Our goal is to increase awareness of physical, social, and electronic security. Our club participates in various security competitions, hosts demos and workshops, and invites speakers to come and share some of their real world experiences. All majors are welcome to join and participate.
Want to get connected? Join our discord channel!
Hashdump officer Adam Smith will be giving a presentation on the exploits, security best practices, and pros/cons of virtual machines and containers.
Here comes the ever popular lock picking session, but this time we will get into lock impressioning and general key cutting with Ben Say. (Bring tubular lock picks you have any)
Noah Cain will be giving a demonstration on how to exploit and gain root access to a virtual machine!
We asked a fair amount of students… name a better way to spend Halloween Eve than playing Cyber Feud! Teams will compete to find out how fellow CSU students answered questions about cybersecurity. There will also be a cybersecurity costume contest – low effort is encouraged!
Day three of the RMCCDC practice. The Red and Blue team get to put what they learned into action.RMCCDC
Hashdump Officer Bruce will be giving a presentation on SQL injections and buffer overflows. Bring your laptops!
Hashdump Officer Addie will be giving a presentation on Wireshark. We will be meeting in the fish lab. CSB 325
Join us for our first workshop! We will be building Kali Live USBs so that you can carry all of the security tools you need on your keychain.Instructions
Did you know you can hide data in pictures? Hashdump Officer Addie will be leading us through a steganography challenge.Instructions
Hashdump Officer Sus will be showing us how to secure a website.
CSU is pushing cyber. Come listen to Jarret Flack talk about some of the security classes currently offered and some of the opportunities coming in the near future.
Vice president of Engineering at Secure 64, Amanda Constant, will be giving a talk about how Secure64 protects its clients.
Join us for our second workshop where we will be programming Rubber Duckies that you get to take home with you.Hackernoon Instructions
Join us as we walk through the Google Beginners Quest CTF. We will also be watching some Def Con talks and having officer elections.Google CTF
Join us for our end of the year party! We'll have food, fun, and jeopardy.
Join us for the first Hashdump meeting of the semester! We'll kick things off with short officer introductions, and then play a game of Google's Beginner Quest CTF to give you a taste of what the club is all about. Bring a computer (or a friend with one!), and take note of the links below so you can follow along during the meeting.Google CTF
This meeting took place on 2019/09/03
What a great first meeting! We started off by introducing our new officers for the 19-20 academic year. There was also a brief discussion about future meeting topics. We then enjoyed a presentation by our own Jared Crouse who walked us through the Google Beginners Quest CTF. He showed how to use some simple techniques to work through the first two quests.
Join us to learn about one of the Internet's greatest unsolved mysteries, Cicada 3301. Pizza will be provided!
This meeting took place on 2019/09/10
Another great meeting this week! We started by discussing a variety of security events in the news. Pizza was then provided and we enjoyed watching the first two parts (of four) of the Cicada 3301 documentary on YouTube, which talked about what Cicada 3301 is, the context behind it, the people involved in it, and some of the puzzles it contains.
Hashdump Officer Pierce will be giving a short presentation on some basics of encryption, cryptography, and steganography. There will be activities, so be sure to bring a laptop!Online AES encryptor/decryptor
This meeting took place on 2019/09/17
Caesar and substitution and block oh my! This meeting started in Kansas with some basic ciphers and the next thing we knew, Pierce the tornado had transported us to munchkin-land. There were advanced encryption standards, RC4 streams, secret steganography images and more. By the end of the meeting we were clicking our ruby MD5 hashes together getting ready to go home. Ugh, are you tired of this pun yet? In short, it was a great meeting headed up with a stellar presentation by Pierce Smith. Come check out our next meeting, it will be better than our tired puns we promise!
Hashdump Officer Griffin will be intoducing us to and letting us play with the Damn Vulnerable Web App, an intentionally vulnerable PHP/MySQL web application made for safe penetration testing! We'll have pizza for you to enjoy as you test and grow your (ethical) hacker skills.
Hashdump Officer Addie will be demonstrating some uses of Wireshark, a very powerful, widely-used network analysis tool. Be sure to bring a computer, as you'll have the opportunity to experiment with this software firsthand!
