• Stars
    star
    1,221
  • Rank 38,417 (Top 0.8 %)
  • Language
    Python
  • Created over 11 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Hack Night is an open weekly training session run by the OSIRIS lab.

NYU Tandon's OSIRIS Lab's Hack Night

Developed from both the materials of the NYU Tandon's Introduction to Offensive Security and old Penetration Testing and Vulnerability Analysis course, Hack Night is a sobering introduction to offensive security. A lot of complex technical content is covered very quickly as students are introduced to a wide variety of complex and immersive topics over thirteen weeks.

Hack Night culminates in a practical application of the skills and techniques taught, students complete a research project inspired by one of the lectures or exercise materials. By the end of the course, each student is expected to have a good understanding of all topics and a mastery of at least one topic.

Due to the involved nature of this course, we recommend students attend Hack Night in person.

Logistics

If you have any questions, or would like to attend a Hack Night session, you can contact or [email protected] or you can ask us in Discord.

Hack Night is run every Thursday during the regular semester at 7 PM on the 10th floor of 370.

OSIRIS Lab 370 Jay Street Brooklyn, NY 11201

Week 0 (01/31): Background

In order to get the most out of Hack Night, you should be familiar with some basic security concepts.

Lecture Materials

  1. PicoCTF Resources

Resources

Application Security

  1. OWASP Secure Coding Principles

Web Security

  1. OWASP Top 10

Week 1 (01/31): Introduction (Kent Ma)

This is an introduction session to the Hack Night curriculum, this session tries to give an overview of what rest of Hack Night sessions is to be followed. More importantly, it also gives the ethics necessary to keep in mind when you learn something as powerful as you're going to do now. Next, we will cover various types of disclosure that hackers have followed since its inception.

Before diving into the Hack Night semester, we recommend you take a look at the resources below and become familiar with some of the material. This session will cover Code Auditing. Code Auditing an application is the process of analyzing application code (in source or binary form) to uncover vulnerabilities that attackers might exploit. By going through this process, you can identify and close security holes that would otherwise put sensitive data and business resources at unnecessary risk. Topics that will be covered are Identifying Architectural, Implementation and Operational vulnerabilities.

Lecture Materials

  1. Slides
  2. The Art of Software Security Assessment
  3. Integer Overflows
  4. Catching Integer Overflows
  5. The Fortify Taxonomy of Software Security Flaws

Resources

  1. IRC: #hacknight on isis.poly.edu port 6697 (ssl only)
  2. OSIRIS Lab Blog
  3. OSIRIS Lab Github
  4. Project Ideas
  5. CTF 101
  6. Mailing List
  7. OSIRIS Lab Calendar

Tools

  1. Source Navigator
  2. Scitools Understand
  3. List of tools for static code analysis

Workshop

  1. OSIRIS Wargames

Week 2 (02/07): Client-Side Web Security (Kent Ma)

This session will cover client-side web hacking. This session is about familiarity with various client-side applications in web applications. We will also look at exploitation mitigations that your current browser implements. Topics include XSS, CSRF, Same-Origin Policy, XSS-Protection, and Content-Security-Policy.

Lecture Materials

  1. Slides

Workshop Materials

  1. Google XSS game
  2. Hacknight CSP Game

Resources

  1. The Tangled Web
  2. OWASP Top 10
  3. OWASP Top 10 Tools and Tactics
  4. OWASP XSS Filter Evasion Cheat Sheet

Weeks 3 (02/14): Server-side Web Security (John Cuniff)

This session will cover web hacking. This session is about getting familiarity with various vulnerabilities commonly found in web applications. You will be able to identify and exploit web application vulnerabilities. Topics to be covered are:

  • SQL Injection
  • File inclusion
  • Directory Traversal
  • Object deserialization
  • External Entities (XXE) Injection
  • CRLF Injection
  • Server-Side Request Forgery
  • WAFs and filter bypasses

Lecture Materials

  1. Slides

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. The Tangled Web
  2. OWASP Top 10
  3. OWASP Top 10 Tools and Tactics

Tools

  1. Burp suite

Week 4 (02/21): Reverse Engineering, Part 1 (Mina Zhou)

This session is about Reverse Engineering. Most of the software we use everyday is closed source. You don't have the liberty to look at the source code, at this point we need to analyze the available compiled binary. Reversing a binary is no easy task but can be done with the proper methodology and the right tools.

This first week will be a primer on x86 assembly and low level programming.

Lecture Materials

  1. Slides

Workshop Materials

In this section we will go through the basic idea of a binary and how your source code is converted into an executable form. We will then look at the assembly language used by executable programs and develop our own low level programs. We will write simple assembly language programs and teach the basic skills needed to understand more complex assembly language uses.

This is going to be a workshop were we will write programs at assembly level. Once, we get familiar to basic x86 instructions we will switch to analyzing a real application and try to get high level understanding of what the application is doing. The goal would be to get familiar with calling conventions, stack and stack frames.

