Combined (NullDelhi + OWASPDelhi) Webinar on UDP Hunter by Savan Gadhiya on 10th May, 2020.
For the full video, please visit - https://www.youtube.com/watch?v=yLEL5XrzFyE
UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP Hunter is a python based open source network assessment tool focused on UDP Service Scanning. With UDP Hunter, we have focused on providing auditing of widely known UDP protocols for IPv6 and IPv4 hosts. As of today, UDP Hunter supports 25 different service probes. The tool allows you to do bulk scanning of large networks as well as targeted host scanning for specific ports and more. Once an open service is discovered, UDP Hunter takes it one step further and even provides you guidance on how you can possibly exploit the discovered services. UDP Hunter provides reports in a neat text format, however, support for more formats is under way.
Webinar: https://www.youtube.com/watch?v=yLEL5XrzFyE
Read More: https://www.gadhiyasavan.com/2020/02/udp-hunter.html
UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP Hunter is a python based open source network assessment tool focused on UDP Service Scanning. With UDP Hunter, we have focused on providing auditing of widely known UDP protocols for IPv6 and IPv4 hosts. As of today, UDP Hunter supports 25 different service probes. The tool allows you to do bulk scanning of large networks as well as targeted host scanning for specific ports and more. Once an open service is discovered, UDP Hunter takes it one step further and even provides you guidance on how you can possibly exploit the discovered services. UDP Hunter provides reports in a neat text format, however, support for more formats is under way.
Webinar: https://www.youtube.com/watch?v=yLEL5XrzFyE
Read More: https://www.gadhiyasavan.com/2020/02/udp-hunter.html
Joseph Salowey, Tableau Software
Transport Layer Security (TLS) 1.3 is almost here. The protocol that protects most of the Internet secure connections is getting the biggest ever revamp, and is losing a round-trip. We will explore differences between TLS 1.3 and previous versions in detail, focusing on the performance and security improvements of the new protocol as well as some of the challenges we face around securely implementing new features such as 0-RTT resumption.
CNIT 50: 6. Command Line Packet Analysis ToolsSam Bowne
For a college class in Network Security Monitoring at CCSF.
Course website: https://samsclass.info/50/50_F17.shtml
Based on "The Practice of Network Security Monitoring: Understanding Incident Detection and Response" by Richard Bejtlich, No Starch Press; 1 edition (July 26, 2013), ASIN: B00E5REN34
Joseph Salowey, Tableau Software
Transport Layer Security (TLS) 1.3 is almost here. The protocol that protects most of the Internet secure connections is getting the biggest ever revamp, and is losing a round-trip. We will explore differences between TLS 1.3 and previous versions in detail, focusing on the performance and security improvements of the new protocol as well as some of the challenges we face around securely implementing new features such as 0-RTT resumption.
CNIT 50: 6. Command Line Packet Analysis ToolsSam Bowne
For a college class in Network Security Monitoring at CCSF.
Course website: https://samsclass.info/50/50_F17.shtml
Based on "The Practice of Network Security Monitoring: Understanding Incident Detection and Response" by Richard Bejtlich, No Starch Press; 1 edition (July 26, 2013), ASIN: B00E5REN34
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia, at City College San Francisco.
Website: https://samsclass.info/152/152_F18.shtml
Packet Analysis - Course Technology Computing Conference
Presenter: Lisa Bock - Pennsylvania College of Technology
Most network administrators are well-versed in hardware, applications, operating systems, and network analysis tools. However, many are not trained in analyzing network traffic. Network administrators should be able to identify normal network traffic in order to determine unusual or suspicious activity. Network packet analysis is important in order to troubleshoot congestion issues, create firewall and intrusion detection system rules, and perform incident and threat detection. This hands-on presentation will review fundamental concepts necessary to analyze network traffic, beginning with an overview of network analysis, then a review the TCP/IP protocol suite and LAN operations. Participants will examine packet captures and understand the field values of the protocols and as to what is considered normal behavior, and then examine captures that show exploits, network reconnaissance, and signatures of common network attacks. The program will use Wireshark, a network protocol analyzer for Unix and Windows, to study network packets, look at basic features such as display and capture filters, and examine common protocols such as TCP, HTTP, DNS, and FTP. Time permitting, the presentation will provide suggestions on how to troubleshoot performance problems, conduct a network baseline, and how to follow a TCP or UDP stream and see HTTP artifacts. Participants should have a basic knowledge of computer networking and an interest in the subject.
This presentation gives you a general overview of Simple Network Management Protocol covering different SNMP versions, simple commands, MIBs, OIDs and Traps.
Implementing Cisco IOS Network Security (IINS). For a complete list of available network security training, visit the Security Training page.http://bit.ly/1Lgc2LW
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia.
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/121/121_F16.shtml
Why Session Border Controllers?