This meeting took place on 2019/10/01
Addie hosted a great meeting this week! It turns out that even those who did not have wireshark installed on their machines were able to follow along with her halloween themed packet capture demonstration with Cloudshark. There was spooky jack-o-lantern ASCII art and clips from the Charlie Brown Halloween special to be found, among other things. Not only was this meeting educational, it got everyone ready for the upcoming season!
This meeting took place on 2019/10/08
Our first ever game night was a great success! After scarfing the pizza down we had fun playing classic video game emulators and hacking themed board and card games. Over the sounds of an intense game of Street Fighter 2 on Super Nintendo one could hear the wheelings and dealings in the distant land of Catan. I'll trade you two wheat for a sheep!
Image was edited from original by Tobias Grothmann - Generalprobe No Input Ensemble & 2xC, CC BY 2.5, https://commons.wikimedia.org/w/index.php?curid=36644104
Think you can Hack this Box? Hashdump Officer Addie will be letting us loose on a series of a pentesting challenges hosted by Hack the Box, which will test your skills and expand your cyber-defense knowledge. Bring your favorite laptop and/or computer-equipped buddy!HTB Landing Page
Kali Linux is a household name in the world of cybersecurity, and for good reason. Bring your laptops and you'll have a chance to try this ethical hacking and pentesting-focused Linux distro on your own computer via a Live USB provided by us! Or at least bring an appetite for free pizza, since we've got that too!Instructions
This meeting took place on 2019/10/22
Not only was the pizza delicious but the free flash drives were the icing on the cake! Jared gave us a demonstration on creating a bootable flash drive with the Kali Linux OS on it. Not only that, he showed us how to create a persistent encrypted partition on the flash drive. This enabled us to save files privately in a way that they are always accessible when Kali is booted up. Great meeting, hope to see you all at the next one!
The fantastic Dr. Gersch will be enlightening us all on the wonders and dangers of a fast-approaching technological breakthrough - quantum computing. Learn about what it is and how it threatens to change our perception of cybersecurity while you enjoy some complimentary free pizza!Presentation Slides
This meeting took place on 2019/11/05
Dr. Gersch gave a very informative presentation this week on quantum computing. Quantum physics, superposition, qbits, encryption algorithms and more were presented in an easy to follow exploration of the topics and what they mean in relation to cybersecurity. We were lucky enough to have him provide a copy of his slide deck for us. Be sure to check out the links he left on slide 18 for further information!
Photograph of the D-Wave TwoX 1000 Qbit quantum annealing processor chip. Mwjohnson0 [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)] (link)
Be careful! This innocuous flash-drive-looking thing is actually a keystroke injection tool that can do a whole number of malicious things to any unsuspecting machine. How does it work? What can you use it for? Does it even work? We'll find out together in this workshop.Hackernoon Instructions
Image by gaetanlee [CC BY 2.0 (https://creativecommons.org/licenses/by/2.0)] (link)
Enjoy complimentary pizza while you listen to our Jordan Peterson rant about passwords, from best practices for users to the cracking tehcniques you can use to break them!Presentation Slides
RFID is everywhere, from your credit cards to your passports and even your pets. This meeting will show firsthand what security concerns our use of RFID creates, and whether or not you want to gather all of your RFID-enabled items and throw them into Mount Doom (spoiler: you probably don't).Raspberry Pi RFID Reader Tutorial
Image © Raimond Spekking / CC BY-SA 4.0 (via Wikimedia Commons) (link)
It's the end of the year, so you know what that means - cyber party! Eat pizza, play SNES games, and just generally do nothing important for the next hour or so.
We're back! Join us for a quick officer re-introduction and another go at Google's wonderful Beginner's Quest CTF. Don't forget your computer (hacking is difficult on a phone)!Google CTF
Phishing is one of the most common and notorious examples of social engineering. In this presentation, Hashdump Officers Addie and Pierce will be showing off the techniques, both sophisticated and crude, that these cyber-anglers use to reel in their targets. Was that password reset email really from your bank? Are you really on the Hashdump website right now?
