Whitehatters Computer Security Club

# Welcome Back. First Meeting August 26th

[ Author: brad_d ] [ Date: 08/24/2016 ]

It's been an exciting summer for the Whitehatters. The two summer camp programs we put on with FC2, GenCyber and PreCollege Cyber Defense Boot Camp, went very well. It's looking good that both of those programs will be happening again next year. The camps provided us with the means to cover airfare, hotel, and registration for Whitehatters to attend DEF CON 24 in Las Vegas. Thank you to all those who helped out.

Meetings: Our first meeting of the semester will be held this Friday August 26th at 5 PM in ISA 5021. Club President Kris (Xan) will introduce the club to new members, and talk about our plans for the semester.
Wednesday and Thursday meetings will commence next week. 
Recruitment: The club is trying hard to step up our recruitment efforts this semester. We've appointed Fidel (cookieman08) as the club's Head of Recruitment. If you have any ideas or questions about recruiting new members or getting the word out about our club, please contact him on Slack.
Website: The website and the Google calendar have been updated recently. We produced a short guide for new members on how to get involved in the club which is available here: http://www.wcsc.usf.edu/noobs
Slack: Slack is now our primary communication channel. We've reorganized some things, mainly that the #ctf channel is now private to keep out rival CTF teams. If you're not on our Slack team, or not in the #ctf channel, please contact me. 
IceCTF: Several of our members have been playing the IceCTF lately. It's a really fun CTF with tons of challenges for all skill-levels. It ends Friday at noon. You can get started at https://play.icec.tf/, but be sure to check out #ctf on Slack to play with the rest of the Whitehatters.
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters
Brad Daniels
WCSC Secretary

# [Fall 2016]

[ Author: Xan ] [ Date: 08/22/2016 ]

New Members Fall 2016

# No Meetings This Week

[ Author: brad_d ] [ Date: 08/09/2016 ]
Thanks to all of you who helped out with GenCyber and Precollege and got your free trip to DEFCON. Everyone was really impressed with how it turned out.
Since we're all recovering from DEFCON and getting ready to start the semester, we are not having any meetings this week. Stay tuned to the mailing list and Slack for updates on when the next meeting will be. 

# Whitehatter's DEFCON Meetup!

[ Author: brad_d ] [ Date: 07/21/2016 ]
What: Defcon meet-up for WCSC members, alumni, and friends 
When: Thursday, August 4 at 9 PM 
Where: Hofbräuhaus Las Vegas, 4510 Paradise Road.
We have reserved a table for 25.
Let's talk CGC, CTF, CVE, and any other related acronyms. CYA there.
Jeremy R.

# No Whitehatters Meetings Till August 10th

[ Author: brad_d ] [ Date: 07/18/2016 ]
Due to our involvement in GenCyber and PreCollege, and the subsequent trip to DEFCON in Las Vegas, we will not be holding any meetings until August 10th. 
Enjoy the rest of your summer break! 

# Lots of Cool Presentations, WiFi Wednesday

[ Author: brad_d ] [ Date: 03/17/2016 ]

CTF: Boston Key Party is coming up March 4th through 6th. https://ctftime.org/event/252

Wednesday Meeting: Tomorrow at 6PM we will be meeting in ISA 5021 to go over Wi-Fi security. Please bring a Kali install and a Wi-Fi card that supports monitor mode to join in on the fun. 
Friday Meeting: Our flagship meeting is at 5PM every Friday in ISA 5021. 
Below is our tentative presentation schedule: 
2/26: brad_d, Windows authentication
3/4: nullp0inter, buffer overflow
3/11: ReliaQuest, Cybercrime and Blackhat hackers
If you want to present at Whitehatter's please send me an email with your topic idea and any date restrictions. 
You don't have to be a hacking prodigy to present. If you're working on something cool, or want to learn something new, preparing a presentation is a great way to sharpen your understanding on a topic. You can review past presentations on our GitHub. 

