Hacker Talk

Our Hacker of the episode is "Vickie lii"! Vickie tells us about Bug Bounties, her new book and information security. 

Tune in now!

In this episode we cover:

Background, getting into security

Getting into Bug Bounty 

First Bug bounty 

Hackerone, Bug crowd

Reporting Security Bugs

Coordinating bug bounties  

Life as a bug bounty hunter

Interaction with engineers

Bug bounty bootcamp Book

Security as a hobby

Writing Books

How to hack web applications  

Vickie's favourite types of Vulnerabilities   

Template injection

IDOR

Writers block

Nostarch  

Book Publishing  

Bug bounty tools

Python and Bash   

Make bug bounties more enjoyable 

Portswinger Lab

Finding low hanging fruits  

legal harbor 

Caring about security researchers  

Links:

https://twitter.com/vickieli7   

https://en.wikipedia.org/wiki/Bug_bounty_program

https://vickieli.dev/  

https://portswigger.net/web-security/all-labs   

https://portswigger.net/research/server-side-template-injection

https://www.geeksforgeeks.org/insecure-direct-object-reference-idor-vulnerability/   

https://nostarch.com/bug-bounty-bootcamp

Grab a copy of Vickie's book:

https://www.amazon.com/Bug-Bounty-Bootcamp-Reporting-Vulnerabilities-ebook/dp/B08YK368Y3

In this episode of Hacker Talk, we are joined by the social engineer, windows security ninja, hacker and security researcher Mattias Borg.

Tune is as we get to hear about scam calls and social engineering!

In this episode we cover:

Social Engineering

Micro-expressions

How long can you get with scam calls?

Windows Security Best practices

Dealing with scam callers

Getting more information from scam call center

What happens when people fall for scam callers.

Educating others 

Links:

The Art of Human Hacking

https://en.wikipedia.org/wiki/Christopher_J._Hadnagy

https://twitter.com/MattiasBorg82

https://blog.sec-labs.com/  

https://www.youtube.com/watch?v=YsznWl0Wc4I

https://www.youtube.com/watch?v=1zTsfs4Q6IY  

For feedback and guest suggestions, email:

podcast at firosolutions dot com

Welcome back to Hacker Talk!

This is part two of our conversation with Steven Phillips 

Steven is a really interesting developer, hacker and thinker. I  

personally enjoy reading his blog 

tryingtobeawesome.com where he covers various parts of 

programming, philosophy and software.

Topics:

"Machine Learning" being good or bad   

Security with machine learning

Turning a stop light to a truck  

Algorithms

What type of Artificial intelligence do we need for software   

James Mickens

Generative Pre-trained Transformer 3  

Solving bad human code datasets   

Global code quality  

How do we write good code?  

The progress of software 

how good Structured Query Language is  

Secure codebase's 

Pseudorandom 

Clojure

Python 

Golang

Vlang

Designing

The ethical source movement 

Code Licenses

Internet Privacy

End-to-end encryption

Podman

Browser Extensions

Reaching the largest userbase for software  

Web assembly  

The onion router | Tor user adoption 

AI-Powered Super Hackers are a real threat  

and a lot more on Hacker Talk!

Links:

https://en.wikipedia.org/wiki/James_Mickens

https://en.wikipedia.org/wiki/GPT-3  

https://en.wikipedia.org/wiki/SQL

https://en.wikipedia.org/wiki/Clojure   

https://effective.af/

https://firstdonoharm.dev/

https://www.torproject.org/   

https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit  

https://en.wikipedia.org/wiki/Go_(game)  

View part one here:

https://anchor.fm/hacker-talk/episodes/Programmable-Philosophy-with-Steve-Phillips---Part-1-e1ju6b3

Hackers on Plant Earth - Hope with Mitch Altman and Greg Newby

Hackers on Planet Earth(HOPE), is a biannual volunteer-driven hacker conference that got started in 1994. On the hacking and phone phreaking's magazine 2600 10th anniversary. In this episode of Hacker Talk, we are joined by two hackers that are behind the curtain at the HOPE conference.  

Greg Newby and Mitch Altman are both two impressive Hackers, helping the  

HOPE conference be the amazing hacking conference it is today.   

