowerSploit --> SharpSploit
Examples of C++ --> CSharp :: Kekeo --> Rubeus

In addition, integrating multiple existing projects is another great way that several well-known security professionals started their InfoSec journey: CrackMapExec (Marcello Salvati, @byt3bl33d3r), ObfuscatedEmpire (Ryan Cobb, @cobbr_io), etc.

As a part of this talk I will highlight several specific small InfoSec projects with source and desirable target languages to get interested attendees started if they are looking for ideas.

tl;dr
WHO: Me, Daniel Bohannon (@danielhbohannon)
WHAT: Cybersecurity presentation/workshop(s) [see two topics above]
WHEN: Any day from February 15, 2019 through March 16, 2019
WHERE: Open Labs Albania
WHY: Because sharing is caring :slight_smile:

Open source projects I have authored or co-authored:




(Silva Arapi) #2

Hello @daniel,

Thanks for joining our forum! :slight_smile:

The topics you are suggesting seem very interesting and are quite related to what our community has been promoting for some years now, so you are more than welcome to join us and host your sessions here.

This is the page on our wiki where we add the planned events which will take place at the hackerspace: https://wiki.openlabs.cc/faqja/Aktivitete where we can also plan for the date(s) and time. From what I see your suggested dates are free, so you can decide for one that suits you best. Also members of Open Labs can help with promoting the event via our social media channels and other logistics (I would volunteer to help with that).


Silva

(Daniel Bohannon) #3

Hi @silva.arapi, thanks for the kind welcome! I’m happy to hear that the topics are of interest. And thanks for the offer to volunteer for helping to promote the event.

To make the most of time spent traveling from the U.S. to Albania, I have contacted the Prishtina Hackerspace as well about giving a short workshop there and am looking for any other opportunities to spend time hanging out with people/clubs/organizations interested in InfoSec :slightly_smiling_face:.

If it is okay then let me find a week during this time frame that works for both and then I can propose those dates here.

Thanks,
Daniel

(Redon Skikuli) #4

Dear Daniel, welcome our community :slight_smile: We would be more than happy to host you @ our modest hackerspace.
Prishtina Hackerspace people are good friends and you will definitely enjoy your time there, but keep in mind the food in Tirana is better :stuck_out_tongue: Personally I would be more into the first topic. In general Saturdays are a good option for events that are more like a workshop and from the description your proposal seems to fit in this category. The first step in my opinion is to have the date booked and start promoting it a bit. keep in mind that based on our experience the group of people expected in such events is approximately 15-20, which is quite a good setup if you want people to get as much as possible knowledge out of your event. Looking forward having you in town.

R.S

(Daniel Bohannon) #5

Faleminderit Redon! Nice to meet you and thanks for the warm welcome.

Given your food comment, I will have to perform thorough research of Albanian and Kosovar food during my visit and will report my findings back to you :stuck_out_tongue: though I already know that Kosovo’s cappuccino game is strong so I will be searching out the best coffee shops in Tirana when I visit to see how they compare.

15-20 sounds like a great size. I always enjoy a more interactive discussion and getting to know attendees better rather than just “talking at them.” I should be close to proposing a week once I hear back from one other correspondence about scheduling.

Cheers,
Daniel

(Redon Skikuli) #6

Challenge accepted friend :stuck_out_tongue:

R.S

(Daniel Bohannon) #7

Does Saturday, March 2 work for the Topic 1 “Getting Into InfoSec via Open Source”?

(Nafie Shehu) #8

Hey Daniel,

thank you for the proposed workshop :). March 2 sounds good, I have added the event to our wiki: https://wiki.openlabs.cc/faqja/Aktivitete.

I will also help with promoting the event.

Thank you,
Nafie

(Silva Arapi) #9

Coolio, we have a date now! March 2 seems good :tada:

(Daniel Bohannon) #10

Thanks so much, @nshehu! I can’t wait :slight_smile: