Hashdump Security

Disk Encryption

4:00 PM on December 4th, 2024

Hashdump will meet once more as the semester draws to a close. We'll give an overview of disk encryption tools, including a brief look at the LUKS standard on Linux.

OverTheWire Krypton / Cyber Service Academy

4:00 PM on November 20th, 2024

We'll play the Krypton wargame from OverTheWire, which will task us with decrypting various ciphers to solve a series of challenges. Additionally, guest speaker Evan Anspach will give a short presentation on the Department of Defense Cyber Service Academy scholarship.

OverTheWire: Krypton
DoD Cyber Service Academy

Guest Speaker — Griffin Opp

4:00 PM on November 6th, 2024

Guest speaker Griffin Opp is a security engineer at Workiva and is responsible for conducting their technical interviews and reviewing resumes this year. He will be going over the interview process and do some resume workshopping! He is also planning to bring in some DEF CON stickers for those who are interested!

Virtual Private Networks

4:00 PM on October 23rd, 2024

Caleb will highlight some of the purposes of VPNs, why we use them, what they are good for, and what they aren't good for. Additionally, they'll take a look at some commercial VPN providers and where their claims fall short.

Presentation

XZ Utils Backdoor

4:00 PM on October 9th, 2024

Eli will give a presentation on the XZ Utils backdoor, which was discovered in multiple Linux distributions this March and allowed remote attackers to control servers running OpenSSH.

Bandit — OverTheWire

4:00 PM on September 25th, 2024

Join Hashdump as we play the Bandit wargame by OverTheWire. We'll practice command-line skills in Linux and work to obtain hidden passwords from a remote server.

Bandit

Two-Factor Authentication

4:00 PM on September 11th, 2024

Caleb will discuss the core mechanisms of two-factor authentication, such as HOTP, TOTP, and FIDO (WebAuthn). In addition, they'll share some of its shortcomings and how it can be improved.

Presentation

Intro + Large Language Models

4:00 PM on August 28th, 2024

Hashdump returns for our first meeting of the school year! Everett will discuss common exploits affecting large language models (LLMs) like ChatGPT and Bing Chat. Afterward, we will try to extract hidden information from an LLM in the online Gandalf activity.

Presentation
Gandalf

Dr. Gersch!

5:00 PM on April 3rd, 2024

Our glorious emperor Dr. Gersch will be giving a talk. About what? No one knows! Show up and find out!

Game Night

5:00 PM on March 27th, 2024

This week we'll take a break and have a game night! Feel free to bring any games you want to play.

Telephony in Wireshark

5:00 PM on March 20th, 2024

Enzo will demonstrate how to reconstruct phone calls from captured packets in Wireshark.

Guest Speaker: Software Engineering

5:00 PM on March 6th, 2024

Guest speaker Jeff Dean will return to a presentation on how to become a software engineer!

OverTheWire Game

5:00 PM on February 28th, 2024

For this meeting, we will revisit the Bandit wargames from the first meeting and practice some more ssh-based attacking!

Rubber Duckies

5:00 PM on February 21th, 2024

For this meeting Eric will demonstrate rubber duckies!

Game Night

5:00 PM on February 14th, 2024

This week we'll take a break and have a game night! Feel free to bring any games you want to play.

Quantum Computing

5:00 PM on February 7th, 2024

We will have a presentation on the basics of quantum computing and Shor's Algorithm.

Attiny85 Microchip

5:00 PM on January 31st, 2024

For this meeting Enzo will lead us through coding the attiny85 microchip to execute malicious code.

OverTheWire Game

5:00 PM on January 24th, 2024

For this meeting, we will be playing the Bandit wargame. Woohoo!

Dr. Gersch: Rust Security

November 1st, 2023

The one and only slightly terrifying Dr. Gersch will be presenting on the security benefits of using the Rust programming language.

Cybersecurity Awareness Month

October 25th, 2023

We will use tools like nmap and dirbuster to scan for vulnerabilities in a server, in the process extracting information about a hidden file.

Network Chuck: The Dark Web

October 18th, 2023

For this meeting we'll watch a compilation of NetworkChuck videos focusing on the dark web ... as it is illegal to run that meeting ourselves.

Guest Speaker: Pentesting

October 11th, 2023

For this meeting we'll have a guest speaker tell us all about pentesting, with tips for how to get into the industry!

