Hacker Talk Firo Solutions LTD
-
- Technology
Every second week, Hacker Talk brings you interesting conversation between some of the world best hackers, cyber security professionals and information security people.
-
Cat shaped hardware hacking with Alex Lynd
The hardware hacker, creator of the wifi-nugget, cybersecurity content creator, hak5 host and our guest of honor in this episode of Hacker Talk is Alex Lynd!
In this episode, we cover:
Alex background, working with hak5, content creation
O.MG pentesting cable
Signal intelligence
Wifi hacking
Hardware hacking
Modifying the hardware of calculators, playing games on calculators
Hacking the texas instrument ti 84 calculator
Alex's first computer being the raspberry pi
Starting with Linux
Embedded security
Hardware developer perspective
Making hardware devices
Making low-cost hacking devices
low cost, high availability and effective hacking devices
GPS implants
ESP8266, 3 dollar wifi microcontroller
Wardriving with esp8266
wifi nugget
Making cat-shaped hardware
Making a friendly and portable hardware design
Learning about wifi hacking and microcontrollers
USB nugget
USB rubber ducky
Keystroke injection attacks
ATtiny85 Arduino
Thought process behind creating the wifi nugget
How Filip cracked his neighbors wifi
Aircrack-ng
Airgeddon
Creating a DIY beginner hardware kit
The creation of wifi nugget, the first 100 devices
SpaceHuhn Maker
Wifi Beacon spoofing pranks
esp32 vs esp8266 wifi chip
Crafting custom packets with the esp8266 chip
Espressif Systems trying to stop people from using it's wifi chips for offensive purposes by locking down its software development kit.
Spoofing attacks
esp32 native USB mode
EMulating USB connected devices for data exfiltration
Auto trunked packets
pmkid wifi attack
Cracking wpa2 handshakes
Guessing autogenerated wifi passwords
Hashcat
Password generator based on your local area code
The best password-cracking word list Filip has ever used
Funny pranks with the wifi nugget
Nugget defender, see if anyone is attacking your network
use Canary tokens to detect if someone is breaking into your system
Bugged microsoft word and pdf documents
Having an intrusion detection system in your pocket
wifi honeypots
Getting started designing custom printed circuit boards(PCB)
Design with easyeda
Creating a tv-be-gone
Sourcing pcb boards
Circuit board art
What software to use to create boards
Antenna design
Omni directional antennas
Yagi antennas
Sourcing hardware
Making it more user friendly
Links:
https://alexlynd.com/
https://mg.lol/blog/omg-cable/
https://github.com/HakCat-Tech/WiFi-Nugget
https://education.ti.com/en/products/calculators/graphing-calculators/ti-84-plus
https://en.wikipedia.org/wiki/Raspberry_Pi
https://hak5.org/
https://en.wikipedia.org/wiki/ESP8266
https://retia.io/
https://twitter.com/AlexLynd
https://usbnugget.com/
https://shop.hak5.org/products/usb-rubber-ducky
https://en.wikipedia.org/wiki/ATmega328
https://en.wikipedia.org/wiki/Arduino_Nano
https://www.pcboard.ca/mini-attiny85-usb
https://www.arrow.com/en/research-and-events/articles/attiny85-arduino-tutorial
https://github.com/derv82/wifite2
https://en.wikipedia.org/wiki/Aircrack-ng
https://www.kali.org/tools/airgeddon/
https://github.com/SpacehuhnTech/esp8266_deauther
http://deauther.com/
https://spacehuhn.com/
https://ieeexplore.ieee.org/document/4529384/
https://en.wikipedia.org/wiki/ESP32
https://www.espressif.com/
https://documentation.meraki.com/MR/Other_Topics/PMKID_Vulnerability_FAQ_-_WPA%2F%2FWPA2-PSK_and_802.11r
https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
https://colab.research.google.com/
https://en.wikipedia.org/wiki/Hashcat
https://github.com/danielmiessler/SecLists
https://github.com/HakCat-Tech/Nugget-Invader
https://canarytokens.org/generate
https://easyeda.com/
https://www.pcbway.com/
https://www.kicad.org/
https://en.wikipedia.org/wiki/Nordic_Semiconductor -
Darknet Operation Security with Sam Bent Part 1
Sam Bent, previously by his online handle as the Darknet Vendor "2happytimes2" is our Hacker of the episode!