Image was edited together from Douthat Fishing by vastateparksstaff [CC BY (https://creativecommons.org/licenses/by/2.0)] (link) and Example of Domain Slamming phishing email by Noloader [CC BY-SA (https://creativecommons.org/licenses/by-sa/3.0)] (link)
Ever wanted your own vulnerable web server to practice techniques like SQL injection and XSS? No? Too bad! Hashdump Officer Griffin will be showing us how to set up this intentionally poorly-designed web application and walking us through some simple exploits you can use to pwn it. For real this time, we promise.
The best way to achieve security online is to unplug your computer from the Internet. But what if you don't want to do that? Hashdump Officer Gus will be showing us some generally-applicable tips to stay safe while surfing the net without needing to toss your laptop and/or desktop machine into a dumpster fire.
Want to get involved with Capture the Flag? Vitamin G, a CTF team here at CSU, will be dropping by to give a presentation on what CTFs are and some simple-to-difficult puzzles they've faced in actual CTFs - as well as extending their memebership to those who'd like to join in the quest to defeat these cybersecurity challenges.Presentation Slides
Do you feel safe driving down the road in your sixteen-wheeler semi? Well you shouldn't! CSU's own Dr. Jeremy Daily will by stopping by the Hashdump meeting room to introduce the physical and cyber aspects of securing heavy vehicles from theft and vandalism. Never again will your dense slab not be on lockdown. Pizza will be provided!
In this meeting, fellow CSU cybersecurity enthusiasts Kryptsec will be stopping by to give a guest presentation! This one will be all about wireshark; how to use it effectively and all of the wonderful/terrifying things it is capable of. Drop by and learn how to hone your digital forensic skills!
For our glorius return to meetings, Hashdump Officer Casey will be introducing us to an exciting new family of malware that takes advantage of exploits in the HTTP/2 protocol. Remember not to show up to the CSB! Join us on Slack instead to hang out with us and see his video presentation at a CDC-approved distance.
Hashdump Officers Addie and Griffin will be demonstrating some CTF puzzles they recently tackled with Vitamin G. Come join us on our shiny new Discord server for the presentation. Hope to see you there!
Kali Linux is loved by pentesters, CTF participants, and general security enthusiasts alike for its diverse and powerful range of tools. But there are so many of them! What are they for? How can we use them? Will any of them help me make the perfect mac-n-cheese? We will attempt to answer at least two of those questions in this meeting! Come on by our Discord server to participate.
Hashdump is back! Join us for a quick re-introductory meeting, where we briefly discuss the club and go over a few simple hack the box challenges... as well as try some ourselves!
Virtual machines are common and useful tools in all areas of comptuer science - but especially cybersecurity, since they aid greatly in everything from analysis to research to experimentation. At this meeting we will walk through how to set up your very own security-focused virutal machine, running either Kali or Parrot Linux (whic you may even use in future meetings!) Be sure to follow the links below to download the setup files for Parrot or Kali Linux before the meeting.Parrot ISO Direct Download
Join us for a discussion about deepfakes - what they are, their ethical implications, and how we can use technology to both create and possibly detect them. Later in the meeting, we will be holding officer elections, so if you'd like to help take the reins of the club and steer its future, please apply! (More detailed information on this soon)
Neural net filters image by Cecbur / CC BY-SA (https://creativecommons.org/licenses/by-sa/4.0)
This meeting took place on 2020/10/01
Pierce showcased a variety of malware, and its effects on computers. We mostly looked at older malware since the effects are a little easier to see. We went over some network worms (Klez, Nimda, Sality, Swen) that disguise themself and spread over e-mail or a networks shared files, and some ransomware (Petya and WannaCry) that encrypts your entire computer! All you needed to get your files back was a measly $300 in bitcoin. The meeting was educational and it was quite entertaining to see malware in action. See you next week!