Linux Tips & Tricks

October 4th, 2023

Enzo will present on fun, useful, and occasionally quite strange Linux commands!

Malware Analysis

September 27th, 2023

For this meeting we'll have a guest speaker presenting on malware analysis!

Game Night

September 20th, 2023

Take a break from studying with a game night and pizza!

Interactive Phishing

September 13th, 2023

Building on the previous meeting, we will present an interactive phishing activity where we try to phish one another.

Phishing Presentation

September 6th, 2023

Revered treasurer Eric Martin will give a presentation about phishing strategies!

Welcome Meeting + CTF

August 30th, 2023

Welcome back to a new year! For our first meeting we'll do a general introduction to the club and play around with a CTF.

Officer Elections and Guest Speaker!

April 27th, 2023

Become a officer in Hashdump! Come participate in our officer elections! We will conclude with a guest presentation from well known cyber security specialist Sangameswaran Iyer Manikkayam.

5PM!!!!!! -- Workforce and Early Career Workshop with PwC

April 20th, 2023

Workforce and Early Career Workshop ... you're gonna learn how to career!! Hope to see you there!

Movie Night!!

April 13th, 2023

We will have a wonderful time watching a documentary about Bill Gates doing stuff, including mowing his lawn in a threatening manner! - Chloe Hesskamp

ChatGPT and Hacking

April 6th, 2023

Dr. Gersch and Dr. Haefner will give a presentation on how to use ChatGPT to target victims and speed up your hacking.

Post Quantum Cryptography

March 23rd, 2023

In this presentation, Vice President Chloe Hesskamp gave a talk on Post Quantum Cryptography, which is the super interesting math behind cryptography algorithms and how they are affected by quantum computing.

Hot Wings Interviews

March 2nd, 2023

Join us in this joint meeting with ACM and ACM-W for a panel of professors answering CS-type questions - all while eating increasingly hotter wings.

Guest Speaker: Chris Ellis

February 23rd, 2023

Guest speaker Chris Ellis from Raytheon gives a talk about networking, protocol reversing, and Wireshark!

Professional Development with WiCyS!

February 15th, 2023

In this meeting our great friends at Women in Cyber Security take professional headshots. All are welcome!

Intro to the Rubber Duck

February 9nd, 2023

Treasurer Eric Martin demos the 'Rubby Ducky', a USB stick that acts like a keyboard.

Intro to CTF

February 2nd, 2023

Hashdump officer Britta will be introducing CTFs, or Capture the Flag Challenges!

Welcome Back!

January 26th, 2023

Welcome to the Spring semester! We will be hosting a game night in CSB 130!

The Math behind Cryptography

November 17th, 2022

We will be exploring the math behind cryptography and cybersecurity with Hashdump vice president Chloe.

Dr. Gersch: Blockchain

November 10th, 2022

Dr. Gersch will be giving a presentation about Blockchain, don't miss it!

Game Night

November 3rd, 2022

Join us for Hashdump game night to play a variety of board, card, and other weird games!

Industry Night: Raytheon

October 27th, 2022

A representative from Ratheon will be holding a presentation behind the security and defense of their technology and instrastructure.

Industry Night: HP

October 20th, 2022

HP will be giving a presentation and holding a panel for all things general technology and security focused topics!

Multi Factor Authentication

October 6th, 2022

Multi factor authentication is becomming more commonplace for online accounts and has been established internally at almost every company that prioritizes security. How does it work and how can it be effectively implemented?

Industry Night: Plante Moran

September 29th, 2022

Plante Moran is an auditing, tax, and business management firm, and their security professionals are here to show how they keep that all secure!

Tamper Evident Devices

September 22nd, 2022

We will be exploring several examples of tamper evident devices and their use in and out of cybersecurity.

Industry Night: PwC Presentation

September 15th, 2022

PricewaterhouseCoopers, or PwC is the second largest provider of professional services in the world! They manage and provide services such as auditing, accounting and human resources for various industries such as insurance or aerospace. Join us for their presentation of how they manage all of this from a cybersecurity standpoint!

Unix Commands and Tricks

September 8th, 2022

This week Hashdump president Enzo Barrett will be showing useful Unix commands, a subject not usually taught in school but defintely useful!

Welcome Back!

