Using Pwntools and Frida for Dynamic Exploitation – March 2024

March 8, 2024March 8, 2024 / roanokeinfosec

Get ready to explore the exciting world of binary exploitation with the Roanoke Infosec Exchange (RISE)! We’re thrilled to announce our next monthly meetup, happening on March 14th at 6pm, where we’ll delve into two powerful libraries: Pwntools and Frida.

Using Pwntools and Frida for Dynamic Exploitation by Hristo Asenov

This talk will focus on two libraries that help with binary exploitation. The first is called Pwntools which is a python library that creates shellcode out of functional building blocks. The second, Frida, is used for hooking functions and / or modifying the dynamic state of a process through instrumentation. Examples will be shown of how these libraries can be leveraged to make this daunting process a little simpler.

Bio:
Hristo Asenov, an avid cybersecurity enthusiast and platform engineer at Torc Robotics in Blacksburg, will be leading this informative session.

We will be meeting at Virginia Western Community College in the Hall Family Business/Science Building. Take the stairs to the left, go to the third floor, and go to CyberSecurity lab in room M302.

Meeting info:
Virginia Western Community College
Business/Science Building, Room M302
March 14th, 2024 @ 6PM
https://maps.app.goo.gl/ToJyoaMJ5BUy417QA

Online Session:
Sign up for the mailing list to get the online session!

HTB CTF Crypto Challenge – November 2023

November 3, 2023 / roanokeinfosec

The leaves are falling and the air is crisper, which means it’s time to get cozy and learn a little about ciphers through challenges. This month, schr0ding3r is presenting:

HTB CTF Crypto Challenge Walkthrough (or – Exploiting Nonce Reuse in ECDSA Signatures)
An interactive walkthrough of a cryptography challenge (credit to Hack the Box for hosting it for their Defcon CTF this year). I will show what the challenge is, what indicated a vulnerability, a brief intro to elliptic curve algorithms, and then how I crafted an exploit to harvest private keys.

We look forward to seeing you in-person. If you can’t make it, we will also attempt a google meet session.

Meeting info:
ECPI University
November 9, 2023 @ 6:00PM
5234 Airport Rd NW #200, Roanoke, VA 24012
https://maps.app.goo.gl/usS5mLFdqBFQaM5M6

Speaker Bio:
schr0ding3r has a B.S. in physics and a minor in mathematics; additionally, he is currently pursuing a B.S. in Cybersecurity. He dabbles in everything [but am a master of nothing], including hacking, programming, philosophy, dancing, theater, and ancient Hebrew. Whatever the topic, schr0ding3r seeks to probe the very depths of it.

Hope to see you there!

We’re Ready, Are You Ready?

October 2, 2021October 2, 2021 / roanokeinfosec

October 2020 – Defense Against the Dark Arts

September 27, 2020 / roanokeinfosec

Our October meeting will be a joint event with the Roanoke-Blacksburg Technology Council. As this is a special event, please note the special date and time and that registration is required.

We work tirelessly to bring you a variety of InfoSec content every month. We talk about blue team, identity management, SIEM, and even legal issues. But we know….we know it’s the dark arts you fancy. This month we’re teaming up with our friends at the Roanoke-Blacksburg Technology Council to bring you a double benny: deep technical content presented by local talent!

Continue reading →

Black Hills Security – 30 Things to Get You Started

August 22, 2019 / roanokeinfosec / Leave a comment

Many new RISE attendees ask how they can get started in InfoSec. Where do I start? What skills do I need. How can I learn new skills? Black Hills InfoSec posted a fantastic curated list of “30 Things to Get You Started”. It covers a variety of areas from log analysis, password cracking, hardware hacking, and more. Content includes blog posts and video to satisfy all types of learners.

It only takes initiative and a few minutes a day to sharpen your skills. RISE can help pair you with the people and tools – all you need to provide is the desire and effort!

May 2019 – Sniffing Active Directory with Bloodhound

April 28, 2019May 1, 2019 / roanokeinfosec / Leave a comment

Logo for Bloodhound

Many organizations, large and small, maintain an Active Directory environment. Over time even well-managed AD environments will suffer the crud of forgotten objects. Emergency changes and other unique additions often create resources that don’t follow established governance policy. Coping with system sprawl is a fact of life in most organizations. Our tools must help us cope with this and ensure that unintended vulnerabilities are introduced into the environment.

Continue reading →

Cancelled – October 2018 – Automatic Vulnerability and Risk Assessments using BotNet Technology

September 29, 2018October 11, 2018 / roanokeinfosec / Leave a comment

Update: Once again weather is not our friend. We will be cancelling our meeting tonight in hopes that we will be able to meet again next month in November. Please continue to check back for additional updated information.

See you all soon.

Continue reading →

RISE – Roanoke InfoSec Exchange

The premier InfoSec group in the Roanoke, VA region!

vulnerability

Using Pwntools and Frida for Dynamic Exploitation – March 2024

HTB CTF Crypto Challenge – November 2023

We’re Ready, Are You Ready?

October 2020 – Defense Against the Dark Arts

Black Hills Security – 30 Things to Get You Started

May 2019 – Sniffing Active Directory with Bloodhound

Cancelled – October 2018 – Automatic Vulnerability and Risk Assessments using BotNet Technology