What we're about

This is a club where like minded Ethical Hackers, Penetration Testers and Network / Computer Security professionals can come together and share knowledge. More geared on the technical side, we plan to have hands-on activities. Bring your coolest exploits or just a passion to learn!

Upcoming events (3)

LETHAL - General Body Monthly Meetup (March 22)

Coastline Newport Beach Center

Hey Hackers, This is just a placeholder for our March 22nd, 2020 General Body Meetup. Sorry I had to cancel January due to hardware/lab problems. I'll make sure this one goes on without a problem! -Peter ==========Current Speaker List============ Topic: Coming Soon! Speaker: Coming Soon! Description: Coming Soon! ==========Note============ Parking in the school's lot is free. Need to step up your hacking game? Don't forget to pick up a copy of the best selling hacking book "The Hacker Playbook 3: Practical Guide To Penetration Testing" on Amazon Today - https://www.amazon.com/dp/1980901759/.

[TRAINING] Web Hacking Basic/Advanced Course 4/25-4/26

Hampton Inn & Suites Irvine-Orange County Airport

*Please Note: Training is not part of the free General Body meetups. We are often asked by members if we can provide hands-on training courses. Therefore, we spun up LETHAL Security to provide a cheap alternative solution. This posting is just an awareness post, to check out more details on the classes or register, you have to go to: http://securepla.net/training/. Hey Hackers, Every want to learn how to bug bounty or hack web applications? Come to the world famous two day Web Hacking Basic/Advanced Course hosted by LETHAL Security on April 25 - 26 in Irvine CA. This training course was custom developed to put you right into the action and simulate real world web attacks. On day one of the course, you'll be hired to perform a penetration test against a BitCon Exchange. You'll go through the Hacker Playbook methodology to perform both basic and advanced attacks. On day two of the course, you'll focus on newer attacks and frameworks. In recent years, we have seen a number of new languages and frameworks such as NodeJS/Express. With these new technologies come both old and new vulnerabilities. You'll be tasked to attack a Node Chat Application and understand why you can't use generic attacks against these new frameworks. This isn't your average web app course! We built the labs around what we are seeing as penetration testers and bug bounty hunters. Date/Time: -April 25-26 -Class: 9AM - 5PM -Cost: $500 (student and other discounts available. Contact peter@lethalsecurity). To Register: -https://www.universe.com/events/web-application-hacking-2-day-course-tickets-irvine-VM1T7B Course Objectives: Perform and understand both common and advanced web attacks Learn how bug bounty hunters perform quick and effective reconnaissance Manually attack applications with and without the use of tools Fuzz inputs for potential injection points Find critical vulnerabilities in applications Understand vulnerabilities in newer languages/frameworks such as NodeJS and Express Training Syllabus Day 1 - Primer -Recon/Spidering -Attacking XSS, Polyglots, and Blind XSS -Cross-Site Request Forgery -Integer Underflows -Insecure Direct Object Reference -Local File Inclusions and Server Side Request Forgery -Manual SQL Injections -Remote Code Execute with Images Day 2 - Advanced Attacks -XML eXternal Entities (XXE) and OOB -DOM XSS -Deserialization Attacks -NoSQL -Template Injection -Node.JS Attacks -Cloud Issues -API Attacks and Vulnerabilities Upon Completion of this training, attendees will know: -How to perform a web application penetration test -How to use proxy tools such as Burp Suite -How to manually identify vulnerabilities -How to become a bug bounty hunter -How to protect your own web applications from attackers

[Training] Real World Red Team Training - 6/27-6/28

Hampton Inn & Suites Irvine-Orange County Airport

*Note: This course is not part of the FREE general body meetup and is a paid training class. To register for the class, you don't need to RSVP to this meetup, just pay for the class through the registration links at the bottom. To be confirmed for the training, you should get an Universe ticket email. This page is just for your information on how to register. This is one of our best selling training courses and takes you through the mindset of the bad guys moving through your corporate environment. This class will be a limited class size of 20 members to keep it small, hands on, and all about you! I’ve rented out a conference room that will be fully network connected and equipped for the class. All you’ll have to do is bring your laptop! Real World Red Team - Network Penetration Testing (June 27-28) - $500 (discounts available for students and others. contact [masked]) This class has been taught at many of the local conferences and is our best selling course. This class focuses on Red Team attacks and how bad guys are pillaging through your network. The days of exploiting MS08-067, encoding with Shikata Ga Nai, and blindly scanning are gone. Both Blackhat hackers and pentesters alike have shifted to using more advanced techniques to bypass AV, implement a smaller footprint to evade SIEM detection, and continually stay persistent to devastate enterprise networks. If you are looking to take your craft to the next level, this is the primer course for you. This training course was custom developed to put you right in the action and simulate real world red team attacks. You'll take the approach as a red teamer to social engineer your way into a company, gain information about the network, pivot to valuable resources, and gain access to all the company's secrets. This isn't your average pentest course! We built the labs around what we are seeing as red teamers. For more information, check out: https://securepla.net/training/ Training Syllabus Day 1: -Red Team Mindset -Recon -Creating Malware For Your Campaigns -Setting Up C2 Servers -Social Engineering -Compromise Your Victims -Living Off The Land -Moving Laterally In Windows/Active Directory -Smart Persistence and Code Caves Day 2: -Pivoting/Lateral Movement in Linux -Compromising Common Applications for Post Exploitation -DNS C2 And Network Limitations -Local Linux Privilege Escalation -Creating Valuable Reports -CTF Upon Completion of this training, attendees will know: -How to think like the bad guys do -How to evade AV and network detection tools -How to get around Windows protections -How to live off the land -How to write valuable reports to improve security To keep up with the costs of renting out the conference room and lunch, the one day will be set at a flat $500. The class will include: -Lab Material -Custom VMs -Classes from 9am - 5pm -Lunch Students will be required to provide their own computer with the following specifications: -Laptop with administrator access -Laptop with wireless/network connection -Laptop capable of running two virtual machines simultaneously using either VMware Workstation or Player or Fusion (for OS X) -Laptop with 30GB of free disk space Registration: To register for the Red Team (June 27-28) Course please visit: https://www.universe.com/events/real-world-red-team-attacks-2-day-course-tickets-irvine-DN1L3W Seats are limited, so hurry! :D -Peter

Past events (71)

LETHAL - General Body Monthly Meetup (Oct 27)

Coastline Newport Beach Center

Photos (24)

Find us also at