# Meeting tonight at 6PM, Malware talk on Friday

[ Author: brad_d ] [ Date: 02/17/2016 ]

Blue Team Wednesday: Today at 6PM in ISA5021, we're going to be reviewing our performance at SECCDC Quals. We'll be going over what we could have done better during the competition, and the future direction of the Wednesday meetings. We'll be discussing the summer pre-college program, and opportunities for an expenses-paid trip to DEFCON 2016. 

0x28 Council: WCSC is restarting the 0x28 Council. The council is a group of club members who play a more active role in the club. Council members will be expected to contribute more to the club, but in return, have a greater voice in club decisions, and greater involvement in special projects and work opportunities. More details on the 0x28 council will be discussed today at the Wednesday meeting, and again at the Friday meeting. 
Expo: Tomorrow at 5PM we will be meeting up in the ISA5021 lab to go over our plans for the USF Engineering Expo. This is a great opportunity to get more active in Whitehatters. To get involved, please message nullp0inter on Slack or IRC, or email him at ian@whitehatters.org.
Friday Meeting: This Friday at 5PM in ISA 5021, we will hold our regular Friday meeting. Xan will be giving a talk on Malware Analysis that you should not miss. Afterwards, we'll head to Dunderbaks for drinks and food. 
Keeping in Touch:  Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. Much of the chatting has moved to Slack now. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters

# Blue Team Tomorrow, Last Meeting of the Semester on Friday

[ Author: brad_d ] [ Date: 12/01/2015 ]


Watch this 2010 short doc about the Whitehatters! https://www.youtube.com/watch?v=TvmaCNJnSZ8 

Wednesday Blue Team: Tomorrow night at 6 PM in CIS 1035 we will be having our next Blue Team meeting. If you want to get practical hands on experience administering and securing Linux and Windows systems, come join us! It's never too late to get involved. 
Friday Meeting: This Friday, Dec. 4th at 5 PM in CUTr 202 we will be having our last regular WCSC meeting of the semester. Cybersecurity professional Brandon Ward of Raytheon SI will be giving a talk on using emulators to find bugs. 
Bull Market: nullp0inter, GH0S1 and others will be out in front of the Marshall Center tomorrow for Bull Market. Come by and check out our table tomorrow between 8:30 and 3. 
Good luck on finals everyone! 

# Blue Team today, SQL Injection on Friday

[ Author: brad_d ] [ Date: 11/19/2015 ]

Blue Team: Tonight at 6pm in CIS 1035, we're having our weekly Blue Team meeting. It's not too late to get involved! If you want to join the Linux team please bring Ubuntu 14.04 and CentOS 7 VMs. If you wanna join the Windows team bring a Windows Server 2012 R2 VM, which you can get through Dreamspark. 

For Linux command line practice, OverTheWire.org has a great wargame for learning the basics at http://overthewire.org/wargames/bandit/ 
Don't sell yourself short and look up the solutions! Use the man command for help! 
CigarCitySec: After the Blue Team meeting, we'll be heading over to CigarCitySec for beers. CigarCitySec is a monthly informal gathering of Tampa Bay computer security professionals. More information can be found at http://cigarcitysec.com/
If you need a ride, let us know on IRC or Slack. 
Friday Meeting: 5pm this Friday in Cutr 202, former WCSC president rastii will be giving a talk on SQL Injection! He has challenges ready for all experience levels after the presentation. It should be a fun evening. Afterwards, we'll be hitting up Dunderbaks, as usual. 
Keeping in Touch:  Our main IRC channel is #wcsc on irc.hackint.org:9999. Please use SSL. If you haven't been added to the WCSC Slack please email Xan at kris@whitehatters.org
Other WCSC Resources: 
WCSC CTF challenges: mynameisg.us
Twitter: @whitehatters

# WCSC @ CigarCitySec

[ Author: Xan ] [ Date: 09/17/2015 ]



A couple of us from WCSC made it out to the third meeting of CigarCitySec last night. Hopefully it will continue to keep growing. Its a really awesome time to meet people in the Tampa security community. If you haven’t been yet come join us next month. Meeting dates are on the WCSC calander. 




