Unmasking PAN-OS Exploits & Red Team Success – June 2025

May 29, 2025 / roanokeinfosec

Summer’s heating up, and so is the next Roanoke Infosec Exchange (RISE) meeting! Get ready to dive deep and PAN out some serious knowledge, because we’ve got a fantastic session lined up that’s going to make your security senses tingle.

We’re absolutely thrilled to announce that Regen Peterson will be joining us on Thursday, June 12th to deliver a talk that’s as cool as a summer breeze and as insightful as a perfectly executed exploit:

“Forging the Attack Path: A Deep Dive into PAN-OS Exploitation and Post-Exploitation”

In this talk, Regen will pull back the curtain on a recent attack path he discovered and successfully utilized in multiple real-world engagements. You’ll gain a unique perspective on how a chain of Palo Alto PAN-OS vulnerabilities can be leveraged, and critically, how post-exploitation steps were identified and simplified using a custom-developed tool. Think of it as mapping out the perfect summer road trip, but for attackers!

This presentation offers a compelling blend of the “Hacker Mindset” – exploring methodology and thought processes – with a more technical discussion of the specific vulnerabilities abused. Regen will also briefly touch on crucial prevention and detection strategies, so you can help keep your networks as chill as a pool party.

And for those who love live action, if the demo gods are with us and time permits, Regen plans to walk through the entire attack chain on his own vulnerable VM! Prepare for some real-time fireworks!

This is a fantastic opportunity to learn from real-world experience and enhance your understanding of modern attack techniques and red team operations. Whether you’re a seasoned security professional or just starting out, you’ll walk away with valuable insights to Alto-er your security game.

Event Details:

Date: Thursday, June 12th, 2025
Time: 6pm
Location: Virginia Western Business/Science Building Room M302
Speaker: Regen Peterson
Talk Title: Forging the Attack Path: A Deep Dive into PAN-OS Exploitation and Post-Exploitation

Talk Description:

Through the talk we’ll be discussing a chain of PAN-OS vulnerabilities used in an attack path I recently found and used successfully in multiple real world engagements, as well as looking at how these post-exploitation steps were identified, and the tool I developed for simplifying these attacks. This allows the talk to serve as a combination of the typical “Hacker Mindset” talks (methodology, etc) and a slightly more technical discussion of each of the specific vulnerabilities abused in both the exploitation and post-exploitation. We’ll also very briefly touch on prevention and detection of these attacks. Lastly, I do have my own vulnerable VM, so if the demo gods and the clock allow it then we will be able to walk through it all in real time.

Meeting Details:

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left and go to the third floor and go to the CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
June 12th, 2025 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Please mark your calendars and spread the word! We look forward to seeing you there for another engaging RISE meeting. Don’t miss out on this hot topic!

SANS Holiday Hack Challenge 2024 – December 2024

December 5, 2024 / roanokeinfosec

We’re excited to announce our December RISE meeting!

Calling all cybersecurity enthusiasts! Get ready to unleash your inner cyber sleuth as we explore SANS Holiday Hack Challenge 2024 with our very own Jared Register.

Mark your calendars!

Date: Thursday, December 12th, 2024
Time: 6:00 PM
Location: Virginia Western, Business/Science Building, Room M302

What to Expect:

This session, much like our popular event last year, will offer a sneak peek into the exciting world of the SANS Holiday Hack Challenge. Jared will guide us through the festive challenges designed to test your cybersecurity skills in a fun and interactive way.

Why You Should Join:

SANS Holiday Hack Challenge is a fantastic game for anyone interested in cybersecurity, regardless of experience level. It’s a Capture the Flag (CTF) competition disguised as a holiday wonderland, brimming with puzzles and challenges that will put your security problem-solving skills to the test.

Remember: SANS Holiday Hack Challenge is not just about holiday cheer; it’s about learning new skills, keeping up with latest trends, and expanding your cybersecurity knowledge.

About the Speaker:

Jared Register is an IT enthusiast and cybersecurity practitioner with over 10 years of experience. He currently serves as a Cybersecurity Engineer at a hospital system and focuses on the “blue team” side of cybersecurity. Jared holds a CISSP and is pursuing his Master’s in Information Systems Security Engineering from SANS.

Meeting Details:

Meeting info:

Virginia Western Community College
Business/Science Building, Room M302
December 12th, 2024 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Online Session: This is an in-person only event! Perhaps next month?

