What we're about
Upcoming events (3)
Hey Hackers, Wowowowowowow... do we have a surprise for LETHAL... For our next General Body Meetup (January 27th), we have the one and only... Steve Gibson!!! You may best know him from the podcast "Security Now!", which definitely helped shaped my security career. Special thanks to Joe McLaughlin for tracking Steve down and getting him to speak to us! Due to the large waitlist for this event, we will be checking RSVPs at the door, so please make sure you are verified confirmed (not on the waitlist) prior to showing up. If you are on the waitlist, I'll slowly be pushing people through over the next couple weeks. As you know LETHAL Meetup is completely free and open to everyone (if you make it on the RSVP list :D ). To keep it free and keep LETHAL going strong, we live on your donations. If you are in a giving mood, please donate to LETHAL at: https://paypal.me/lethalsecurity . All money goes to buying pizza/snacks/drinks, hosting our yearly CTF, allowing us to have discounted t-shirts, and more! -Peter ==========Current Speaker List============ Topic: SQRL - Secure Quick Reliable Login Speaker: Steve Gibson Description: Steve will demonstrate, describe, discuss and defend SQRL, a new open authentication system. SQRL provides secure pseudonymous identity online. It has many properties that make it significantly superior to usernames, passwords and all other forms of identity establishment. Rather than another second "factor" for identity, SQRL provides a secure single factor. It can peacefully coexist alongside usernames and passwords, Oauth, FIDO, TOTP tokens, or any other system. But it is truly superior to them all and it is hoped that it might eventually replace everything else. SQRL's design is 100% open, free, unencumbered by any intellectual property rights, and it is ready for the world. Bio: In 1970, Steve Gibson began coding assembly language on a 12-bit DEC PDP-8 minicomputer. Computers have changed a lot since then, but Steve still prefers assembly language. Before software came along he worked with hardware. While majoring in EECS (Electrical Engineering & Computer Science) at Berkeley, he was often asked: "Are you hardware or software." Steve's first entrepreneurial venture was the creation of a high-speed high-precision Light Pen for the Apple II computer. Atari wanted the light pen, so they bought the company. Steve then switched to the IBM PC and wrote "FlickerFree", a replacement of IBM's BIOS video driver, and then SpinRite to non-destructively optimize hard drive sector interleaving. For eight years during that time, he wrote InfoWorld Magazine's weekly "TechTalk" column. Then the Internet happened. So Steve created "ShieldsUP!" a free online service to allow users to check their machines for open ports. 13 years ago, Leo Laporte asked Steve if he would consider producing a weekly Podcast on the topic of security. Steve named it "Security Now!" and 13 years later that podcast has roughly 250,000 weekly listeners. Five years ago, the core concept for SQRL occurred to him during breakfast... and he's here to show us the result of five years of work. *If you are interested in speaking at future LETHAL events, please reach out and let me know. ==========Note============ Parking in the school's lot is free. Need to step up your hacking game? Don't forget to pick up a copy of the best selling hacking book "The Hacker Playbook 3: Practical Guide To Penetration Testing" on Amazon Today - https://www.amazon.com/dp/1980901759/.
