Older Events
Spring 2022
SGX Explored
Friday, May 20, 2022 at 5:00pm
Shriram 368
Speaker: Paul Crews, Stanford alum and former President of Applied Cyber
Snoopy: Surpassing the Scalability Bottleneck of Oblivious Storage
Monday, May 16, 2022 at 5:00pm
Shriram 368
Speaker: Micah Murray, President of Applied Cyber
Ransomware: A Tale of Two Markets
Wednesday, May 11, 2022 at 5:30pm
Y2E2 382
Speaker: Jack Cable, Senior Technical Advisor to CISA and Applied Cyber Alum
Fantastic OAuth tokens and where to find them
Monday, May 9, 2022 at 5:00pm
Shriram 368
Speakers: Aditya Saligrama and Glen Husman (Applied Cyber Competitions Lead)
Laptop Backdoors and Boot Security; Heads Firmware
Monday, May 2, 2022 at 5:00pm
Shriram 368
Speaker: Cody Ho, Applied Cyber Financial Officer
Google Gruyere Workshop
Monday, April 25, 2022 at 5:00pm
Shriram 368
Speaker: Yasmine Mitchell, Vice President of Applied Cyber
Primer on the Lapsus$ Cyber-Criminal Group
Monday, April 18, 2022 at 5:00pm
Shriram 368
Speaker: Yasmine Mitchell, Vice President of Applied Cyber
Goldilocks and the Bears - A primer on Russian cyber actors
Monday, April 4, 2022 at 4:00pm
Shriram 368
Speaker: Alex Keller, Applied Cyber Staff Advisor
Winter 2022
Vulnerability Research Topics
Friday, February 25, 2022 at 5:00pm
Shriram SB33
Speaker: Brandon Azad, Applied Cyber founder and Stanford alum
Firebase: Insecure by Default
Friday, February 18, 2022 at 5:00pm
Shriram SB33
Firebase is an easy-to-use database implementation widely used by new app developers and up-and-coming startup MVPs. If you walk through a hackathon, odds are everyone is using Firebase. This holds true for Stanford’s undergraduate startup culture. We have found the vast majority of these Stanford focused mini-startups use Firebase. This includes Queer Chart, Buzz, Lighthouse, and many more!
Yet Firebase databases are incredibly difficult to properly implement. This is because most Firebase databases directly communicate with the app — thus allowing the end user to directly interact with the database. While this can be mitigated using strong user control rules, this is done inadequately (or not at all) in practice — leaving most Firebase implementations dangerously insecure, by default.
During this Friday’s talk, Aditya Saligrama and Miles McCain will take us through Firebase insecurity, showing us examples from an app widely used by Stanford students that had critical vulnerabilities due to badly configured Firebase. This story has it all — drama, suspense, and expert hacking. This is a talk you do not want to miss!
Projects & Reversing Updates
Friday, February 11, 2022 at 5:00pm
Shriram SB33
Speaker: Nathan Bhak, Applied Cyber Projects Lead
Mechanics of Exploiting Log4j
Friday, February 4, 2022 at 5:00pm
Shriram SB33
The recent Log4j vulnerabilities (CVE-2021-4428 et al) are arguably the most serious threat since the NSA lost control of Eternal Blue. This Java logging library is vastly deployed within both commercial and open source software - affording a massive attack surface. But there’s a twist, the remote attack vector involves sending a malicious text string to a network service that then passes it to Log4j where it is acted up to make a special lookup that eventually results in the execution of a payload.
So if this vulnerability is so severe, why haven’t we seen mass compromises yet? In part this is because the attack is indirect, where successful exploitation differs based on the exposed service and preconditions of the application stack. Reliable attack tools take time to develop and their capabilities are initially constrained if the attack surface has high diversity with nuanced permutations that render exploitation a matter of “it depends”.