In this episode of Hacker Talk we get to hear, how Sam put toghter an Opsec plan that ended up protecting him against a 20 count indetment and 200 years in prison. Thanks to a bruteforce attack in the true hacker spirit he managed to get out of prison.
What is it like to apply strong operation security practices in your everyday life? How does one survive and adapt to hostile environments?
Join us in this thrill seeking episode of Hacker Talk, where we get to hear Sam's story.
In this episode we cover:
Darknet Vendor, Darknet Marketplaces
Darknet Forum Administrator
First Introduction to Tor
Silkroad,
Early Bitcoin days
Bitcoin Pizza for 20 000 Bitcoins
Moderating darknet forums
Money laundering charges
Privacy
Journey into selling on the darknet
Residential Security
Living in Vermont, United States of America
Computer support
Forming information security policies
Backtraq 2(Released March 2007)
Yagi antenna, randomizing your mac address before you use your neighbors wifi
Removing DNA from packages.
Speaking at Defcon
Dealing with the Department of Homeland security
Social Engineering
Operation security
Dread Darknet Forum
Dealing with Hostile Environments on the darknet and in prison
Profiling yourself
Importance of Adoptability
Managing multiple identities
Pretty good privacy(PGP)
Trust on the Darknet
Resumes on the Darknet
Best practices for Password Managers
Storing password's in "The Slip", secure convenience security
How to ship mail securely
Interacting with the united states judicial system
Franks hearing
Becoming a paralegal in Prison
Writing a 200-page passion of release motion
Building trust in Online Communities
Links:
Doingfedtime Youtube channel: https://www.youtube.com/@DoingFedTime
Bitcoin talk pizza thread: https://bitcointalk.org/index.php?topic=137.0
https://en.wikipedia.org/wiki/Vermont
https://en.wikipedia.org/wiki/BackTrack
Sam's defcon talk: https://www.youtube.com/watch?v=NGiUhjuB22Y
https://www.16personalities.com/
https://en.wikipedia.org/wiki/Pretty_Good_Privacy
https://en.wikipedia.org/wiki/Silk_Road_(marketplace)
https://www.shouselaw.com/ca/blog/warrant/what-does-it-mean-to-traverse-a-warrant-what-is-a-franks-motion/
https://forum.defcon.org/node/241998
https://www.darknetstats.com/seasoned-dark-web-vendor-2happytimes2-sentenced-to-5-years-in-prison/ -
Bug Bounty Bootcamp with Vickie lii
Our Hacker of the episode is "Vickie lii"! Vickie tells us about Bug Bounties, her new book and information security.
Tune in now!
In this episode we cover:
Background, getting into security
Getting into Bug Bounty
First Bug bounty
Hackerone, Bug crowd
Reporting Security Bugs
Coordinating bug bounties
Life as a bug bounty hunter
Interaction with engineers
Bug bounty bootcamp Book
Security as a hobby
Writing Books
How to hack web applications
Vickie's favourite types of Vulnerabilities
Template injection
IDOR
Writers block
Nostarch
Book Publishing
Bug bounty tools
Python and Bash
Make bug bounties more enjoyable
Portswinger Lab
Finding low hanging fruits
legal harbor
Caring about security researchers
Links:
https://twitter.com/vickieli7
https://en.wikipedia.org/wiki/Bug_bounty_program
https://vickieli.dev/
https://portswigger.net/web-security/all-labs
https://portswigger.net/research/server-side-template-injection
https://www.geeksforgeeks.org/insecure-direct-object-reference-idor-vulnerability/
https://nostarch.com/bug-bounty-bootcamp
Grab a copy of Vickie's book:
https://www.amazon.com/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3 -
CodeQL with Alvaro Munoz
In this episode of Hacker Talk:
One of the most powerful newer static analysis tool is CodeQL.