Product Portfolio of the Session Border Controller
Business Applications and Use Cases (Vega ESBC)
Carrier/Service Provider Applications and Use Cases (NetBorder SBC)
Sangoma SBC Load Balancing and Failover Techniques
SBC Walkthrough
Conceptual Overview of the SBC Call Processing Components
Introduction and Configuration of SIP Profiles
Introduction and Configuration of Domain Profiles
Introduction and Configuration of Media Profiles
Introduction and Configuration of SIP Trunks
Introduction and Configuration of Call Routing
Walkthrough
InSecure Remote Operations - NullCon 2023 by Yossi SassiYossi Sassi
Every admin tool is an attack tool, yet there are no good or bad shells - that part is up to you. Coming from dozens of engagements consulting various role-based remote operations architectures & Red Team assessments for organizations in 4 continents, with a fresh research hijacking full tokens from network logon-type sessions - we’ll dive into a technical, hands-on set of examples for both Offensive and Defensive teams, of what SUCKS and what ROCKS on the Windows ‘Living off the land’ remote admin operations, Protocols, and APIs. We'll talk about the Pros and Cons of jump server architectures, as well as role-based shells, limiting PowerShell in creative ways. We'll also introduce fresh research to achieve Full Token hijack from network logon-type sessions, without any hash and/or TGT!
Getting Started With Hacking Android & iOS Apps? Tools, Techniques and resourcesOWASP Delhi
Session presented in the Combined [nullDelhi + OWASPDelhi] webinar on 7th July.
Watch the webinar here - https://youtu.be/BQWcUjzxJE0
Have you been wondering about how to start in mobile application security, more specifically iOS/Android application security? In this talk, I will try to answer some of the most common questions about getting started in mobile application security testing. Starting from what platform to choose, where to learn, good resources, hardware requirements etc etc. Will also demo you about Mobexler - A Mobile Application Penetration Testing Platform and how you can use it for pentesting of iOS as well as android apps. This talk will be a mix of some demo, and some knowledge.
Securing dns records from subdomain takeoverOWASP Delhi
Session presented in the Combined [nullDelhi + OWASPDelhi] webinar on 7th July.
Watch the webinar here - https://www.youtube.com/watch?v=C0LQJTXFosI
The speaker will be speaking upon the following abstract -
Basics of DNS records
Introduction to DNS record takeovers
Different types of DNS takeovers
Its impact
How to protect DNS records from takeover
Demo
Q&A
This talk will be for product security folks/ people on defending side. The speaker will also be covering the concept behind subdomain takeovers and its impact.
Session presented in the Combined [nullDelhi + OWASPDelhi] webinar on 31st May.
Watch the webinar here - https://www.youtube.com/watch?v=22Hccp-7UDU
A person's assessment/ investigation is only as good as the report that supports it.
A good quality or effective report is a presentation of you as an assessor, analyst, or consultant.
The speaker discusses here the important points to keep in mind while preparing a Cyber Security Report. A must know webinar for all - freshers, professionals, bug bounty hunters and the C- level entities.
Session presented in the Combined [nullDelhi + OWASPDelhi] webinar on 24th May.
Watch the webinar here - https://www.youtube.com/watch?v=jmzfdw-UYC0
An air gapped environment is described as “computer or network that has
no network interfaces, either wired or wireless, connected to outside network.” In this case, side channels and proximity are leveraged to eavesdrop air gapped systems. A case study showing practical use case of sniffing is also discussed.
Link to the Webinar - https://youtu.be/jmzfdw-UYC0
The speaker discussed the docker attack surface. Furthermore, he demonstrated how an attacker can escape the docker container and gain access to the host machine.
Companies and organizations have been following many traditional strategies for deploying WAF (web application firewall) in their infrastructure where most of the work is done. manually. Every ACL, every rule entry, every signature, and every other configuration was created and managed by hand. It could have various flaws: flaw of wrong ACL, flaw of accidental misconfiguration, flaw of bad signature, and other various things. The good news is that thanks to the DevOps Rebel Alliance, we now have a better way to do things: Infrastructure-as-Code (IAC).
Instead of clicking around a web UI or manually executing commands and setting up rules and configuration, the idea behind IAC is to write code to define, provision, and manage your WAF. You can validate each WAF change through code reviews and automated tests and you can create/use a library of reusable, documented, battle-tested code that makes it easier to scale and evolve your WAF. In this talk by Avinash Jain, we will have a quick on the various concept of what, how and why of "Automating AWS WAF using Terraform".
Discussion on traditional threat intelligence model, explore advanced approaches to reduce manual intervention and convert it into actionable threat intelligence.
Slides of the talk delivered by Chandra Ballabh in the August, 2019 Meetup of Combined OWASP Delhi and nullDelhi at Thoughtworks, Delhi
Session on OWASP Top 10 Vulnerabilities presented by Aarti Bala and Saman Fatima. The session covered the below 4 vulnerabilities -
Injection,
Sensitive Data Exposure
Cross Site Scripting
Insufficient Logging and Monitoring
Pentesting Rest API's by :- Gaurang BhatnagarOWASP Delhi
Brief overview of API
▸ Fingerprinting & Discovering API
▸ Authentication attacks on API (JWT)
▸ Authorization attacks on API (OAuth)
▸ Bruteforce attacks on API
▸ Attacking Dev/Staging API
▸ Traditional attacks
Wireless security beyond password cracking by Mohit RanjanOWASP Delhi
Network attacks in wired Lan environments
Protection in wired Lan
Layout of modern networks ( wired + wireless )
Difference between wired and wireless security
Most powerful situation to acquire in any network
Wireless attacks
Why NTP ?