September 1st, 2022

Join us for Hashdump's first meeting of the 2022 Fall semester! We will discuss what activities you can look forward to in the coming weeks as well as demoing CTF challenges!

Meeting Cancelled

April 21st, 2022

See you next week for a game night and officer elections!

ATM Hacking

April 14th, 2022

This week we will be doing a brief introduction of officer duties in preparation for the coming election followed by a talk on hacking ATMS. There will be free pizza!.

Malware Demo

April 7th, 2022

This week Jack will be doing a live malware demo! Whether the malware will escape and take over the entire university remains to be seen.

The Math Behind Cryptography

March 31st, 2022

This week we will be discussing some of the math involved in common cryptography, including some quantum-resistant algorithms!

Hot Wings Interviews!

March 24th, 2022

Hashdump is joining with ACM-W to interview professors while they attempt to eat progessively hotter wings! There will be free pizza and drinks provided.

Quantum Computing

March 10th, 2022

The fantastic Dr. Gersch will be giving a presentation on the basics of quantum computing.

Game Night (and Pizza!)

March 3rd, 2022

We will be engaging in a standard Hashdump midterm game night. There will be free pizza!

Wargames

February 24th, 2022

For this meeting, we'll be doing an online CTF competition! After going through several challenges together, we will split into teams to compete for a very high-quality and not-cheap prize.

Over the Wire: Natas

Cicada 3301

February 17th, 2022

We will be watching a documentary about Cicada 3301, an alleged organization that published 3 cybersecurity puzzles several years ago. There will be free pizza / soda!

Kali Linux Demo

February 10th, 2022

Hashdump president Jack will be going over several features of Kali Linux, including the (usually legal) nmap, metasploit, and hydra tools.

A Very Definitely Happy CTF

February 3rd, 2022

Welcome back! For our first meeting of the new semester, we'll do a brief club introduction before trying out some simple CTF challenges.

Game Night

December 9th, 2021

For our last meeting of the semester, we will be having a pizza / game night!

Kubernetes Workshop

December 2nd, 2021

Guest speaker Jeff Dean will be returning to give a workshop on Kubernetes!

Dr. Gersch: DNS

November 18th, 2021

The one and only Dr. Gersch will be giving a presentation on using DNS to write secure code.

CyberForce Preparation

November 11th, 2021

The regular Hashdump meeting has been cancelled for this week to allow for the CyberForce competition team to prepare.

Securing Linux Servers

November 4th, 2021

Hashdump Officer Enzo will be running a demo on how to secure Linux servers! There will be DigitalOcean Debian servers set up for attendees to secure.

Game Night

October 28th, 2021

In an effort to promote everyone surviving their midterms, we will be hosting a pizza / game night!

Guest Speaker: CI/CD Pipeline Security

October 21st, 2021

Guest speaker Jeff Dean from Upslope.io will be joining us to talk about adding security to your CI/CD pipeline, kubernetes hardening, and other OWASP development security concerns.

Social Engineering (and Pizza!)

October 14th, 2021

As a special presentation for Cybersecurity Awareness Month, Hashdump President Jack will be giving a presentation on social engineering! There will be pizza and a competition to (ethically) phish other participants.

TryHackMe

October 7th, 2021

For this meeting, we will make accounts for TryHackMe and run through several of their challenges!

Virtual Machines

September 30th, 2021

Hashdump Officer Enzo will give a presentation on virtual machines and lead attendees in downloading / using their own.

Virtual Box
Kali Linux
Parrot OS

Cyberthreat Roundtable

September 23rd, 2021

For this meeting, we will assign participants roles in a fictional company and play out various responses to 6 different cyberthreats.

Tamper Evident Devices

September 16th, 2021

For this meeting, we will watch a DEF CON video on tamper evident devices!

Welcome Back!

September 9th, 2021

For our first meeting this semester, we will discuss what the club will look like this year and demonstrate a few CTF challenges!

Cybersecurity Jeopardy

April 1st, 2021

For this meeting, we will be playing Family Feud, featuring topics surrounding cybersecurity.

Natas Wargame

March 18th, 2021

For this meeting, we will be playing the Natas Wargame, from the same creators as SSH Bandit, this wargame focuses on serverside web-security.

Over the Wire: Natas
image

Image attribution


The National Archives (UK), CC BY 3.0 , via Wikimedia Commons

Cybersecurity Games

March 11th, 2021

For this meeting, we will be playing Jeopardy and Scribbl.io, featuring topics surrounding cybersecurity.

24/7 CTF

February 25th, 2021

For this meeting, We will be playing the 24/7 CTF.

Virtual Box
Kali Linux
Parrot OS

AI in Cybersecurity

February 18th, 2021

For this meeting, Hashdump Secretary Jack Soveriegn will be giving a presentation on AI in the context of cybersecurity.

image

Image attribution


mikemacmarketing, CC BY 2.0 , via Wikimedia Commons

SSH Bandit

February 11th, 2021

For this meeting, We will be playing the Bandit wargame.

site

Damn Vulnerable Web Application Demonstration

February 4th, 2021

For this meeting, Hashdump President Pierce Smith will be demonstrating exploits against the Damn Vulnerable Web Application (DVWA)

Hashdump Intro and DEF CON Cybersec Talk

January 28th, 2021

Welcome back! For this meeting we will go through introductory slides, followed by a DEF CON talk on airplane/drone cybersecurity.

GitHub Guest Speaker

December 10th, 2020

For this meeting we will have a guest speaker from GitHub, Software Engineer Robert Reichel, talking about Threat Modeling.

Unwinding with Jackbox

December 3rd, 2020

As the semester winds down so will we, for this meeting we will simply be playing Jackbox party games

Digital Forensics Demo

November 19th, 2020

Hashdump President Pierce Smith will be demonstrating methods for recovering deleted data from disk images

Kubernetes and Docker Security presentation

November 12th, 2020

Hashdump Treasurer Enzo Barret will be giving a presentation on Google's Kubernetes software and Docker security

notes

Kubernetes and Docker Security presentation

This meeting took place on 2020/11/12


Enzo gave us a crash course on Kubernetes and Dockers. We started with the basics, building our way up from single docker images into clusters. Through live demonstrations, we learned what a docker image really is and how it works. After understanding the fundamentals, we went into some of the processes involved in securing dockers, as well as some applications that will streamline the security process. These applications are used by large companies, so it was very applicable to real situations.

Wireshark Pumpkin Challenge

November 5th, 2020

For this meeting we will be using Wireshark to find pumpkins hidden within a pcap file

Phishing Trip

October 29th, 2020

Hashdump Secretary Jack will be giving a presentation on social engineering attacks with a focus on phishing, followed by an activity where we will try to phish other members.

notes
image

Phishing Trip

This meeting took place on 2020/10/29


This week we talked about social engineering! In this meeting we went over the basic principles of social engineering, as well as the 10 most common examples of social engineering attacks. We focused on phishing attacks, and after learning about what they are we constructed our own phishing e-mails and sent them out to the other members of the club. This allowed us to get in the mind of these attackers, and learn what to look out for when we receive suspicious e-mails

Image attribution


AntanO, CC BY-SA 4.0 , via Wikimedia Commons

Cicada 3301 Documentary

October 22nd, 2020

We will be watching the Youtube channel Great Big Story's documentary on the organization 3301's Cicada challenge.

Cybersec Awareness Month: "Pass the Hash" presentation.

October 15th, 2020

We will be giving a presentation for Cybersecurity Awareness Month titled, "Pass the Hash: A Discerning Guide to How (and How Not) to Use Passwords" over Zoom

Zoom Link
notes

Cybersec Awareness Month: "Pass the Hash" presentation.

This meeting took place on 2020/10/15


Hashdump president Pierce went into detail about password security. In this presentation, we covered a few sub topics of password security. We covered how websites stores passwords using techniques like hashing and salting, we talked about good and bad password habits and why those specific habits make a good or a bad password. We talked about the most effective passwords, and how using a password manager to balance convenience and security can save your information. Finally, we touched on the significance of multi factor authentication.