  1. Assembly Programming Exercises

Resources

  1. Binary Ninja Demo
  2. IDA Demo
  3. x86 Win32 Reverse Engineering Cheatsheet
  4. IDA Pro Shortcuts
  5. All Materials for Introductory Intel x86
  6. Reverse Engineering
  7. nasm
  8. x86 Intel Manuals

Week 5 (02/28): Reverse Engineering, Part 2 (Roy Xu & Nobel Gautman)

We will present you with an application which has no source code. Your job is to understand what the application is doing and figure out any loopholes present in that application. You'll use static analysis tools like IDA to analyze the binary and get a complete understanding of the application.

Lecture Videos

  1. Slides

Resources

  1. Binary Ninja Demo
  2. IDA Demo
  3. x86 Win32 Reverse Engineering Cheatsheet
  4. IDA Pro Shortcuts
  5. All Materials for Introductory Intel x86
  6. Reverse Engineering
  7. nasm
  8. x86 Intel Manuals

Week 6 (03/07): Reverse Engineering, Part 3 (Sai Vegasena)

For this lesson, we will be looking at dynamically reversing a binary. We will use a debugger to look into a running process's memory. Also, we will use

Lecture Materials

  1. Introductory Intel x86 Lectures

Workshop Materials

  1. Pwndbg GDB Plugin

Resources

  1. Binary Ninja Demo
  2. IDA Demo
  3. x86 Win32 Reverse Engineering Cheatsheet
  4. IDA Pro Shortcuts
  5. All Materials for Introductory Intel x86
  6. Reverse Engineering
  7. nasm
  8. x86 Intel Manuals
  9. GDB Commands Cheatsheet

Week 7 (03/14): Reverse Engineering, Part 4 (Nick Gregory)

Last week you dynamically debugged and reverse engineered a program that used a basic anti-reverse engineering technique. We will be going over some anti-reverse engineering protections.

Lecture Materials

  1. Slides

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. Binary Ninja Demo
  2. IDA Demo
  3. x86 Win32 Reverse Engineering Cheatsheet
  4. IDA Pro Shortcuts
  5. All Materials for Introductory Intel x86
  6. Reverse Engineering
  7. nasm
  8. x86 Intel Manuals
  9. GDB Commands Cheatsheet

Week 8 (03/28): Memory Corruption, Part 1 (Roy Xu)

In this week's session, we will go over some advanced concepts related to computer security. We will go over various memory errors that an application can cause often leading to catastrophic results. Topics that will be covered are various memory errors like buffer overflows, uninitialized variables, use after free etc. and how we can use them to take control of an application.

Lecture Materials

  1. Slides

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. Smashing the Stack for Fun and Profit
  2. Vagrant
  3. IDA Demo
  4. pwndbg
  5. pwntools

Week 9 (04/04): Memory Corruption, Part 2 (Roy Xu)

This week, We will look at exploitation mitigation that your current OS implements, it's not 1988 anymore. We will look at some techniques used to bypass modern mitigations. We will also go over useful tools and techniques for writing exploits.

Lecture Materials

  1. [Slides](Pwn/Memory Corruption Part 2.pdf)

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. Smashing the Stack for Fun and Profit
  2. Vagrant
  3. IDA Demo
  4. pwndbg
  5. pwntools

Week 10 (04/11): Heap Exploitation, Part 1 (Roy Xu)

In this week, we will cover the fundamentals of the Heap. We will primarily focus on the glibc implementation of the heap, but these techniques will apply to other implementations as well. We will go over the basic idea of how Glibc malloc behaves and is implemented, and then go into the following introductory heap exploitation techniques:

  • Use after free
  • Heap spraying
  • Heap overflows
  • Unlink
  • Overlapping chunks
  • Nullbyte poison

Lecture Materials

  1. Slides

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. Smashing the Stack for Fun and Profit
  2. Vagrant
  3. IDA Demo
  4. pwndbg
  5. pwntools
  6. How2heap

Lecture Material

  1. Post Exploitation

Week 11 (04/18): Heap Exploitation, Part 2 (Roy Xu)

In this week, we will cover the advanced heap exploitation techniques.

Lecture Materials

  1. Slides

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. How2heap
  2. Vagrant
  3. IDA Demo
  4. pwndbg
  5. pwntools

Week 12 (04/25): Kernel Exploitation

In thi sweek, we will cover the fundamentals of operating systems and how we can use our memory corruption skills for operating systems. The techniques and fundamentals will be the same, but there will be slight differences in the ecosystem, goals, and functions called for kernel exploitation.

Lecture Materials

  1. Slides

Workshop Materials

  1. OSIRIS Wargames

Resources

  1. RPISEC's Modern Binary Exploitation
  2. Vagrant
  3. IDA Demo
  4. pwndbg
  5. pwntools

Conclusion

Hack Night is designed to culminate in each student developing some kind of deliverable related to computer security, the goal being that everyone leaves the program with more knowledge about security.