*Please Note: Training is not part of the free General Body meetups. We are often asked by members if we can provide hands-on training courses. Therefore, we spun up LETHAL Security to provide a cheap alternative solution. This posting is just an awareness post, to check out more details on the classes or register, you have to go to: http://securepla.net/training/. Hey Hackers, LETHAL Security Training is BACK! We took a few months off for private trainings and to revamp our course work. For those that don't know about LETHAL Security training, it was built on the basic concepts and principles of sharing knowledge and providing growth, while providing real world training at an affordable cost. We often saw a gap in training courses for those trying to break into the industry or security professionals trying to expand their knowledge, but were unable to afford expensive training. So the Team spent years building unique training courses that simulate real world scenarios to teach those who are passionate about security and help get them to the next level. In terms of costs, if hosted at a non-conference location, we only charge $500 for a two full day course. This is the bare minimum to rent out facilities, food, and pay staff. Upcoming Classes: Real World Red Team Course - 1/22/2019 Real World Red Team Course - 3/2/2019 Basic and Advanced Web Application Hacking Course - 4/13/2019 Introduction to Ethical Hacking/Real World Penetration Testing Training - 6/8/2019 More classes coming real soon! For more information or to register: http://securepla.net/training/ What courses are we offering this year? Real World Red Team Course This classic, favorite class has been updated and extended. Now a two-day course, participants take a deep dive into attacking a company, abusing Active Directory, pivoting through machines, compromising production environment, custom persistence, and more. You take on the role of a Red Teamer, breaking into an organization without being detected…This isn’t your entry-level course and moves very fast, but with basic Metasploit knowledge, you should have no problem being successful! Click on any of the upcoming dates to see the full details: • Real World Red Team Course – 1/22/2019 @ OWASP AppSec Cali: https://bit.ly/2QXvDwK • Real World Red Team Course – 3/2/2019 @ Orange County, CA: https://bit.ly/2H7aaxM Basic and Advanced Web Application Hacking The Basic Class teaches you how to attack all the top common vulnerabilities through a real-life scenario of breaking into a Bitcoin Exchange. The Advanced Class takes you through more in-depth attacks like deserialization, node vulnerabilities, template injection, and more! Click on any of the upcoming dates to see the full details: • Basic and Advanced Web Application Hacking Course – 4/13/2019 @ Orange County, CA: https://bit.ly/2RoU9ba Introduction to Ethical Hacking/Real World Penetration Testing Training This two-day course helps those who are just beginning. We will discuss penetration testing methodology, how to perform reconnaissance/intel gathering, all sorts of scanning techniques, exploiting different types of applications, and reporting. In this course you will take the information you have gathered from open source resources and attack a victim network. Click on any of the upcoming dates to see the full details: • Introduction to Ethical Hacking/Real World Penetration Testing Training – 6/8/2019 @ Orange County, CA: https://bit.ly/2M78Nh6 Upcoming courses We are just finishing up a couple of other classes. One of the classes with be a random hackery class. This is geared towards those who are learning how to do basic CTFs, reverse binaries, modify memory, and even hack a game. Join our mailing list below to receive all the up-to-date info for this amazing class. If you're interested in taking training, go to http://securepla.net/training/ for more details and to register.
Hey Hackers, This is just a placeholder for our March 24, 2019 General Body Meetup. I'm still looking for speakers at this time, so if you want to present, let me know. If you are interested in speaking or have a topic you would like discuss, email me at peter <@> lethalsecurity.com. As you know LETHAL Meetup is completely free and open to everyone (if you make it on the RSVP list :D ). To keep it free and keep LETHAL going strong, we live on your donations. If you are in a giving mood, please donate to LETHAL at: https://paypal.me/lethalsecurity. All money goes to buying pizza/snacks/drinks, hosting our yearly CTF, allowing us to have discounted t-shirts, and more! -Peter ==========Current Speaker List============ Topic: Holiday Hack Challenge 2018 Walk-Through Speaker: @Hack_Char Description: The SANS Holliday Hack Challenge is an annual online CTF and one I enjoy playing each year. The questions range in difficulty and provide something interesting for everyone. There’s also a holiday theme throughout where a narrative gives hints to subsequent questions. I’ll present solutions to this years CTF questions as well as how I approached them. Most are web application based although other topics like network packet capture analysis and malware analysis are there too. https://holidayhackchallenge.com Topic: WPA Packet Capture/PKMID Cracking Speaker: Chase Description: More detail to come soon Topic: Still Open Speaker: Description: *If you are interested in speaking, please reach out and let me know. ==========Note============ Parking in the school's lot is free. Need to step up your hacking game? Don't forget to pick up a copy of the best selling hacking book "The Hacker Playbook 3: Practical Guide To Penetration Testing" on Amazon Today - https://www.amazon.com/dp/1980901759/.