IBM Cybersecurity Ops: Terminal

October 8th, 2020

Hashdump System Admin Britta will be running through IBM's cyber breach simulation game, Cybersecurity Ops: Terminal

notes
image

IBM Cybersecurity Ops: Terminal

This meeting took place on 2020/10/08


Britta showcased a simulation created by IBM to understand the processes that happen once a cybersecurity breach has occurred. The simulation is a gamified version of a simulation used to train IBM employees how to react to certain situations if they were to happen on the job. If you’d like to check it out yourself, visit https://www.ibm.com/security/digital-assets/cybersecurity-ops/terminal/. We also briefly talked about the Rocky Mountain Collegiate College Competition (RMCCDC). If you are interested in participating, reach out to the club for more information! Message @Jacc

Image attribution


Viscovery, IBM, Amazon / Public domain

Malware Demonstration

October 1st, 2020

Hashdump President Pierce Smith will be running a demonstration of how varieties of malware affect computers.

notes
image

Malware Demonstration

This meeting took place on 2020/10/01


Pierce showcased a variety of malware, and its effects on computers. We mostly looked at older malware since the effects are a little easier to see. We went over some network worms (Klez, Nimda, Sality, Swen) that disguise themself and spread over e-mail or a networks shared files, and some ransomware (Petya and WannaCry) that encrypts your entire computer! All you needed to get your files back was a measly $300 in bitcoin. The meeting was educational and it was quite entertaining to see malware in action. See you next week!

Image attribution


EFF-Graphics / CC BY 3.0 US (https://creativecommons.org/licenses/by/3.0/us/deed.en)

Deepfakes and Officer Elections

September 17th, 2020

Join us for a discussion about deepfakes - what they are, their ethical implications, and how we can use technology to both create and possibly detect them. Later in the meeting, we will be holding officer elections, so if you'd like to help take the reins of the club and steer its future, please apply! (More detailed information on this soon)

image

Image attribution


Neural net filters image by Cecbur / CC BY-SA (https://creativecommons.org/licenses/by-sa/4.0)

Setting up Virtual Machines

September 10th, 2020

Virtual machines are common and useful tools in all areas of comptuer science - but especially cybersecurity, since they aid greatly in everything from analysis to research to experimentation. At this meeting we will walk through how to set up your very own security-focused virutal machine, running either Kali or Parrot Linux (whic you may even use in future meetings!) Be sure to follow the links below to download the setup files for Parrot or Kali Linux before the meeting.

Parrot ISO Direct Download
Kali ISO Direct Download

Welcome back!

September 3rd, 2020

Hashdump is back! Join us for a quick re-introductory meeting, where we briefly discuss the club and go over a few simple hack the box challenges... as well as try some ourselves!

Select Kail Tools Demo

April 14th, 2020

Kali Linux is loved by pentesters, CTF participants, and general security enthusiasts alike for its diverse and powerful range of tools. But there are so many of them! What are they for? How can we use them? Will any of them help me make the perfect mac-n-cheese? We will attempt to answer at least two of those questions in this meeting! Come on by our Discord server to participate.

Vitamin G CTF Recap

April 7th, 2020

Hashdump Officers Addie and Griffin will be demonstrating some CTF puzzles they recently tackled with Vitamin G. Come join us on our shiny new Discord server for the presentation. Hope to see you there!

Merlin Malware Demo

March 31st, 2020

For our glorius return to meetings, Hashdump Officer Casey will be introducing us to an exciting new family of malware that takes advantage of exploits in the HTTP/2 protocol. Remember not to show up to the CSB! Join us on Slack instead to hang out with us and see his video presentation at a CDC-approved distance.

Kryptsec Guest Presenation

March 10th, 2020

In this meeting, fellow CSU cybersecurity enthusiasts Kryptsec will be stopping by to give a guest presentation! This one will be all about wireshark; how to use it effectively and all of the wonderful/terrifying things it is capable of. Drop by and learn how to hone your digital forensic skills!

Heavy Vehicle Security

March 3rd, 2020

Do you feel safe driving down the road in your sixteen-wheeler semi? Well you shouldn't! CSU's own Dr. Jeremy Daily will by stopping by the Hashdump meeting room to introduce the physical and cyber aspects of securing heavy vehicles from theft and vandalism. Never again will your dense slab not be on lockdown. Pizza will be provided!

image

Image attribution


Image by Ildar Sagdejev (Specious) / CC BY-SA (license) (image)

The Vitamin G CTF Team

February 25th, 2020

Want to get involved with Capture the Flag? Vitamin G, a CTF team here at CSU, will be dropping by to give a presentation on what CTFs are and some simple-to-difficult puzzles they've faced in actual CTFs - as well as extending their memebership to those who'd like to join in the quest to defeat these cybersecurity challenges.

