Penetration Testing

Visitors and newcomers are very welcome, please see https://hackmelbourne.com/newcomer-faq/ for more details. COVIDSafe restrictions are also in place, please see https://hackmelbourne.com/covid-19-restrictions/ for the latest. Short walk from Glenferrie train station. Car parking at Hawthorn town hall. Bring a laptop and a project you are working on. There is also a number of group projects that you are welcome to join in. We have starter kits for Arduino, a couple of 3D printers, various tools and equipment available for use. Typically our sessions run from 6:45pm till later in the evening (depending on our members' availability to close) but if you're new please come early.

Enjoy brunch at historic Pentridge

Two thirty-minute presentations followed by Beer & Pizza Speakers: ## From Bits to Collisions: Breaking and Defending Railway OT This session introduces **OT-Security-Lab**, a hands-on railway SCADA/PLC security lab that shows how cyber attacks can create real physical impacts. By simulating safety logic, control registers, and legacy protocols like Modbus TCP, the lab demonstrates how attackers can manipulate OT systems without exploits or malware. It also highlights how Blue Teams can detect these behaviors, helping bridge the gap between IT security and real-world OT environments. Bio: Christian Azuero is a cybersecurity specialist and Technical System Consultant at BMM Testlabs with over five years of experience across firewall auditing, threat detection, DFIR, and regulatory compliance. He designs hands-on Blue-Team and CTF learning environments, including the Hacker Escape Room platform used by students and cybersecurity communities across Australia. Christian holds an MSc in Network & Security from Monash University and multiple industry certifications, and is passionate about making cybersecurity and OT education accessible, practical, and fun.

Come along and join in a relaxed evening of dev and tech talk, drinks and dinner.

**‍♀️**Welcome to our Tuesday Social + language ​exchange meetup. Meet people from many countries and make new friends. We always have between 100 - 150 people attending our Tuesday event since this event is listed in 3 different meetup groups. Some people come early some come late, best time is between 6pm to 9pm. This is a great opportunity to learn to speak English with native and non-native speakers. Many English speakers, Europeans, Chinese, Japanese, Koreans, and other Asians attend our fun and friendly party. It is suitable for international students, working holiday people, professional ex-pats, and local Australians.

Bookings are essential - click the link to book! [Social Archery Night Tickets](https://ecom.roller.app/archeryattack/overlay/en/product/919981?date=2025-10-07) Want to get fit, try a new skill, and meet new people? Try Arrow Tag! This adults only session is for individuals or small groups who want to try it. This public session is exclusively for adults and will include other players. Come solo to meet new people, or sign up with a friend! Please note that a minimum of 6 players is required for a session to proceed. If 6 players have not been booked by 48 hours before the session, it may be subject to cancellation. We recommend booking with friends to ensure the best Arrow Tag experience! Get ready for 120 minutes of adrenaline-pumping Arrow Tag action! Arrive 15 minutes early to sign waivers and ensure you're ready for a fantastic time filled with laughter and excitement. Here's what to expect on the day: * Arrive 15 minutes early to complete waivers. * Enjoy 30 minutes of induction, equipment setup, and expert training on the archery range. * Immerse yourself in the action for 90 minutes in the arena, alongside fellow adventurous archers. What to bring for an awesome experience: * Wear athletic clothing for maximum comfort and mobility. * Don't forget to bring a clean pair of shoes for safety and agility. * If you wear glasses, while most glasses fit within our masks, bringing contact lenses for added comfort during the game is recommended. Get ready to unleash your inner archer and create unforgettable memories. Let the fun and games begin!

Hey everyone We are putting on an in person OpenShift meetup on Wednesday 25 Feb. Come and join us to hear the latest capabilities for OpenShift 4.21, Roadmap, Virtualisation, GPU, AI & MCP servers and more. Having just returned from Red Hat One in Vegas we have a lot to share of what we have seen happening around the world. Its the usual time starting at 6pm with a 7:30pm finish as well as drinks and pizza! Look forward to seeing you there. OpenShift Meetup team https://www.redhat.com/en/blog/achieve-more-red-hat-openshift-421

**\*\* NEW VENUE \*\*** Room 080.02.002 at RMIT (Building 80) - 445 Swanston St, Melbourne **\*\* NEW VENUE \*\*** **Glitter nail polish vs the Evil Maid, the Story - @hoodiePony** The Evil Maid attack vs the Glitter nail polish tamper evident seal; recommended by many as one of the best defences in detecting tampering. But, what if it isn’t as infallible as we think it is? What if, a real maid could learn and do it without any lengthy specialised training? In this story, we’ll do a speedrun of the techniques used to bypass tamper evident seals and how the previously impossible to bypass Glitter Nail Polish seal was bypassed. It's an introduction to the field of tamper evident seals bypass. **I heard you like CVEs, so I put CVE in your CVE! Speaker: @Snyff (Pentesterlab.com)** Too many people read a CVE to populate a risk register and decide when, or if, they should patch. What’s the fun in that? In this talk, we will do the opposite. We will take the patch diff, understand what it tries to block, then try to bypass it. **Streaming** If you can't attend the event in person the talks will be streamed in the "ruxmon-stream" voice channel in the Ruxcon Discord in the day of the event! (join now by clicking here: [https://discord.gg/g2CpEbkXmM](https://discord.gg/g2CpEbkXmM)

** The Entrepreneur Club – Last Friday of the Month Drinks** **Not your average knock-off drinks.** Join us for a monthly gathering of entrepreneurs, builders, creatives, and self-starters who believe business is more than just work, it’s a personal growth journey. Whether you're scaling something or just starting out, this is a space to meet others who think like you do. ** What to Expect** ✅ Real convos with people building something ✅ A place to bounce ideas, swap challenges, and share wins ✅ Opportunities to give value and get it in return ✅ Chill vibes, no pitches, just smart people in good company You don’t need a title or a polished pitch, just curiosity and the willingness to connect. ** Format** **6:30pm** – Arrive, grab a drink, join a convo **8:30pm** – We wrap, or roll on elsewhere **The Oxford Scholar** We take over a corner of the bar (Back Bar or Atrium), look for the crew with ideas in one hand and a drink in the other. ** This is for you if** * You want more entrepreneurial people in your life * You’re building something, or want to be * You care about growth, not just small talk Bring a question. Bring a challenge. Bring your curiosity. Last Friday of every month. Let’s make it count.

**Event Confirmation Form!** ➡️ We kindly request you fill out this **event confirmation form** to confirm your attendance for the event and your dietary requirements - [https://forms.gle/QwVc4QifPJqfvkd4A](https://forms.gle/QwVc4QifPJqfvkd4A) \-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\- ## **What's On? ** **Panel:** State of Application Security: 2025 Trends, 2026 Strategy **Speakers:** * Jason Liyanage - Application Security Lead, Sportsbet * Louis Nyffenegger - Founder and CEO, PentesterLab * Raafey Khan - Director of Application Security, CyberCX **Abstract:** Application security is evolving faster than ever. This panel brings together practitioners, security leaders, and strategists for a candid look at what shaped AppSec in 2025 and what organizations are prioritizing in 2026. **The discussion will cover:** * **Vulnerability Trends** — What spiked, what persisted, and what caught teams off guard in 2025 * **Emerging Technologies** — New tools and capabilities are reshaping how applications are built, tested, and defended * **What Worked** — Strategies and approaches that genuinely moved the needle for security programs * **What's Next** — Bets organizations are placing bets for 2026, from new toolchains to shifting security culture Whether you're a hands-on practitioner or a security leader, this session offers grounded insights and forward-looking perspectives to help navigate the year ahead. *** *Placeholder abstract — subject to refinement once panelist details and discussion themes are confirmed.* ## **Location** Atlassian Melbourne Queens & Collins Building, Level 20, 100 Queen Street, Melbourne VIC 3000 ## **Agenda ⏰** * 5:30 - Food is served * 6:15 - Session start * 7:30 - Post-event networking \-\-\- Note: Please complete the event confirmation form: [https://forms.gle/QwVc4QifPJqfvkd4A](https://forms.gle/QwVc4QifPJqfvkd4A)

‍Are you studying for the IELTS Exam? Join our IELTS Speaking and Writing Test Practice and Workshop on Friday February 27th, from 12:30 PM to 2:30 PM AEST, in-person at The Multicultural Hub in Melbourne - upstairs in the Yellow Room. Designed to boost your IELTS band score, this workshop offers a comprehensive approach to language proficiency enhancement. In this workshop you will: ✅**Explore Writing Tips and Practice Exam**: Receive expert guidance on writing strategies, engage in targeted exercises to improve writing skills and gain valuable insights into the IELTS writing exam format ✅**Master Speaking Tips with Mock Tests**: Learn effective speaking techniques from your experienced mentor, Meredith Hamilton, participate in mock speaking tests to simulate real exam conditions, and build confidence and fluency in spoken English for the IELTS exam Don't miss this opportunity to elevate your IELTS performance and achieve your desired band score. Register in this event page for the in-person experience or join the workshop virtually via Zoom by contacting the host Meredith.

Missed **Fetch the Flag 2025** but still want to take on the challenges? Join us in Melbourne for a local, in-person Catch the Flag – Catch-Up Session! This meetup is designed for those who couldn’t attend the live virtual event but still want to roll up their sleeves and hack through the challenges together with the local community. **About Fetch the Flag** Hosted by Snyk and NahamSec, Fetch the Flag is a global virtual Capture the Flag (CTF) competition that brings together security enthusiasts from around the world. Following a hugely successful 2025 edition: 2,500+ participants, 93 countries represented, Hands-on challenges for all experience levels, The competition featured 15 practical security challenges across areas such as: Web security, Binary exploitation, Exploitation techniques, And more, Now it’s your chance to experience the challenges locally with fellow Melbourne hackers. \-\-\- **What to Expect at the Melbourne Catch-Up** Work through 15 CTF challenges at your own pace, Collaborate with others or hack solo, Share techniques, hints, and learning moments, Connect with the local security & DevSecOps community, Whether you're new to CTFs or a seasoned player, there’s something here for you. \-\-\- **Prizes** We’ll have gift cards for the winners, so bring your A-game! \-\-\- **Bring Your Team (Optional)** You can: Compete individually, Form a team (up to five members), Or join forces with others on the day, \-\-\- If you’re looking for hands-on security practice, community connection, and a bit of friendly competition — this session is for you.

Smashing! Try something new Interactive workshops - Become the charismatic leader Why is Smashing different to other speaking clubs? Passion!!! 1. **Everyone talks** many times during interactive workshops 2. **FAST LEARNING** 3\. Relaxed and fun **IMPORTANT: Be on time, as doors close at start time** Multicultural Hub, 506 Elizabeth St (Opposite Queen Vic Market) Level 1, RAINBOW ROOM More to come...

Want to be a speaker? submit your talk to our Call for Presenters!!! https://sessionize.com/cbus-hug-2026/

Connected Westerville Night of Networking flips the script on networking, with surprises and connections that'll make you say, "Who knew networking could be this much fun?!"

**Important time note:** Please plan on arriving between 5:30 and 6:00 as the elevators lock after 6 and you'll need to message us and we'll need to come get you. The building address is 4450 Bridge Park The entrance is 6620 Mooney St, Suite 400 You will need to scan your ID at the door to get a visitor badge. **Abstract** *Spec-Driven Development with GitHub Spec-Kit: From Intent to Implementation* Spec-driven development flips the traditional workflow on its head: instead of code being the source of truth, the specification becomes the backbone of design, collaboration, and delivery. In this session, we’ll explore how GitHub Spec-Kit enables teams to treat specifications as first-class artifacts—living documents that drive architecture, implementation, and verification. You’ll learn how Spec-Kit helps teams clearly express intent using structured, version-controlled specs that live alongside code. We’ll walk through a practical workflow that starts with defining system behavior and constraints, then progressively refines those specs into testable, automatable outcomes. Along the way, we’ll show how specs can reduce ambiguity, improve cross-functional collaboration, and make design decisions explicit before a single line of production code is written. This talk will cover: --What spec-driven development is (and what it isn’t) --How GitHub Spec-Kit fits into modern developer workflows --Using specs to align product, engineering, and AI-assisted development --Real-world examples of turning specs into implementations with confidence Whether you’re building greenfield systems, integrating AI into your stack, or trying to reduce costly rework, spec-driven development offers a scalable way to move faster without sacrificing clarity. Attendees will leave with concrete patterns and a clear mental model for adopting GitHub Spec-Kit in their own projects. **YouTube Link** TBA

Our monthly PHP meetup. A virtual shindig courtesy of Zoom. Check back here for the details around 6:15 pm

**In March we will be making protest signs form carboard, paper, thick markers, and more! All supplies are provided, seats are limited! Come As you are, when you can; hope to see you there!**

Private Group. Closed to the Public Knowing ourselves and understanding our abilities is the first step toward wielding our gifts with control and accuracy. In subsequent classes we will verify and hone our talents with activities and discussion. These are hands-on workshops and participation is expected. The goal of our series will be to develop expertise in areas of particular interest such as mediumship, channeling, divination, healing and, etc.. Our ultimate directions will be determined by class members as we evolve. I look forward to sharing and discovering with you. - Cynthia