In this episode we cover:  

How Hope has evolved during the years  

Greg and Mitch's journey's into the hacking mindset   

Problems with big pharma and the importance of biohacking  

HOPE moving location from Hotel Pennsylvania to Saint John's University     

Hackerspaces   

exploring technology   

Phone phreaking   

Life-changing events at HOPE   

Demoscene with original hardware from the 1980'ies at HOPE    

Making 8-bit generated art and music      

Running a physical hacker conference      

Hidden gems at HOPE   

How can you can run your own conference   

Logistics behind the HOPE conference   

Links:  

https://hope.net/      

https://petascale.org/   

https://en.wikipedia.org/wiki/Mitch_Altman    

https://2600.com   

https://archive.org/details/HOPE-3-The_Hacker_s_Code   

https://en.wikipedia.org/wiki/Demoscene    

https://en.wikipedia.org/wiki/Hackers_on_Planet_Earth  

The Hacker Talk team will be at May Contain Hackers which will take place   

in the Netherlands at the same time as the HOPE conference. Find us   

for some stickers and Hacker Talk swag!

Steve Phillips, is an interesting developer, privacy advocate, hacker and thinker.

Tune into this episode of Hacker Talk as we are joined by Steve Phillips in this Programmable Philosophy special.

In this episode we cover:  

Steve's journey into technology  

Being able to build and utilize tools

Cypherpunk

Privacy, Encryption

Philosophy with programming

Proving philosophical theories with programming

Python, Django

Paul gram

Putting the technologist first in companies

Combining programming with entrepreneurship

Going from utilizing one computer core to multithreading 

Clojure lisp, using all the libraries from lisp and java.  

Static typing 

Golang in 2010, From the one-year anniversary to hacker news. Golang's history.  

go fix - Automatically rewriting code for new API calls and dependencies.  

Creating software that lasts forever, making it easy for developers to upgrade old versions. Make standards that the code will use to   

automatically upgrade the old code, and avoid breaking core functionality. 

Dependency management

Long build times

V programming language 

Fast compile times in V and Go.  

Green threads, go routines. Efficient concurrency with low overhead.    

Small runtime languages.  

Designing encrypted protocols, threat models.  

Use libsodium

LeapChat secure chat   

Securing a large number of people  

End-to-end encryption with web applications, not trusting the middleman

Trusted service workers in modern browsers, preinstall javascript.  Detecting malicious new versions of javascript code.   

Web assembly, practical use-cases for web assembly. Allowing users to run precompiled binaries on any platform in a browser.   

How Web assembly run's in a very low overhead sandbox.  

Docker will be replaced by podman 

How docker is not the silver bullet for security, alternatives to it.  

Trusted microservices environments.  

Privilege separation  

web assembly nano process model

No need to trust the libraries that you use.  

Sandboxing, Electrum apps. 

Running C++ 20% slower with web assembly.  

Shopify's and Cloudflare's use of web assembly

Nomad, Kubernetes is too complex

Docker daemon

Links:

https://tryingtobeawesome.com

https://www.goodreads.com/book/show/16153182-cypherpunks   

http://www.executablephilosophy.org/

https://en.wikipedia.org/wiki/Paul_Graham_(programmer)  

https://www.djangoproject.com/

https://clojure.org/guides/learn/sequential_colls

https://www.educative.io/answers/what-is-a-goroutine

https://vlang.io/   

https://www.leapchat.org/    

https://doc.libsodium.org/     

https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API   

https://webassembly.org/docs/security/  

https://www.nomadproject.io/  

https://podman.io/   

This episode is the first time the authors of the book: Black Hat Python. In today's episode of Hacker Talk Justin Seitz and Tim Arnold joins us on the show and we get to hear Tim and Justin stories about Python, Hacking and a lot more!

In this episode we cover:

Journey into hacking and technology

Finding like-minded people, dopamine kicks

Infosec community

CackalackyCon

Issa 

https://en.wikipedia.org/wiki/Information_Systems_Security_Association

Tinkering 

Python

Creating IT-security python courses 

From Twitter to Nostarch

Exploits for Windows 10 and 64bit machines

Favorite python libraries, Lxml, requests

Syscalls with PyPledge, visualizing packet analysis with scapy

Programming, Microsoft basic, PHP, vb6, 

the future with golang

Virtual environments in python

Workflow for programming

Visual code studio, Microsoft turning good

Wingware

Wingide with immunity debugger

Hunchly's daily dark web report

Archive.is to archive .onion sites

Onionscan

Fresh onions

Modern exploit and zeroday writing

Ms08067 exploit

How to write books

Best practices for writing

Buckle in for a great episode of Hacker Talk! Pavol Luptak, CEO of Nethemba joins us, and

walks us through the vulnerabilities that were found in Slovakia's covid-19  PCR and anti-gen authority.