Presentation Slides

General Internet Security Tips

February 18th, 2020

The best way to achieve security online is to unplug your computer from the Internet. But what if you don't want to do that? Hashdump Officer Gus will be showing us some generally-applicable tips to stay safe while surfing the net without needing to toss your laptop and/or desktop machine into a dumpster fire.

Damn Vulnerable Web App Redemption

February 11th, 2020

Ever wanted your own vulnerable web server to practice techniques like SQL injection and XSS? No? Too bad! Hashdump Officer Griffin will be showing us how to set up this intentionally poorly-designed web application and walking us through some simple exploits you can use to pwn it. For real this time, we promise.

Gone Phishing

February 4th, 2020

Phishing is one of the most common and notorious examples of social engineering. In this presentation, Hashdump Officers Addie and Pierce will be showing off the techniques, both sophisticated and crude, that these cyber-anglers use to reel in their targets. Was that password reset email really from your bank? Are you really on the Hashdump website right now?

image

Image attribution


Image was edited together from Douthat Fishing by vastateparksstaff [CC BY (https://creativecommons.org/licenses/by/2.0)] (link) and Example of Domain Slamming phishing email by Noloader [CC BY-SA (https://creativecommons.org/licenses/by-sa/3.0)] (link)

Welcome to Hashdump (Spring Edition)

January 28th, 2020

We're back! Join us for a quick officer re-introduction and another go at Google's wonderful Beginner's Quest CTF. Don't forget your computer (hacking is difficult on a phone)!

Google CTF

2019 End of Year Party!

December 10th, 2019

It's the end of the year, so you know what that means - cyber party! Eat pizza, play SNES games, and just generally do nothing important for the next hour or so.

RFID Scanner Workshop

December 3rd, 2019

RFID is everywhere, from your credit cards to your passports and even your pets. This meeting will show firsthand what security concerns our use of RFID creates, and whether or not you want to gather all of your RFID-enabled items and throw them into Mount Doom (spoiler: you probably don't).

Raspberry Pi RFID Reader Tutorial
Presentation Slides
image

Image attribution


Image © Raimond Spekking / CC BY-SA 4.0 (via Wikimedia Commons) (link)

Password Security Talk

November 19th, 2019

Enjoy complimentary pizza while you listen to our Jordan Peterson rant about passwords, from best practices for users to the cracking tehcniques you can use to break them!

Presentation Slides

USB Rubber Ducky Demo

November 12th, 2019

Be careful! This innocuous flash-drive-looking thing is actually a keystroke injection tool that can do a whole number of malicious things to any unsuspecting machine. How does it work? What can you use it for? Does it even work? We'll find out together in this workshop.

Hackernoon Instructions
Linux Video Tutorial
Linux Troubleshooting Info
Micronucleus Bootloader Upgrade
image

Image attribution


Image by gaetanlee [CC BY 2.0 (https://creativecommons.org/licenses/by/2.0)] (link)

Quantum Computing

November 5th, 2019

The fantastic Dr. Gersch will be enlightening us all on the wonders and dangers of a fast-approaching technological breakthrough - quantum computing. Learn about what it is and how it threatens to change our perception of cybersecurity while you enjoy some complimentary free pizza!

Presentation Slides
notes
image

Quantum Computing

This meeting took place on 2019/11/05


Dr. Gersch gave a very informative presentation this week on quantum computing. Quantum physics, superposition, qbits, encryption algorithms and more were presented in an easy to follow exploration of the topics and what they mean in relation to cybersecurity. We were lucky enough to have him provide a copy of his slide deck for us. Be sure to check out the links he left on slide 18 for further information!

Image attribution


Photograph of the D-Wave TwoX 1000 Qbit quantum annealing processor chip. Mwjohnson0 [CC BY-SA 4.0 (https://creativecommons.org/licenses/by-sa/4.0)] (link)

Playing with Kali Linux

October 22nd, 2019

Kali Linux is a household name in the world of cybersecurity, and for good reason. Bring your laptops and you'll have a chance to try this ethical hacking and pentesting-focused Linux distro on your own computer via a Live USB provided by us! Or at least bring an appetite for free pizza, since we've got that too!

Instructions
notes

Playing with Kali Linux

This meeting took place on 2019/10/22


Not only was the pizza delicious but the free flash drives were the icing on the cake! Jared gave us a demonstration on creating a bootable flash drive with the Kali Linux OS on it. Not only that, he showed us how to create a persistent encrypted partition on the flash drive. This enabled us to save files privately in a way that they are always accessible when Kali is booted up. Great meeting, hope to see you all at the next one!

