1 of 20

Intro to RedTeam

Noah Holland and Anika Ahren

2 of 20

First, some recap

3 of 20

Who we are

  • Officers
    • Noah H (President)
    • Ethan N (Vice President)
    • Dane C (Treasurer)
    • Anika A (Secretary)
    • Tyler O (CTF Chair)

4 of 20

What we do

    • Potentially even hosting our own
  • Conferences
  • Meetings
    • Like this one!
  • Competitions (CTFs)
  • Events/Workshops

5 of 20

If you met us at K-Day,

6 of 20

I likely said RedTeam was the org for “all things security”

7 of 20

So, what exactly is “security?”

8 of 20

Areas we cover

  • Things covered in Tech’s cybersecurity program
    • Network security
    • Program security
  • And things that aren’t
    • OSINT
    • Social engineering
    • Physical Access Control Systems
    • Physical security
      • Locks, keys, bypasses
    • Password cracking
    • Web application exploitation
    • Wireless security (including general RF)

9 of 20

Speaking of….

10 of 20

Onto today’s main topic!

11 of 20

What is OSINT?

12 of 20

OSINT is…

  • Open Source INTelligence

Collecting & analyzing publicly available information from online sources, used in identifying vulnerabilities, detecting threats, and monitoring for leaked credentials / sensitive data

  • TLDR — “Professional googling” (or stalking…)
    • OSINT has applications in Social Engineering, Phishing, Exploitation in general

13 of 20

HOW TO DO AN OSINT..

  • GOOGLE IS YOUR BEST FRIEND!
    • Get familiar with google search operators
      • “ “ ← quotes !!
  • Linkedin
  • Facebook
  • Instagram
    • Friends/Followers list can give you a lot of information on a person and their interpersonal relationships..
  • Public records
    • The person themselves but also family members
      • Obituaries, voting records
  • Reverse image search
    • Yandex, Google Images

14 of 20

some useful shortcuts

15 of 20

tips…

  • THINK ABOUT YOUR INDIVIDUAL !!!
    • Who would they be following?
    • Where are they associated with?
      • Clubs, Organizations, COLLEGES
  • Instagram + FB makes it really easy to “connect” the dots between people and gather more information EVEN IF they themselves do not have a lot out there
    • Moms LOVE to overshare on FB
    • This goes for Linkedin as well
  • PEOPLE USUALLY USE THE SAME USERNAME FOR EVERYTHING..

16 of 20

challenge..

  • what is my middle name +5
  • what city +10 (or state +5) did i grow up in and live in for 10 years
  • what was the name of my high school robotics team +5
    • give me a name of one of my co captains on that team +10
  • what is my favorite dye.. (& WHERE U FOUND THIS INFO) +5
  • give me one playlist from my youtube channel +15
    • or spotify if you’re lazy (+5)

submit your answers using this form

17 of 20

USEFUL

https://osintframework.com/

18 of 20

One last thing

19 of 20

National Cyber League (NCL)

  • The main CTF we compete in
    • Especially for the Fall competition
  • Costs nothing to register, if you are interested
    • The College of Computing will foot the bill for your sign-up
    • However, you get “blacklisted” if you do nothing for the entire competition
  • Just be sure to at least do the easy challenges
    • Literal challenge on the rules, boils down to “don’t cheat”
    • Easy “password cracking” is just number bases (base2, base6, base64)
      • Can find converters online from a 2 second google search
    • Easy crypto is just basic ciphers
      • Can also find automatic decoders off google
  • Highly recommend signing up
    • Even if just to see where you are at compared to other students
    • See what areas you need to work on

20 of 20

Next week’s meeting

  1. Password cracking
    • Get list of various hashes to crack
    • Crack password for encrypted files (pptx/zip/pdf)
    • Include some wordlists for your future password cracking endeavors (CTFs)
  2. Web application exploitation
    • Get access to some vulnerable web services to exploit
      • NGINX/Apache
      • Flask/other backends
    • Including basic SQL injections
    • Directory/file/subdomain enumeration
  3. Network Security
    • Insecure protocols
      • FTP/rsync/telnet
    • Downgrade attacks
    • Other TCP-based chicanery
      • Hacking integrated PoS protocols
  • Password cracking
    • Get list of various hashes to crack
    • Crack password for encrypted files (pptx/zip/pdf)
    • Include some wordlists for your future password cracking endeavors (CTFs)
  • Web application exploitation
    • Get access to some vulnerable web services to exploit
      • NGINX/Apache
      • Flask/other backends
    • Including basic SQL injections
    • Directory/file/subdomain enumeration
  • Password cracking
    • Get list of various hashes to crack
    • Crack password for encrypted files (pptx/zip/pdf)
    • Include some wordlists for your future password cracking endeavors (CTFs)

Form for NCL and next week’s meeting: