For the end of semester meeting for Fall 2020, we discussed the topics and events from the semester as well as the upcoming topics for Spring 2021.
This semester, Auburn EHC covered many topics, a short list of the topics we covered is below
We started off the semester with a short cybersecurity bootcamp, designed to give those who might be less familiar with cybersecurity an introduction to it. It covered the basics of both defensive and offensive security.
The first main topic of the semester was open source intelligence, or OSINT. We covered many of the primary methods of collecting information such as using Google dorking, social media, and domain names.
Web Application Hacking
Then we covered Web application hacking, where we went over some of the basics of website security and penetration. We went over the OWASP top 10 to view common vulnerabilities of websites, and covered many different tools for scanning and breaking websites.
Our discussion of Cryptography included not only strictly crypto, but also similar topics such as encoding, obfuscation, and hashing. In addition to these, we also discussed many different types of ciphers and encryption.
Threat Intelligence and Network Analysis
This meeting covered a basic overview of both threat intelligence and network analysis. For threat intelligence, we discussed the problem of advanced persistent threats and gave a brief description of the Mitre ATT&CK framework. Then for network analysis, we covered the OSI network model and demonstrated how to analyze network traffic.
The final topic covered of the semester was penetration testing which covered some of the basics of pentesting. Some topics included how to use OSINT techniques to gain information about a target, and methods and tools to exploit a vulnerable service
This year AUEHC and many of its members participated in many different CTF challenges and other competitions, a short list of which is listed below.
- NSA Codebreakers
- North Eastern CPTC Qualifiers
- DoE Cyberforce
Spring 2021 Plans
For the Spring 2021 semester, we plan to focus more on defensive security and some of the topics we plan to cover include digital forensics, blue team basics, assembly and reverse engineering, and video game hacking, among a few other topics.
In Spring 2021, we plan to participate in quite a few events. There are two CTF competitions planned, Texas A&M’s TAMUCTF, and our own Auburn CTF, AUCTF. Additionally, two events are planned with national labs, Los Alamos National Laboratories’s host forensics event on January 4th and 5th, and a cyber boot camp hosted by Sandia National Lab. Finally, there are still some ongoing projects being worked on in AUEHC, such as the attack/defense project, the HackTheBox CTF, and NSA Codebreakers.
Thank you for joining us this semester, and we hope to see you in the next one!