Don’t miss out on this opportunity to level up your cybersecurity skills and embrace the holiday spirit!

See you there!

Using Pwntools and Frida for Dynamic Exploitation – March 2024

March 8, 2024March 8, 2024 / roanokeinfosec

Get ready to explore the exciting world of binary exploitation with the Roanoke Infosec Exchange (RISE)! We’re thrilled to announce our next monthly meetup, happening on March 14th at 6pm, where we’ll delve into two powerful libraries: Pwntools and Frida.

Using Pwntools and Frida for Dynamic Exploitation by Hristo Asenov

This talk will focus on two libraries that help with binary exploitation. The first is called Pwntools which is a python library that creates shellcode out of functional building blocks. The second, Frida, is used for hooking functions and / or modifying the dynamic state of a process through instrumentation. Examples will be shown of how these libraries can be leveraged to make this daunting process a little simpler.

Bio:
Hristo Asenov, an avid cybersecurity enthusiast and platform engineer at Torc Robotics in Blacksburg, will be leading this informative session.

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left, go to the third floor, and go to CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
March 14th, 2024 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Online Session:
Sign up for the mailing list to get the online session!

Jan 2023 – Hack the Box: “We’ll Do It LIVE!”

January 6, 2023January 6, 2023 / roanokeinfosec

Wanting to take a step into the mind of a Penetration Tester? Or are you already a seasoned hacker, wanting to flex your muscles as part of a group experiment? Either way, we would love to have you join us at ECPI in Roanoke on Jan 12th at5:30pm for a guided group participation through one of the many excellent machines on the HackTheBox learning platform.

HackTheBox describes itself as “a massive hacking playground, and infosec community of over 1.3m platform members who learn, hack, play, exchange ideas and methodologies”, and it is a great place for learning and practicing alike. In this session, speaker Regen Peterson will be walking us through this platform step-by-step. This begins with creating an account and learning how to access and interact with the platform. Following this, we will conduct a group session in which we will use real-world methodologies to perform reconnaissance, enumerate and exploit vulnerabilities, and ultimately escalate privileges to gain administrator access to a vulnerable machine. And don’t worry if you are new to the offensive side of security, as inexperienced hackers will be allowed to offer their suggestions and ideas before the more experienced.

We hope you will join us in this session of “HackTheBox: We’ll Do It LIVE!”, as we expect that it will be an extremely engaging meeting where group participation will be crucial to solving the puzzles presented. Unfortunately, due to the nature of the presentation, we will not be able to live-stream or record this meeting, but we hope to see you in person for an awesome group-learning session with HackTheBox.

BIO:

Regen Peterson, Offensive Security Consultant/Penetration Tester from Roanoke, Virginia.

OSCP/PNPT/eJPT/+

Regen graduated from Patrick Henry High School, afterwards attending Virginia Western Community College for Computer Science Engineering. After spending some time in I.T., as well as different fields such as banking management, he developed a deep love and competitive spirit for hands-on ethical hacking learning platforms such as HackTheBox and TryHackMe. After several months of engagement with these platforms, Regen began acquiring various industry certifications and ultimately found a position in the field of Penetration Testing. Outside of `hacking`, Regen is an avid gamer, builds gaming PCs, performs music as a singer/songwriter, and spends time with his wife and three children.

Location:
ECPI Roanoke
5234 Airport Rd NW #200
Roanoke, VA 24012

Date and Time:
January 12th @ 5:30pm

December – Burp Suite, Part 2, Pro Edition

November 24, 2020November 24, 2020 / roanokeinfosec

For December we have asked that Logan Diomedi return and give us an in-depth dive into Burp Suite. As you may remember Logan gave us a quick overview of Burp Suite back in February and many of you requested more so here it is.

Logan Diomedi and Burp Suite, Part 2, Pro Edition

Burp Suite is one of the many free tools available in Kali Linux. Burp Suite allows anyone to test and verify their web applications using various techniques from initial mapping and analysis of an application’s attack surface, to finding and exploiting security vulnerabilities. In this meeting Logan will show us how he uses Burp Suite in his “Red Teaming” pen tests and how you can use the tool to test your own websites.