By converting your code base into a Codeql database, you can now write
queries in a read-only way, in order to find security vulnerabilities
and problems in you Code-base.
We wanted to know more about this declarative language called "CodeQL".
Straight from Github's Security Lab, we are joined by Alvaro Munoz!
Alvaro, is a Security Researcher, Leads a team of researchers that leverage Codeql to find and model vulnerabilities at Github, with a background in research related to finding remote code execution bugs through deserialization.
Tune in as we get to hear the ins and out of CodeQL, how to get started, when Codeql was used to find a vulnerability in a public Covid-19 system, how to find vulnerabilities with Codeql and a lot more!
Topics covered:
Learning to thing outsite the box by playing Capture the flag
CodeQL declarative languages
Static code analysis
Getting a broad view of the source code
Writing queries with CodeQL to find vulnerabilities
Modeling vulnerabilities with CodeQL
The learning curve of CodeQL
Quering github repositories for vulnerabilities
Write codeql for a large amount of repositories with lgtm(use it goes before it goes EOL)
Linters vs codeql
CodeQL integrated with continuous integration pipelines
Get started with Codeql
Submit your codeql queries to Github Security Lab's Bug bounty
Best practices for writing queries
Thinking of the code as a database with codeql
Finding vulnerabilities in Covid-19 systems
Best pratices for CodeQL
Reduce false possitives
CodeQL with nvim(neovim)
Improving vim by creating a more interactive development enviroment alternative, "neovim".
LSP integration with neovim.
CodeQL with Emacs
Remote code execution bugs found with CodeQL.
Bugs found in Radar Covid App
Patterns leading to remote code execution
Auditing javascript frameworks
CodeQL vs other static analysis tools
Capture the flag codeql challanges
The future of CodeQL
External links:
https://lgtm.com/
https://github.com/pwntester
https://neovim.io/
https://en.wikipedia.org/wiki/Language_Server_Protocol
https://en.wikipedia.org/wiki/Semgrep
Covid 19 tracing app
- https://securitylab.github.com/research/securing-the-fight-against-covid19-through-oss/
- https://threatpost.com/german-covid-19-contact-tracing-vulnerability-rce/161419/
Github Security Lab web site: https://securitylab.github.com/
Join Github Security Lab Slack Channel:
https://join.slack.com/t/ghsecuritylab/shared_invite/zt-120w4vby8-_O9u9k2hPfgbju1tddBPcg
https://twitter.com/pwntester
Bounty program: https://securitylab.github.com/bounties/
https://codeql.github.com/
https://codeql.github.com/docs/codeql-overview/
http://www.pwntester.com/
https://en.wikipedia.org/wiki/Abstract_syntax_tree
https://en.wikipedia.org/wiki/Control_flow_analysis
https://github.com/github/codeql-learninglab-actions
https://github.com/anticomputer/emacs-codeql/
Special thanks too:
We want to give a huge thanks to Github's Security Lab Team for making this episode a reality! -
SecBSD - The penetration testing distribution for the BSD community | BSDBandit on Hacker Talk
In this episode of Hacker Talk, we are joined by the Hacker and SecBSD contributor: The BSDBandit!
Tune is as we deep into secbsd, the penetration distribution for the BSD community.