# Welcome To Spring 2015

[ Author: Xan ] [ Date: 01/22/2015 ]

Welcome Everyone!

This Friday (January 23) in MSC 2703 at 5pm Whitehatters will start the first official meeting of the new Spring semester. I wanted to take some time to welcome new and past members who will be joining us.

If you have not already noticed the Whitehatters calendar has been updated and if you haven't subscribed now is a great time to do so. Whitehatters Calendar 

Last week, Whitehatters competed in Ghosts In The Shellcode accomplishing some great work for our first CTF of the new year. Hopefully, we will have writeups of some of the challenges up soon.

This semester we have some great events planned out. USF Engineering Expo is coming up on February 13th and 14th and Whitehatters will be there once again. It will be exciting to show off our new demo this year related to cyber security. Of course, CTFs are important to the club and Whitehatters will be out in full force this semester competing in Boston Key Party, PlaidCTF, SECCDC, and several others before finishing out the semester with DEFCON 23 Quals.

If you haven't already, you should join the discussion with our several communication outlets including our...

Mailing List

IRC: irc.hackint.org/9999 #WCSC



Looking forward to a busy and awesome Spring semester.

See you all on Friday!

# Presentation topics!

[ Author: bspar ] [ Date: 11/14/2014 ]

Hey y'all, we want a list of presentation topics, and we want to guage interest in those topics. There's a document here: http://goo.gl/mIiDH8, and it is editable by USF students. Feel free to add topics and comments (and state interest). And feel free to note if you'd like to do the talk! Please, don't abuse the document - an audit log is kept.

# Another semester!

[ Author: bspar ] [ Date: 09/01/2014 ]

Welcome to the start of another semester! We have many things in store for the Fall, and we're excited to begin.

The first meeting is this Friday (September 5) from 5 - 7 pm (1700-1900) in room MSC 3708. Check out our calendar for the rest of the semester's schedule. Most of our meetings are in MSC 3705, but we have MSC 3708 when that room is unavailable - make sure to pay attention to the calendar and announcements!

Speaking of announcements, we have yet another method of communication now (besides twitter - @whitehatters, our mailing list, IRC, and our calendar)! Instead of using Canvas, USF is having student organizations use "BullSync" to manage members, meetings, info, etc. Here's our page in particular. Join the organization on that page if you want to be in the cool crowd. 

Now, here's some things we have planned:

Weekly meetings. We'll be having meetings just about every week (Fridays at 1700). During those meetings, though, we'll be trying out a new format: a one hour talk for newer members, and an hour for a more advanced talk (I'd expect usually about binary exploitation). As always - we more than welcome anyone to come give talks!

Binary training. I'll be ramping up a binary exploitation training/education program to try to guide members new and old in becoming better at reverse engineering and exploitation. It would be most useful to join #WCSCbinary on the hackint IRC network

CSAW Quals. CSAW Quals is coming up soon! September 19th to be exact. We have a tem - stay tuned for meeting time and location.

Well, that's all for now!

# Defcon 22 memoirs

[ Author: hhh ] [ Date: 08/29/2014 ]

On August 7-10, a number of USF Whitehatters (current and alumni) made their way out to Las Vegas for the annual hacker conference known as Defcon.  This was my 10th trip out there, and each time has been a unique and rewarding experience. As I said to someone, "I used to go for the talks. Now, I just go to talk to people."

I was impressed as always with our friends at LegitBS who ran the Defcon Capture the Flag (CTF) competition, complete with its own custom hardware badge hacking challenge and epic competition visualizations, not to mention the usual array of staggeringly clever binaries. I received a special CTF challenge coin that has gone onto the shelf of treasures in my office.

Speaking of badges, duck did a nice job of hacking up the Defcon badge with an IR diode from Fry's so that he could replay the signals from Goon and Uber badges; but the the real story behind the badge was a little more complex.