December 10th @ 5:30pm; This will be a virtual meeting

Logan’s Bio

Logan Diomedi is a 24-year-old Roanoke native and has been in the Information Security world since his early teens. He currently works as a penetration tester for an offensive information-security firm known as Depth Security, where he performs network, application-based, social engineering, and physical penetration testing. Logan is a Capture-the-Flag & HackTheBox regular, and regularly performs infosec-related research in his spare time. Logan has been a RISE attendee for almost 2 years now and has a passion to bring knowledge and resources to the greater Roanoke information security community.

Meeting Notes – Hack the Box

July 29, 2019 / roanokeinfosec / Leave a comment

hacktheboxlogo

We ran into a few issues with flight delays and technology – unfortunately our streaming and recording failed to save audio for this event so we do not have a video available. But RISE attendees pulled together to make this a great interactive meeting covering Hack the Box. If you weren’t able to make the event, keep reading for notes from the demonstrations. Special thanks to R&K Solutions for hosting this event.

Continue reading →

July 2019 – Hack the Box

June 29, 2019June 29, 2019 / roanokeinfosec / Leave a comment

Image result for hack the box

One of the most asked about topics at RISE meetings is “How do I become a Red Teamer?” or “What skills do I need for penetration testing?” As the “opposition force” of IT security, Red Teams have long held the most visible and alluring jobs in the realm of InfoSec. Shrouded in mystery they are known for their advanced skills that can penetrate even the most diligent of defenses. The role requires a breadth of IT system and application knowledge but also depth in several areas to understand fundamentals of operation and how to thwart them. This sometimes poses a barrier to entry to the new InfoSec professional uncertain about how to approach the myriad skills needed for success in the role.

Continue reading →

Dec 2016 – SANS Holiday Hack Challenge Party

November 30, 2016December 1, 2016 / roanokeinfosec / Leave a comment

santa1

The SANS Holiday Hack Challenge is going to be released on Dec 9th, we’re going to party on Dec 15th:

A LOT of elves are working hard on the 2016 SANS Holiday Hack Challenge right now. So many cool parts and twists to it! Coming Dec 9! pic.twitter.com/UMMWgJ5lbt

— edskoudis (@edskoudis) October 23, 2016

santa2

If you’re not familiar with the challenge it is an annual event put on by Ed Skoudis and his team. It is essentially a game that involves a series of cyber security challenges designed to get you to learn a wide variety of skills. The team does a phenomenal job. It has elements for all skill levels and hints as you go along the way. Last year’s challenge was EPIC and I think my wife was ready to kill me if I didn’t stop playing. I’ll warn you, it can get addictive.

166-addiction

The challenges are kept online each year so you can continue to play, even if you didn’t complete it by the deadline. Here is last year’s challenge if you want take a look: https://holidayhackchallenge.com/ This link will likely update to the 2016 challenge on 12/9. If so, here is a list of past challenges: https://pen-testing.sans.org/holiday-challenge/

I can honestly say, after playing last year, I have looked forward to this year’s challenge all year long. My wife, maybe not so much, since I had my head buried in my laptop for 2 weeks last time 🙂 Here are just a few of the things I either learned about, or added skills to while playing last years challenge: sed, awk, scapy, python, JSON, SQL injection techniques, numerous web application pentesting techniques, Burp Suite, mondoDB, firmware extraction, DNS CnC and data exfil. And when I wasn’t pulling out my hair, I had an absolute blast doing it!

Join us on 12/15 to work on the Holiday Hack Challenge. It is for all skill levels and you will be surprised how much you will learn. We will have wifi access available so everyone can work on the challenge. If you are a student and want to participate but don’t have a laptop, let us know and I will make arrangements so you will have somethig to work on.

To make the best use of the time at the party, go ahead and sign up for an account once the challenge is posted on 12/9. You can start playing anytime after you get an account. I also recommend having some sort of virtualization software on your laptop such as VirtualBox or VMWare Player, both are free. And having a VM running Kali set up. Or if Kali is your main OS you may want to have a Windows VM setup. All of that will aid you in the challenge.

gladiator

As usual we’ll have beer/soda and snacks. Just bring your brains because you’re going to need them.

dan-akroid-santa

The meeting will be at 5:30pm on 12/15 at R&K Solutions, 2797 Frontage Rd NW, STE 1000, Roanoke, VA 24017. Google Maps.

RISE – Roanoke InfoSec Exchange

The premier InfoSec group in the Roanoke, VA region!

Hacking