In this episode we cover:
Video games
Kali linux meets bsd
Started to hack in college
mandraka linux
FreeBSD 4.8 and beyond
BSD vs Linux
Reading the RFC's
IRIX
Learn from developer mailing lists
OpenBSD's mailing
The start of SECBSD - BSD based Penetration testing distribution
SecBSD, release cyckle
Documentation in the BSD world
NetBSD on toasters and sega dreamcast
Comparing the BSD's
Porting ruby Beef to BSD
Web applications as houses
Webb application api's
Security
Penetration testing
Management vs Security Researchers and developers
The adventures of Hacking and learning
The state of Hacking
Tinkering with FreeBSD
ManPages
Unix Powertools book
Vi Editor
Having fun with Technology
People code computers
Time allocation and having a good schedule
Rust programming
Visual code studio
Pentesting with Rust
Mental health
Taking brakes, allocating
discord and Internet Relay Chat
Libera.chat irc
Irssi irc client
Phreakers going into VoIP
OpenBTS
IceCast
Future of IT-Security
Moving everything to the browser
Challenge of the episode:
The BSDBandit challenges you to read one man page per day for one year
Links:
https://en.wikipedia.org/wiki/Mandriva_Linux
https://www.freebsd.org/releases/4.8R/announce/
https://secbsd.org
https://twitter.com/SecBSD
https://rfcs.io/http
https://www.rfc-editor.org/rfc/
https://en.wikipedia.org/wiki/IRIX
https://en.wikipedia.org/wiki/Sub7
https://marc.info/?l=openbsd-misc&r=1
https://www.openbsd.org/faq/ports/guide.html
https://twitter.com/CryptoBanshee_
https://beefproject.com/
https://www.oreilly.com/library/view/unix-power-tools/0596003307/
https://www.amazon.com/UNIX-PowerTools-Jerry-Peek/dp/1565922603
https://en.wikipedia.org/wiki/Vim_(text_editor)
https://en.wikipedia.org/wiki/Vi
https://twitter.com/bsdbandit
https://crates.io/
https://www.rust-lang.org/
https://github.com/bsdbandit
https://crates.io/crates/pledge
https://en.wikipedia.org/wiki/Ghostscript
https://en.wikipedia.org/wiki/Discord
https://en.wikipedia.org/wiki/Irssi
https://en.wikipedia.org/wiki/2600%3A_The_Hacker_Quarterly
https://libera.chat/
https://en.wikipedia.org/wiki/OpenBTS
https://icecast.org/ -
Podman with Daniel Walsh
Hacker Talk is back! Stronger than ever with a new episode, in this episode we are all about Podman!
Joining us today is Dan Walsh. One of the main people behind Podman! Dan is very knowledgeable in the (oci)container security world. We are super happy to have him on Hacker Talk and hear about Podman.
Topics:
Podman
Podman in action book
Dan's journey into Unix and Linux
Following Paul cormia to redhat, CEO of redhead
Redhat, working on pre-vpn
Working on se-linux
Container technology
Security for openshift
Being integrated with docker
Oci images and runtimes
Fork and exec
Security in containers
Docker daemon
Design behind podman
Better security in podman
Combining podman with kubernetics
Docker Vs systemd
Full integration with systemd
Buildah, docker build with podman
Background story of buildah
Overhead in containers
Get started with migrating infrastructure to podman
Gitlab runners with podman
Podman on non-linux systems
Docker starting to charge for Windows and Mac
Podman desktop gui
Linux security
Sec-comp
Land lock security mitigation in the Linux kernel
SE-linux
Encrypted virtual machines
Intel-sgx with KVM virtual machines
Trusting proprietary CPU encrypted environments
Encrypted workloads
Security at the hardware level
Links
https://www.manning.com/books/podman-in-action
Se-linux
Podman
Docker
https://www.youtube.com/watch?v=MmUwrP791sI
Replacing docker with Podman
Buildah
Docker starts to charge for usage
Read Dan's book:
https://www.manning.com/books/podman-in-action
Find more episodes of Hacker Talk at:
https://anchor.fm/hacker-talk
Subscribe to Hacker Talk's RSS feed:
https://anchor.fm/s/7984c230/podcast/rss