Captive portal attacks
Conclusion and some wild thoughts
For complete data to perform this attack please go to the Github link below:
https://github.com/mohitrajain/Wireless_security_beyond_password_cracking
IETF's Role and Mandate in Internet Governance by Mohit BatraOWASP Delhi
1. Internet Governance (IG) Primer
2. I-* Organizations
3. IANA function -Names, Numbers and Protocol Parameters
4. IANA Transition
5. WHOIS for names and numbers
6. Need for Standardization and Standardization Bodies
7. How IETF Works
8. TLS Protocol
9. Increasing Indian participation in global Internet Governance activities and structures
Malicious Hypervisor - Virtualization in Shellcodes by Adhokshaj MishraOWASP Delhi
Agenda
Hypervisor : what, how and why?
Hypervisor in linux
Capsule course on hypervisor (Intel VT-x, AMD - V, KVM)
Spawning a bare-bone VM
Injection code in VM
I/O Between Host and Guest
Converting C Code to Shellcode
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
Read| The latest issue of The Challenger is here! We are thrilled to announce that our school paper has qualified for the NATIONAL SCHOOLS PRESS CONFERENCE (NSPC) 2024. Thank you for your unwavering support and trust. Dive into the stories that made us stand out!
2. #whoami – Savan Gadhiya
•Principal Security Consultant at NotSoSecure
•Hacker, Security Researcher, Developer and Bounty Hunter
•9 years of experience in Information Technology
•Master of Engineering in IT Systems and Network Security
•LinkedIn: https://in.linkedin.com/in/gadhiyasavan
•Twitter: @gadhiyasavan
•Blog: https://www.gadhiyasavan.com
3. UDP – User Datagram Protocol
•Unreliable delivery
• Send UDP probe and wait for response
• UDP packets can be dropped, lost, timeout etc.
• No acknowledgements, no guarantee
•Connectionless
• Unlike TCP, UDP does not establish a connection
• We can just send and receive packets – No 3-Way Handshake (SYN, SYN-ACK, ACK)
•Useful for time sensitive applications
• Streaming
• VoIP
4. UDP – User Datagram Protocol – Example
•Domain Name Service(DNS) – Port 53
• Used for domain name resolution
• Sends a packet(UDP) with a hostname to resolve it
• Response would be it’s IP address
• Process takes around 2 packets with UDP – TCP would require more than 4
5. UDP Scanning
•Sends a UDP packet to the port
• UDP reply - the port is open
• ICMP unreachable – the port is closed
• No response – the port is open or filtered
•Challenges
• Slow and painful exercise
• There is no connection
• Some services only responds to valid packet and if the packet sent is what the system expect to see
• Not reliable
• ICMP replies are usually rate-limited by hosts, dropped by firewall etc.
7. What is UDP Hunter?
•Python based open source network assessment tool
•Supports IPv4 and IPv6
•25 UDP probes supported
•Bulk UDP probe scanning of large network
•Targeted host, service, probe scanning
•Guidance to exploit the identified services
•Neat text reporting
8. How does UDP Hunter work?
•Creates list of IP addresses from IP range
•Supports domain names – UDP Hunter resolves IP to perform scanning
•Sends UDP probes to all listed IPs
•UDP Hunter sniffs the network traffic particularly for UDP
•Reports UDP service if it get response of UDP probes
9. Supported UDP Probes
• ike - 500 port
• rpc / RPCCheck - 111 port
• ntp / NTPRequest - 123 port
• snmp-public / SNMPv3GetRequest - 161 port
• ms-sql / ms-sql-slam - 1434 port
• netop - 6502 port
• tftp - 69 port
• db2 - 523 port
• citrix - 1604 port
• echo - 7 port
• chargen - 19 port
• systat - 11 port
• daytime / time - 13 port
• DNSStatusRequest / DNSVersionBindReq - 53 port
• NBTStat - 137 port
• xdmcp - 177 port
• net-support - 5405 port
• mdns-zeroconf - 5353 port
• gtpv1 - 2123 port
10. UDP Hunter – Setup
• Download the tool from here or Clone the repository:
• git clone https://github.com/NotSoSecure/udp-hunter
• Requirements:
• Python 3.x
• Python Modules - also mentioned in “requirements.txt” file
• netaddr
• colorama
• argparse
• ifaddr
• datetime
• Install all required modules:
• pip3 install -r requirements.txt
• Configuration files required:
• udp.txt - This file contains UDP probes
• udphelp.txt - This file contains list of tools, suggestions for each UDP probes or services
13. Credits
•UDP probes are mainly taken from:
• amap
• ike-scan
• nmap and
• udp-proto-scanner
•Inspiration for the scanning code was drawn from udp-proto-scanner
Read More: https://www.gadhiyasavan.com/2020/02/udp-hunter.html
14. UDP Hunter – Future Work
•Add more UDP probes
•Different reporting formats
•Update exploitation related helps
Read More: https://www.gadhiyasavan.com/2020/02/udp-hunter.html