Hack the Box!

October 15th, 2019

Think you can Hack this Box? Hashdump Officer Addie will be letting us loose on a series of a pentesting challenges hosted by Hack the Box, which will test your skills and expand your cyber-defense knowledge. Bring your favorite laptop and/or computer-equipped buddy!

HTB Landing Page

Hashdump Game Night

October 8th, 2019

Join us for an hour of hacker-themed board games, classic Nintendo emulators, and stuffing free pizza into your face! Batteries not included.

notes
image

Hashdump Game Night

This meeting took place on 2019/10/08


Our first ever game night was a great success! After scarfing the pizza down we had fun playing classic video game emulators and hacking themed board and card games. Over the sounds of an intense game of Street Fighter 2 on Super Nintendo one could hear the wheelings and dealings in the distant land of Catan. I'll trade you two wheat for a sheep!

Image attribution


Image was edited from original by Tobias Grothmann - Generalprobe No Input Ensemble & 2xC, CC BY 2.5, https://commons.wikimedia.org/w/index.php?curid=36644104

Return of the Wireshark Demo

October 1st, 2019

Hashdump Officer Addie will be demonstrating some uses of Wireshark, a very powerful, widely-used network analysis tool. Be sure to bring a computer, as you'll have the opportunity to experiment with this software firsthand!

notes

Return of the Wireshark Demo

This meeting took place on 2019/10/01


Addie hosted a great meeting this week! It turns out that even those who did not have wireshark installed on their machines were able to follow along with her halloween themed packet capture demonstration with Cloudshark. There was spooky jack-o-lantern ASCII art and clips from the Charlie Brown Halloween special to be found, among other things. Not only was this meeting educational, it got everyone ready for the upcoming season!

Damn Vulnerable Web App Demonstration

September 24th, 2019

Hashdump Officer Griffin will be intoducing us to and letting us play with the Damn Vulnerable Web App, an intentionally vulnerable PHP/MySQL web application made for safe penetration testing! We'll have pizza for you to enjoy as you test and grow your (ethical) hacker skills.

A Brief Introduction to Hiding Things

September 17th, 2019

Hashdump Officer Pierce will be giving a short presentation on some basics of encryption, cryptography, and steganography. There will be activities, so be sure to bring a laptop!

Online AES encryptor/decryptor
Online RC4 encryptor/decryptor
LSB Steganography Slide
Nostradamus MD5 Attack
notes

A Brief Introduction to Hiding Things

This meeting took place on 2019/09/17


Caesar and substitution and block oh my! This meeting started in Kansas with some basic ciphers and the next thing we knew, Pierce the tornado had transported us to munchkin-land. There were advanced encryption standards, RC4 streams, secret steganography images and more. By the end of the meeting we were clicking our ruby MD5 hashes together getting ready to go home. Ugh, are you tired of this pun yet? In short, it was a great meeting headed up with a stellar presentation by Pierce Smith. Come check out our next meeting, it will be better than our tired puns we promise!

Cicada 3301 Documentary

September 10th, 2019

Join us to learn about one of the Internet's greatest unsolved mysteries, Cicada 3301. Pizza will be provided!

notes

Cicada 3301 Documentary

This meeting took place on 2019/09/10


Another great meeting this week! We started by discussing a variety of security events in the news. Pizza was then provided and we enjoyed watching the first two parts (of four) of the Cicada 3301 documentary on YouTube, which talked about what Cicada 3301 is, the context behind it, the people involved in it, and some of the puzzles it contains.

Introduction and Capture the Flag

September 3rd, 2019

Join us for the first Hashdump meeting of the semester! We'll kick things off with short officer introductions, and then play a game of Google's Beginner Quest CTF to give you a taste of what the club is all about. Bring a computer (or a friend with one!), and take note of the links below so you can follow along during the meeting.

Google CTF
Wireshark Download
String Encoder/Decoder
notes

Introduction and Capture the Flag

This meeting took place on 2019/09/03


What a great first meeting! We started off by introducing our new officers for the 19-20 academic year. There was also a brief discussion about future meeting topics. We then enjoyed a presentation by our own Jared Crouse who walked us through the Google Beginners Quest CTF. He showed how to use some simple techniques to work through the first two quests.

