Fall 2023

Paved Roads to macOS Security

Friday, December 1, 2023 at 4:00pm
Shriram 366

How can we tame an unruly macOS fleet? Come learn how to transform an unmanaged laptop into a safe, secure platform. We’ll look at how attackers commonly compromise macOS laptops and some of the most effective tools and approaches to stop them.

Speaker: Brad Girardeau
Brad Girardeau is a security engineer at Figma leading efforts to protect its macOS fleet. Before that, he worked on product security at Dropbox and is an Applied Cyber alum.

OSINT: The Dignified Way to Say Stalking

Friday, November 17, 2023 at 4:00pm
Shriram 366

Become a digital detective at this week’s Applied Cyber workshop! Come learn all about OSINT (Open Source INTelligence), which is the art of using publicly available data to generate useful information. OSINT is used for penetration testing, business, research, investigative journalism, and much more. We’ll first take a look at a viral example of OSINT focusing on geolocation, and then explore a variety of other common techniques before giving you a chance to try them all out on your own!

Speaker: Teddy Zhang
Teddy Zhang is the Workshops Lead for Applied Cyber and a junior at Stanford studying CS on the systems track. He has served as a TA for Hack Lab (INTLPOL 268), and also enjoys playing the bassoon.

Intro to IoT hacking

Friday, November 10, 2023 at 4:00pm
Shriram 366

IoT (Internet of Things) devices are a staple of the modern world. But, as common as they are, they can be surprisingly easy to hack. In this workshop, we’ll explore the basics of Bluetooth LE (low energy) hacking by using your computer to take control of popular smart devices. We will use an open source software called Bleak to scan for, connect to, and send instructions to these insecure devices.

Speaker: Teddy Zhang
Teddy Zhang is the Workshops Lead for Applied Cyber and a junior at Stanford studying CS on the systems track. He has served as a TA for Hack Lab (INTLPOL 268), and also enjoys playing the bassoon.

Intro to Rust, the Hot Crustacean Band

Friday, November 3, 2023 at 4:00pm
Shriram 366

Memory safety vulnerabilities like use-after-free and buffer overflows account for a huge portion of security vulnerabilities. The best defense against memory safety issues is to use a language that doesn’t have them. Rust is a blazingly fast memory safe language with a rich type system that eliminates entire classes of bugs. It’s a joy to work with, and you should consider writing your next project in Rust!

Speaker: George Hosono
George Hosono is an Applied Cyber alum who is a recent coterm grad in Computer and Network Security with an interest in all things related to systems, networking, and cryptography. While at Stanford, George CA’ed CS 155 (Computer and Network Security), CS 255 (Cryptography), and CS 152 (Trust and Safety Engineering).

Cracking the Code: Intro to CTF Competitions

Friday, October 27, 2023 at 4:00pm
Shriram 366

What is a CTF? A Capture-The-Flag is a popular cybersecurity competition format, and this beginner-friendly presentation will demystify the CTF for you. We’ll jump right into exciting live demos of real CTF challenges, and show you how accessible and fun this can be. There’ll be opportunities for you to join CTFs with the club + capture some boba!

Speakers: Yasmine Mitchell and Teddy Zhang

Yasmine Mitchell is a senior at Stanford in the Computer Science computer and network security track with an interest in networking and misinformation studies. She is currently serves as the AC Financial Officer and a captain of Stanford’s CPTC team.

Teddy Zhang is the Workshops Lead for Applied Cyber and a junior at Stanford studying CS on the systems track. He has served as a TA for Hack Lab (INTLPOL 268), and also enjoys playing the bassoon.

A Brief History of iOS Jailbreaking

Friday, October 20, 2023 at 4:00pm
Shriram 366

Everything you ever wanted to know about iOS jailbreaking! Dive into the insane technical exploits, complex economics, and juicy drama of the iOS jailbreaking scene. Come for live demos and to learn how jailbreaking may help you.

Speaker: Cody Ho
Cody Ho is the Vice President of Applied Cyber and a senior studying Symbolic Systems and Computer Science. Cody’s academic pursuits focus on the intersection of machine learning and cybersecurity, with extensive experience that spans AI safety and ethics, low level systems and networking, HPC workloads, and reverse engineering malware. Cody is a member of Applied Cyber’s CCDC and CPTC teams focusing on Linux and Windows defense and automation.

Intro to Security Workshop

Friday, October 13, 2023 at 4:00pm
Shriram 366

Join us this week for an introductory web security workshop! Hack into AC’s favorite cat-themed startup that’s riddled with common vulnerabilities. You’ll also learn how to defend against these attacks if you were building a startup, and hear some war stories along the way.

Slides

Speaker: Aditya Saligrama
Aditya Saligrama is the President of Applied Cyber and a senior from the Boston area studying Computer Science on the systems track with interests in web, mobile, and cloud security, distributed systems, and open source software. He competes on the CCDC team as Linux & Cloud lead, helping bring home a National Championship in 2023, and leads web penetration testing on the CPTC team.

Security Advances in Software-Defined Networking

Friday, October 6, 2023 at 4:00pm
Shriram 366

The tenets of Software Defined Networking have completely shifted the traditional paradigm of networking. No longer do individual network devices need to independently compute routes or manage traffic signaling. Instead, through the magic of SDN, the control plane for each device is decoupled from the data plane and centralized across the network. This reduces overall workload for individual devices and allows greater CPU allocation for data plane tasks, reducing latency. In relation to security, SDN reimagines networks through concepts of virtual network segmentation, allowing administrators to gain granular control over network clients and applications. Along with centralized network visibility, user profiling and posture assessment, faster incident response times and so much more, SDN is revolutionizing networks and security across the world.

Speaker: Karthik Kaligotla
Karthik Kaligotla is a student at Centennial High School in Texas and has acquired many notable certifications including the CCNP Security, CCNA, and DevNet Associate. He is deeply committed to advancing the cybersecurity landscape and is passionate about automating security within networks across the world.