Tune into the most technical and detailed covid-19 hacking episode, right here on Hacker Talk.

In this episode we cover:

Pavol's journey into it-security

old-school Unix

privilege escalation attacks

Traditional C and Assembly, shellcodes

Becoming a penetration tester

Rfid

Finding vulnerabilities in parking system, parking in Bratislava for free

Hacking Slovakia's covid-19 systems

extracting PCR and anti-gen covid-19 tests for all Slovakian citizens.

Finding vulnerabilities in PCR test authorities.

enumeration attacks.

Slovakian eHranica forms.

Generating birthdate number.

Finding birthdates on Facebook and Wikipedia

Leveraging different parts of the systems to make them work together

Impersonation attacks

OWASP Web Security Testing Guide

Cracking Captcha's

Rate limiting requests

Security mitigations that you can user

Central European Bug Bounty programs

Hacktrophy

Best practices for bug bounties for enterprises

How to get started with penetration testing

The new smart contract security field

Personal number generation script:

#!/bin/bash

for (( year=54; year < 100; year++)));

to

for (( month=1; month < 13; month++)));

to

for (( day=1; day < 32; day++)));

to

for (( suffix=0; suffix < 10000; suffix++))

to

final=$(( $year*100000000+$month*1000000+$day*10000+$suffix ));

if (( final % 11 == 0 )); then printf "%010d\n" $final;

fi

done

done

done

done

External Links:

https://nethemba.com/possibility-of-widespread-leak-and-misuse-of-eu-vaccination-certificates/

https://nethemba.com/kriticka-zranitelnost-v-aplikacii-moje-ezdravie-unik-databazy-pacientov-testovanych-na-covid-19/

https://slides.com/nethemba/how-trivial-critical-vulnerabilities-can-lead-to-a-complete-leak-of-sensitive-covid-19-data-on-all-citizens-of-the-country

https://spectator.sme.sk/c/22722505/serious-flaw-in-ehranica-form-attackers-able-to-send-people-into-self-isolation.html

https://wilderko.medium.com/

https://owasp.org/www-project-web-security-testing-guide/

https://nginx.org/

https://docs.nginx.com/nginx-waf/

https://en.wikipedia.org/wiki/Cloudflare

https://hacktrophy.com/en/

https://nethemba.com/resources/ehranice-critical-vulnerabilities.pdf

David Jacoby, is a Swedish Hacker, Professional Penetration tester, Security Researcher, featured in the Swedish it-security show called "Hackad" and our guest of honor today!

In this episode of Hacker Talk, we are joined by the Swedish hacker David Jacoby!

Have you ever watched a video on your phone in your spare time? what if the site had a malicious javascript that will scan your internal   

network for smart devices and then trigger a remote code execution? 

Join us as we deep dive into IT-Security, get to hear how David got into hacking, and a lot more!

Topics we covered:

Phone Phreaking in Sweden

Software security

David's journey into hacking  

Privilege escalations on older systems

Linux system administration

Bulletin board system

Running bbs systems at home through a raspberry pi

Making security stronger and helping people  

Password reuse

Säkerhet och sekretess Magazine

Red team penetration testing

How to motivate your organization to implement a security program   

Attacking consumer devices, hacking smart devices at home

Scanning internal networks without a shell using a javascript scanner in the client's browser    

Hacking internal devices such as Network Attached Storage devices.   

enumerating networks and scanning with javascript

Consumer devices lifespan, testing certifications, best practices for vendors   

Submitting security vulnerabilities

Hack.se, the Swedish hacking scene, and background   

Favorite Pentesting tools, netcat openbsd version  

Network segmentation

Bad common patterns for enterprise networks  

Stealing paste buffers   

Securing society at a large scale    

The future of information technology security  

External Links:   

https://www.imdb.com/title/tt15746988/    

https://en.wikipedia.org/wiki/Bulletin_board_system   

https://www.youtube.com/watch?v=GQpQHqIKE5E  

https://www.youtube.com/watch?v=_0hXeNRGetg   

https://se.linkedin.com/in/djacoby   

https://www.davidjacoby.se/   

https://nmap.org/ncat/    

https://man.openbsd.org/nc  

https://www.trustedsec.com/tools/crackmapexec/   

https://www.hypr.com/password-reuse/   

https://en.wikipedia.org/wiki/Internet_Relay_Chat  

Ben Kurtz - Golang Malware part 2 

Topics covered:

Golang

Hells gate, direct system calls on windows

How system calls are normally done in windows, Windows Kernel

Evading anti malware detection on Windows with Banana Phone

How to get started writing c2's in golang.  