As usual, our team made it to the finals of Hacker Jeopardy!, and as usual, we came in second. We're getting to be known as the Buffalo Bills of Hacker J! ... bspar will probably not appreciate me mentioning this, but he earned an atomic wedgie after missing an alt-coin question. Despite a promise from the emcee, G. Mark Hardy, that this year's competition would reward knowledge over alcohol consumption, that was not really the case.

ninjafish and intrigue, not sure if you heard, but Jolly/Zelda & friends pulled off a Shmoocon/Defcon Hack Fortress 6-peat even without your Heavy and Pyro, respectively. Or is it Demoman and Spy? I can never remember.

I finally gave into the Pineapple craze and picked up one of the new Mark V's, even while @IHuntPineapples was popping shell on those unwise enough to fire up theirs at Defcon.  I waited till I got home to update the firmware and have been having some fun with it. I'll do a demo at a WCSC meeting sometime.

Well, there were many, many other good memories from Defcon, but as they say: "What happens in Vegas ... ends up on Twitter."

# CSAW CTF Result

[ Author: rastii ] [ Date: 09/25/2013 ]

After a long, exciting, and sleep deprived weekend, the competition was over.  Many redbulls were consumed and many challenges were solved.

We managed to get 5th place for teams that qualified, 2nd place in the US for undergraduate teams and 25th overall.  Since we did place in the top 10 for qualifying teams, we now advance to compete in the finals at NYU.

Scoreboard and challenge board:

Challenge Board


# Call for Talks

[ Author: rastii ] [ Date: 08/30/2013 ]

Since the semester is now starting, we are looking for people who would be interested in giving a talk to the Whitehatters of USF.  The talk could be about anything related to computer security and is not required to be an advanced topic.  Whether you learned something interesting over the weekend, or if you worked on an interesting project, please feel free to share it at one of our meetings.

You do not have to be a student to give a talk, anyone is welcome.

If you'd like to give a talk, please fill out this form.

# Summer is here!

[ Author: rastii ] [ Date: 04/29/2013 ]

The end of the semester is finally here.  Now it's time to relax, learn some new things, and finish up those projects we have shelved due to classes.  

I'd like to make a few announcements for the summer.  There are a few exciting events coming up including Defcon XI, Defcon qualifications, and Hack for Change.  For those of you who don't know, the Hack for Change event is a programming hackathon where various companies and agencies provide raw data for you to use.  It will be located in the ITT Tampa campus; more information is provided in the link.  

We will continue to have our weekly meetings throughout the summer. You can track when the meetings will occur by viewing the calendar.  There will also be 1-2 bootcamps this summer.   The bootcamps are designed to hone your skills on a particular topic through a focused curriculum.  They will most likely be throughout a weekend and will be posted in advance as to when they will occur.

If you would like to take a moment of your time and provide feedback to the club as well as request what topics you would like for the bootcamps, please take this survey.

Recently, the club has created a "mini-ctf" with various challenges.  If you are new to the club and/or security field, these challenges are great for you as they are very beginner friendly.  We wish to continue expanding the challenges located on the site as well as provide more difficult challenges.  If you would like to provide additional content, please email me luke [at] whitehatters dot org.

More information on upcoming CTFs that the club will participate throughout the summer can be found here.

Have a wonderful summer!


[ Author: billymeter ] [ Date: 04/14/2013 ]

Currently, the USF node of our IRC network is down. You can still connect to IRC using the round-robin address irc.hackint.org. Remember to connect via SSL on port 9999!


[ Author: billymeter ] [ Date: 03/06/2013 ]

RuCTF is coming up this Friday, March 8 at 0900 EST and ends on March 10 at 0900 EST. Please come join us in the Success Center Conference Room in the KOPP Building this weekend to compete. This is an excellent opportunity for our newer members to get their feet wet and get some CTF experience. These events is where you learn the most, so please join us!

# New Website Up!

[ Author: rastii ] [ Date: 03/05/2013 ]

The new website is finally up!

More features will be added to the site as the year progresses.

Here are a few things that will be added soon:

  • CTF Writeups
  • Club Projects
  • Inventory
  • New Wiki

If you are interested in helping out with the new website or have any ideas that could benefit the site, please contact me at luke [at] whitehatters dot org.

Upcoming Events