End Of The Year Party

May 7th, 2019

Join us for our end of the year party! We'll have food, fun, and jeopardy.

Google CTF - Beginners Quest

April 30th, 2019

Join us as we walk through the Google Beginners Quest CTF. We will also be watching some Def Con talks and having officer elections.

Google CTF
GynvaelEN Livestream

Rubber Ducky Workshop

April 23rd, 2019

Join us for our second workshop where we will be programming Rubber Duckies that you get to take home with you.

Hackernoon Instructions

Secure 64

April 16th, 2019

Vice president of Engineering at Secure 64, Amanda Constant, will be giving a talk about how Secure64 protects its clients.

New Security Classes?

April 9th, 2019

CSU is pushing cyber. Come listen to Jarret Flack talk about some of the security classes currently offered and some of the opportunities coming in the near future.

Website Security

April 2nd, 2019

Hashdump Officer Sus will be showing us how to secure a website.

Presidents Challenge

March 26th, 2019

Did you know you can hide data in pictures? Hashdump Officer Addie will be leading us through a steganography challenge.

Instructions

Kali Live USB Workshop

March 12th, 2019

Join us for our first workshop! We will be building Kali Live USBs so that you can carry all of the security tools you need on your keychain.

Instructions

Wireshark Demo

March 5th, 2019

Hashdump Officer Addie will be giving a presentation on Wireshark. We will be meeting in the fish lab. CSB 325

SQL Injection/Buffer Overflow Demo

Febuary 26th, 2019

Hashdump Officer Bruce will be giving a presentation on SQL injections and buffer overflows. Bring your laptops!

Third RMCCDC Meeting

Febuary 19th, 2019

Day three of the RMCCDC practice. The Red and Blue team get to put what they learned into action.

RMCCDC

Introduction to Network Forensics

Febuary 12th, 2019

  • Jordan presents on Network Forensics, a.k.a. the digital conversations between machines
  • Want to know when did it happen, where did it come from, the scope of the attack and how it happened
  • Used Wireshark to view collected packets and filter through them to see the communications we care about
  • Went to http://forensicscontest.com and completed Puzzle #1 Ann’s Bad Aim
  • Used https://hexed.it to look at the bytes of raw data from Wireshark
  • Google Chrome offers an extension to see if email and password combinations are secure
    70% of all Microsoft security bugs are from memory issues due to coding in C and C++
    VFEmail mail infrastructure was completely destroyed
    Chinese company Tencent buys Reddit stock

    Second RMCCDC Meeting

    Febuary 5th, 2019

  • Day two of the RMCCDC practice
  • The Blue and Red team went to different class rooms and tried out their skills
  • Red team hacked into the images while blue team protected them
  • After the competition, Noah Cain went through a debrief and explained what the red and blue teams did successfully
  • Breach of Credentials
    Have I Been Pwned

    First RMCCDC Meeting

    January 29th, 2019

  • Start of RMCCDC Practice
  • Stephen Hayne introduced the exercise and what images the red and blue team will be working on
  • Hayne also discussed several things each team will have to Harden/look into vulnerabilities about like SQL and ASP
  • After his introduction, the club split into teams and each team worked out logistics
  • Professor Joe Gersch brought up a interesting opportunity about the electrical and gas generators that have consoles that Hash Dump might be able to try to hack into. Will get more information at a later meeting
  • RMCCDC
    Apple FaceTime Listening Bug
    US accuses China of infiltrating tech
    Greg Myre visits CSU

    Cyber Feud/Costume Party

    October 30th, 2018

    We asked a fair amount of students… name a better way to spend Halloween Eve than playing Cyber Feud! Teams will compete to find out how fellow CSU students answered questions about cybersecurity. There will also be a cybersecurity costume contest – low effort is encouraged!

    VM Exploitation

    October 23rd, 2018

    Noah Cain will be giving a demonstration on how to exploit and gain root access to a virtual machine!

    More Than Lockpicking

    October 16th, 2018

    Here comes the ever popular lock picking session, but this time we will get into lock impressioning and general key cutting with Ben Say. (Bring tubular lock picks you have any)

    VM/Container Security

    October 9th, 2018

    Hashdump officer Adam Smith will be giving a presentation on the exploits, security best practices, and pros/cons of virtual machines and containers.