Sliver, Opensource golang command and control. 

Red team mindset   

Evolution of programmers, bad patterns   

CVE's, common vulnerability enumeration number  

Auditing source code   

Javascript frameworks  

Cross site scripting, SQL injection and XXE(Xml External Entity) for scanning internal networks and exfiltrating data.   

Building secure code bases   

Security Engineers    

Supervisory control and data acquisition (SCADA)   

log4j  

Remote of execution and directory traversal in Java, Java's file constructor, LDAP and DirContext     

Golang for micro services   

Python 

Common bad patterns 

LDAP injection  

Modern security nightmares    

Remote debug protocols    

String concatenation   

Resistance to current modern implementation and safer framework.  

Finding bugs in games that can be used to attack power-plants.     

Dependency management     

Backdoor factory  

Bettercap  

Man in the middle  

Spoofing BGP  

BGP hijacks

Links:  

https://github.com/Binject  

https://github.com/C-Sto/BananaPhone  

https://github.com/BishopFox/sliver    

https://cve.mitre.org/

https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing   

https://www.youtube.com/watch?v=FkuUpg5FO2g    

https://en.wikipedia.org/wiki/SCADA  

https://en.wikipedia.org/wiki/Log4j   

https://www.coding-bootcamps.com/blog/build-containerized-applications-with-golang-on-kubernetes.html   

https://docs.oracle.com/javase/8/docs/api/index.html?javax/naming/directory/DirContext.html   

https://apache.org/foundation/foundation-projects.html  

https://docs.oracle.com/javase/8/docs/api/index.html?javax/management/JMX.html   

https://en.wikipedia.org/wiki/Java_Debug_Wire_Protocol   

https://www.freecodecamp.org/news/big-o-notation-why-it-matters-and-why-it-doesnt-1674cfa8a23c/  

https://github.com/bettercap/bettercap   

https://www.bettercap.org/  

https://bgpmon.net/   

https://en.wikipedia.org/wiki/BGP_hijacking  

https://labs.ripe.net/author/vastur/bgplay-integrated-in-ripestat/    

https://www.symbolcrash.com/podcast/   

https://www.youtube.com/symbolcrash   

Ben Kurtz, is an interesting hacker that has been involved in the infosec space for over 20 years.  He has done a large chunk of research into writing malware and post-exploitation tools in the Golang programming language. 

Tune into this episode of Hacker Talk as we are joined by Ben Kurtz and deep dive into Golang Malware.

In this episode of Hacker Talk, we cover the following topics:

Getting into programming, apple 2, hacking, bulletin board systems, 

pirating apple 2 software

unix security, shadow and files in the /etc/ folder    

evolution of network security since 1994

first talk at DEFCON,

life as a developer

LISP

Dan Kaminsky, recruited as a professional hacker 

Learning different programming languages

Learning pascal in a basement  

Functional programming, constraint solver  

Getting into the Golang flow.  

Plan-9 redoing C++

Getting into Golang malware

encrypted mesh network

Ratnet

Iran shutting down tls connections

Internet Censorship 

Code audits

Writing malware in different languages

V programming language

Nym programming language

dild, dynamic loading library in OSX

parsing memory in golang

process execution block

loading windows syscall's

evading anti-malware systems

hells gate, direct windows system calls

Network traffic obfuscation

online communities that have been running for a long time, Second Life  

Offline mesh network  

Red team penetration

Write your own malware implant as a penetration tester.     

Obfuscating malware traffic   

writing malware  

Sliver, opensource version of cobalt strike, Command and Control Server   

testing malware 

setting up a test environment     

Penetration testing as a Red Team.   

Golang Antivirus/EDR evasion   

Enterprise network monitoring    

Shellcode loaders in pure golang    

Rewriting the backdoor factory in golang.