EFF-Graphics / CC BY 3.0 US (https://creativecommons.org/licenses/by/3.0/us/deed.en)
This meeting took place on 2020/10/08
Britta showcased a simulation created by IBM to understand the processes that happen once a cybersecurity breach has occurred. The simulation is a gamified version of a simulation used to train IBM employees how to react to certain situations if they were to happen on the job. If you’d like to check it out yourself, visit https://www.ibm.com/security/digital-assets/cybersecurity-ops/terminal/. We also briefly talked about the Rocky Mountain Collegiate College Competition (RMCCDC). If you are interested in participating, reach out to the club for more information! Message @Jacc
Viscovery, IBM, Amazon / Public domain
This meeting took place on 2020/10/15
Hashdump president Pierce went into detail about password security. In this presentation, we covered a few sub topics of password security. We covered how websites stores passwords using techniques like hashing and salting, we talked about good and bad password habits and why those specific habits make a good or a bad password. We talked about the most effective passwords, and how using a password manager to balance convenience and security can save your information. Finally, we touched on the significance of multi factor authentication.
We will be watching the Youtube channel Great Big Story's documentary on the organization 3301's Cicada challenge.
This meeting took place on 2020/10/29
This week we talked about social engineering! In this meeting we went over the basic principles of social engineering, as well as the 10 most common examples of social engineering attacks. We focused on phishing attacks, and after learning about what they are we constructed our own phishing e-mails and sent them out to the other members of the club. This allowed us to get in the mind of these attackers, and learn what to look out for when we receive suspicious e-mails
AntanO, CC BY-SA 4.0
For this meeting we will be using Wireshark to find pumpkins hidden within a pcap file
Hashdump Treasurer Enzo Barret will be giving a presentation on Google's Kubernetes software and Docker security
This meeting took place on 2020/11/12
Enzo gave us a crash course on Kubernetes and Dockers. We started with the basics, building our way up from single docker images into clusters. Through live demonstrations, we learned what a docker image really is and how it works. After understanding the fundamentals, we went into some of the processes involved in securing dockers, as well as some applications that will streamline the security process. These applications are used by large companies, so it was very applicable to real situations.
Hashdump President Pierce Smith will be demonstrating methods for recovering deleted data from disk images
As the semester winds down so will we, for this meeting we will simply be playing Jackbox party games
For this meeting we will have a guest speaker from GitHub, Software Engineer Robert Reichel, talking about Threat Modeling.
Welcome back! For this meeting we will go through introductory slides, followed by a DEF CON talk on airplane/drone cybersecurity.
For this meeting, Hashdump President Pierce Smith will be demonstrating exploits against the Damn Vulnerable Web Application (DVWA)
For this meeting, We will be playing the Bandit wargame.site
For this meeting, Hashdump Secretary Jack Soveriegn will be giving a presentation on AI in the context of cybersecurity.
mikemacmarketing, CC BY 2.0
For this meeting, We will be playing the 24/7 CTF.Virtual Box
For this meeting, we will be playing Jeopardy and Scribbl.io, featuring topics surrounding cybersecurity.
For this meeting, we will be playing the Natas Wargame, from the same creators as SSH Bandit, this wargame focuses on serverside web-security.Over the Wire: Natas
The National Archives (UK), CC BY 3.0
For this meeting, we will be playing Family Feud, featuring topics surrounding cybersecurity.
For our first meeting this semester, we will discuss what the club will look like this year and demonstrate a few CTF challenges!
For this meeting, we will watch a DEF CON video on tamper evident devices!
For this meeting, we will assign participants roles in a fictional company and play out various responses to 6 different cyberthreats.
Hashdump Officer Enzo will give a presentation on virtual machines and lead attendees in downloading / using their own.Virtual Box
For this meeting, we will make accounts for TryHackMe and run through several of their challenges!
As a special presentation for Cybersecurity Awareness Month, Hashdump President Jack will be giving a presentation on social engineering! There will be pizza and a competition to (ethically) phish other participants.
Guest speaker Jeff Dean from Upslope.io will be joining us to talk about adding security to your CI/CD pipeline, kubernetes hardening, and other OWASP development security concerns.
In an effort to promote everyone surviving their midterms, we will be hosting a pizza / game night!
Hashdump Officer Enzo will be running a demo on how to secure Linux servers! There will be DigitalOcean Debian servers set up for attendees to secure.