More Repositories

1

Project-Ideas

A place to discuss potential projects for students of the ISIS Lab.
384
star
2

awesome-rust-security

Curated list of awesome projects and resources related to Rust and computer security
Rust
366
star
3

CTF-Solutions

Solutions to a variety of Capture The Flag challenges from different competitions.
Python
204
star
4

Fentanyl

Fentanyl is an IDAPython script that makes patching significantly easier
Python
203
star
5

CTF-Challenges

A repository of challenges from various CTF competitions.
Python
152
star
6

Shellcode

Assembly
136
star
7

ctf101

CTF101, a wiki-project documenting Capture The Flag techniques.
117
star
8

CSAW-CTF-2016-Quals

Repo for CSAW CTF 2016 Quals challenges
C
73
star
9

dispatch

Programmatic disassembly and patching
Python
67
star
10

CSAW-CTF-2019-Quals

Challenge Repository for CSAW CTF Quals 2019
Python
56
star
11

CSAW-CTF-2018-Finals

Repo for CSAW CTF 2018 Finals challenges
Python
56
star
12

CSAW-CTF-2017-Quals

Repo for CSAW CTF 2018 Quals challenges
JavaScript
44
star
13

CSAW-CTF-2018-Quals

Repo for CSAW CTF 2018 Quals challenges
CSS
38
star
14

PwnAdventure

Python
31
star
15

Catfish

Catfish is a tool used ease the process of finding ROP gadgets and creating payloads with them.
Python
30
star
16

screwSSH

A frighteningly-easy way of denying access to someone's publicly-accessible OpenSSH server in a default configuration. Originally written by Boris Kochergin.
C++
29
star
17

xnippet

A little tool to execute functions without debugging an entire executable. Originally written by Gonzalo J. Carracedo (BatchDrake).
28
star
18

Giraffe

PHP
27
star
19

CSAW-CTF-2023-Quals

Challenge repository for the 2023 CSAW CTF Qualifiers
PowerShell
27
star
20

ugo-ghidra

Java
21
star
21

imm-taint-trace

Immunity Debugger Taint Tracer
Python
20
star
22

vasilisk

vasilisk
Python
19
star
23

CSAW-CTF-2017-Finals

CTF Finals
C
17
star
24

dllinjection

C++
14
star
25

CSAW-CTF-2016-Finals

CSAW CTF 2016 Finals
JavaScript
14
star
26

CSAW-CTF-2019-Finals

Python
14
star
27

CSAW-CTF-2022-Quals

C#
13
star
28

LeakyPastes-V2

Looking at what people post to public pastebins
Python
12
star
29

CSAW-CTF-2021-Finals

C
8
star
30

armana

Real-time Internet threat monitor
Python
7
star
31

CSAW-CTF-2022-Finals

C
7
star
32

CSAW-CTF-2024-Quals

Public Archive for CSAW 2024 Quals
Shell
7
star
33

CSAW-CTF-2022-Final-WriteUps

C
6
star
34

CSAW-CTF-2021-Quals

Python
6
star
35

kmdhook

C++
6
star
36

HaikuSyscallFuzzer

A fuzzer for the haiku OS
Assembly
6
star
37

wonton_memory

5
star
38

fork-sentry

GitHub Action for detecting and alerting on suspicious forks of your repository
Python
5
star
39

hsdis

CFG generator for HSVM binaries
JavaScript
4
star
40

ugo

IDA Hexrays plugin for Go binaries
C++
4
star
41

DynamicEntry

Dynamic instrumentation of Apache Tomcat to kill XSS.
Java
4
star
42

poser

C
4
star
43

CSAW-CTF-2020-Quals

Challenge repository for CSAW CTF Quals 2020
Python
4
star
44

Jinga

PHP
4
star
45

observability

Grafana stack for logging and metrics
Shell
3
star
46

LeakyPastes

Looking at what people post to public pastebins
Python
3
star
47

CSAW-CTF-2020-Finals

C
3
star
48

superbot-public

Discord Email Verification Bot
JavaScript
3
star
49

csaw-2015-TBBPE

CSAW 2015 challenge
Ruby
1
star
50

CSAW-CTF-2013-Finals

CSAW CTF 2013 Finals
Python
1
star
51

CSAW-CTF-2014-Finals

CSAW CTF 2014 Finals
PHP
1
star
52

kek-tools

C++
1
star
53

CSAW-CTF-2013-Quals

CSAW CTF 2013 Quals
Python
1
star
54

CSAW-CTF-Anubis-2020

JavaScript
1
star
55

CSAW-RED-2018-Quals

Challenge repository
Python
1
star
56

CSAW-CTF-2015-Quals

CSAW CTF 2015 Quals
CSS
1
star
57

CSAW-RED-2020-Quals

CSS
1
star
58

CSAW-CTF-2014-Quals

CSAW CTF 2014 Quals
Python
1
star
59

CSAW-CTF-2015-Finals

CSAW CTF 2015 Finals
C
1
star
60

CSAW-RED-2020-Finals

Repository for the CSAW RED 2020 Finals challenges
HTML
1
star
61

CSAW-CTF-2023-Finals

Challenge repository for the 2023 CSAW CTF Finals
Python
1
star
62

recruit-CTFd

Python
1
star