Obfuscating binaries with the custom golang debug library 

Parsing executables from memory(RAM)

universal system binary loader without touching disk

Links:    

https://www.hack-the-planet.net/   

https://github.com/awgh    

https://github.com/Binject   

https://github.com/Binject/go-donut       

https://github.com/C-Sto/BananaPhone/

https://www.symbolcrash.com/wp-content/uploads/2019/02/Authenticode_PE-1.pdf

https://www.cyberbit.com/blog/endpoint-security/malware-mitigation-when-direct-system-calls-are-used/

https://github.com/boku7/HellsGatePPID

https://teamhydra.blog/2020/09/18/implementing-direct-syscalls-using-hells-gate/  

https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf   

https://2600.com/

https://en.wikipedia.org/wiki/Bulletin_board_system  

https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs   

https://go.dev/

https://go.dev/doc/effective_go   

https://github.com/awgh/ratnet   

https://github.com/BishopFox/sliver  

https://www.youtube.com/watch?v=3RQb05ITSyk  | Golang Malware defcon talk 

https://vlang.io/    

https://vlang.io/compare   

https://en.wikipedia.org/wiki/Nim_(programming_language)  

https://github.com/vyrus001/go-mimikatz   

https://github.com/vyrus001/go-mimikatz/blob/master/packer/packer.go   

Dan Demeter, well-known security researcher in the Romanian information-security space. 

In 2014, Dan joined Kaspersky as a malware Security researcher, since then he has worked with various advanced anti-malware solutions and  

is currently working with Threat Intelligence in Kaspersky's Global Research and Analysis Team.

In this episode of Hacker talk, we deep dive into malware, threat intelligence, advanced persistent threats, security and defensive security with Dan. 

Topics covered in this episode:

Getting into infosec

Romania in the early personal internet space, connecting rj45 network cables to potatoes 

milw0rm, Bugtraq mailing list, backtrack, hell bond hackers 

Capture the flag(CTF) competitions

Internet café

Threat intelligence

Security research

Kaspersky

Advanced persistence threats, what is an advanced persistence threat? 

Finding advanced malware in the wild.

Threat levels for individuals

Threat modeling

Enterprise and consumer malware

Antivirus programs

targeted malware

malware for crypto-currency projects

finding advanced malware as a threat intelligence researcher

bypassing advanced malware checks

Reverse engineering malware

ollydbg, NSA decompiler

Malware obfuscation techniques

yara rules 

wrapping malware with VM protect

Post exploitation

malware stages

Lazarus Malware, Bangladesh Cyber Bank Heist

Malware on sim-cards

Using satalite ip addresses

reporting malicious command and control servers 

malware campaigns spreading in Romania  

phishing and identity theft

Bring your own device policy

Stay safe working from home  

Best ways to protect yourself online  

Writing malware signatures and writing yara rules

malware similarity engines

Links:

https://hackthissite.org/

https://hbh.sh/home   

https://en.wikipedia.org/wiki/Bugtraq   

https://en.wikipedia.org/wiki/BackTrack   

https://cnc-central.fandom.com/wiki/Command_%26_Conquer:_Red_Alert_-_Remastered   

https://securelist.com/

https://securityespresso.org/   

https://www.kaspersky.com/   

https://twitter.com/kaspersky  

https://twitter.com/_xdanx

https://en.wikipedia.org/wiki/OllyDbg  

https://hex-rays.com/IDA-pro/   

https://ghidra-sre.org/  

https://vmpsoft.com/   

https://github.com/ParrotSec/mimikatz   

https://en.wikipedia.org/wiki/Lazarus_Group  

https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery   

https://www.kaspersky.com/cyber-crime-lazarus-swift   

https://www.kaspersky.com/about/press-releases/2021_security-analyst-summit-back-online-on-september-28-29   

https://securelist.com/equation-group-from-houston-with-love/68877/  

https://securelist.com/satellite-turla-apt-command-and-control-in-the-sky/72081/  

https://www.nbcnews.com/tech/security/facebook-sues-israel-s-nso-group-over-alleged-whatsapp-hack-n1073511  

https://en.wikipedia.org/wiki/Regular_expression

https://github.com/VirusTotal/yara

https://github.com/neo23x0  

https://www.tripwire.com/state-of-security/featured/operation-shadowhammer-hackers-planted-malware-code-video-games/   

https://en.wikipedia.org/wiki/Red_October_%28malware%29