The regular Hashdump meeting has been cancelled for this week to allow for the CyberForce competition team to prepare.
The one and only Dr. Gersch will be giving a presentation on using DNS to write secure code.
Guest speaker Jeff Dean will be returning to give a workshop on Kubernetes!
For our last meeting of the semester, we will be having a pizza / game night!
Welcome back! For our first meeting of the new semester, we'll do a brief club introduction before trying out some simple CTF challenges.
Hashdump president Jack will be going over several features of Kali Linux, including the (usually legal) nmap, metasploit, and hydra tools.
We will be watching a documentary about Cicada 3301, an alleged organization that published 3 cybersecurity puzzles several years ago. There will be free pizza / soda!
For this meeting, we'll be doing an online CTF competition! After going through several challenges together, we will split into teams to compete for a very high-quality and not-cheap prize.Over the Wire: Natas
We will be engaging in a standard Hashdump midterm game night. There will be free pizza!
The fantastic Dr. Gersch will be giving a presentation on the basics of quantum computing.
Hashdump is joining with ACM-W to interview professors while they attempt to eat progessively hotter wings! There will be free pizza and drinks provided.
This week we will be discussing some of the math involved in common cryptography, including some quantum-resistant algorithms!
This week Jack will be doing a live malware demo! Whether the malware will escape and take over the entire university remains to be seen.
This week we will be doing a brief introduction of officer duties in preparation for the coming election followed by a talk on hacking ATMS. There will be free pizza!.
See you next week for a game night and officer elections!
Join us for Hashdump's first meeting of the 2022 Fall semester! We will discuss what activities you can look forward to in the coming weeks as well as demoing CTF challenges!
This week Hashdump president Enzo Barrett will be showing useful Unix commands, a subject not usually taught in school but defintely useful!
PricewaterhouseCoopers, or PwC is the second largest provider of professional services in the world! They manage and provide services such as auditing, accounting and human resources for various industries such as insurance or aerospace. Join us for their presentation of how they manage all of this from a cybersecurity standpoint!
We will be exploring several examples of tamper evident devices and their use in and out of cybersecurity.
Plante Moran is an auditing, tax, and business management firm, and their security professionals are here to show how they keep that all secure!
Multi factor authentication is becomming more commonplace for online accounts and has been established internally at almost every company that prioritizes security. How does it work and how can it be effectively implemented?
HP will be giving a presentation and holding a panel for all things general technology and security focused topics!
A representative from Ratheon will be holding a presentation behind the security and defense of their technology and instrastructure.
Join us for Hashdump game night to play a variety of board, card, and other weird games!
Dr. Gersch will be giving a presentation about Blockchain, don't miss it!
We will be exploring the math behind cryptography and cybersecurity with Hashdump vice president Chloe.
Welcome to the Spring semester! We will be hosting a game night in CSB 130!
Hashdump officer Britta will be introducing CTFs, or Capture the Flag Challenges!
Treasurer Eric Martin demos the 'Rubby Ducky', a USB stick that acts like a keyboard.
In this meeting our great friends at Women in Cyber Security take professional headshots. All are welcome!
Guest speaker Chris Ellis from Raytheon gives a talk about networking, protocol reversing, and Wireshark!
Join us in this joint meeting with ACM and ACM-W for a panel of professors answering CS-type questions - all while eating increasingly hotter wings.
In this presentation, Vice President Chloe Hesskamp gave a talk on Post Quantum Cryptography, which is the super interesting math behind cryptography algorithms and how they are affected by quantum computing.
Dr. Gersch and Dr. Haefner will give a presentation on how to use ChatGPT to target victims and speed up your hacking.
We will have a wonderful time watching a documentary about Bill Gates doing stuff, including mowing his lawn in a threatening manner! - Chloe Hesskamp
Workforce and Early Career Workshop ... you're gonna learn how to career!! Hope to see you there!
Become a officer in Hashdump! Come participate in our officer elections! We will conclude with a guest presentation from well known cyber security specialist Sangameswaran Iyer Manikkayam.