Speaker: Alex Keller, Applied Cyber Staff Advisor
Hack the Box Walkthroughs
Friday, January 8, 2022 at 5:30pm
Remote
Speaker: Micah Murray, President of Applied Cyber
Fall 2021
SSH agent exploitation and SSH alternative research
Monday, November 15, 2021 at 5:00pm
Shriram SB33
Speaker: Laura Bauman
Conflict-Free Replicated Data Types (CRDTs)
Monday, October 25, 2021 at 5:00pm
Shriram 262
Speaker: Ruslan Al-Jabari
Unicode Collisions and Web Attacks
Monday, October 18, 2021 at 5:00pm
Shriram SB33
Speaker: Cooper de Nicola, Applied Cyber NTM Lead
Controversy Surrounding Apple CSAM Policies
Monday, October 11, 2021 at 5:00pm
Shriram SB33
Speaker: Micah Murray, President of Applied Cyber
Unpacking CVE-2021-40444 (Microsoft Office RCE)
Thursdy, September 23, 2021 at 4:00pm
Remote
Join us for Bill’s technical deep dive and reversal of the recently discovered CVE-2021-40444, a high severity Microsoft Office remote code execution (RCE) being broadly exploited in the wild.
Speaker: Bill Demirkapi
Spring 2021
In Conversation with Julie Tsai
Thursday, May 26, 2021 at 4:00pm
Remote
As an experienced cybersecurity and DevSecOps professional, Julie Tsai (Head of Information Security at Roblox) has a bedrock passion for security, privacy - and enabling technology to better society. Julie received her B.A. in Political Science with a minor in Economics while at Stanford.
Winter 2021
Bug Bounty Hunter from Down Under
Friday, February 12, 2021 at 4:00pm
Remote
Jackson Henry is an accomplished security researcher and bug bounty hunter hailing from Sydney, Australia - notably talented even before you consider his 15 years of age. Specializing in OSINT and web application penetration testing, Jackson continues to rack up CVEs and notoriety for his ethical hacking expertise, including recent recognition from the United Nations for discovering and reporting (along with colleagues John Jackson, Aubrey Cottle, and Nick Sahler) a misconfiguration exposing 100,000 UN staff records. Join us to hear about his infosec journey, current projects, and a demo of his favorite techniques.
Women in Cyber Security Panel
Friday, February 5, 2021 at 5:00pm
Remote
Spring 2020
#Forgottenmemories // Forensics & Photography with Gillis Jones
Wednesday, May 27, 2020 at 4:00pm
Remote
Join Stanford Applied Cyber for a talk by hacker and photojournalist Gillis Jones who will introduce his #ForgottenMemories project which is a forensic journey through the banal, the profound, and the profoundly disturbing world of images from people’s everyday lives meticulously recovered from “Formatted” SD cards available for sale in third party markets around the world.
A fascinating endeavor at the intersection of technology, photography, and ethnography, Gillis will brief us on the inception of this project, delve into forensic recovery techniques, and showcase some of his favorite images.
Winter 2020
Intro to Metasploit Workshop
Friday, February 7, 2020 at 4:30pm
Y2E2 382
Join us for an introduction to Metasploit with Anna Zeng and Michael Hayashi. Come learn the basics of a popular offensive framework and test your new skills on a live cyber range!
Fall 2019
Math, Motion, and Machine Learning: Implicit Authentication in the Real World
Tusday, December 3, 2019 at 6:00pm
Gates 174
How do you identify people? What is it that makes you, you? Certain aspects of human behavior can be as unique and as hard to spoof as a fingerprint. The way you walk, the way you move, the places you go, and your little idiosyncrasies have the promise of being more convenient and more secure than other forms of authentication like passwords or biometrics. But there are significant practical challenges in building a system that can authenticate you to >99% accuracy with just a few seconds of passive sensor readings while still maintaining user privacy. It requires lots of advanced math, signal processing, machine learning, tricky engineering, and re-thinking existing security paradigms.
Come hear about our experience in building such a platform and a glimpse into the future of authentication.
Speaker: John Whaley, CEO and Founder of UnifyID, Stanford CS Alum
A Thousand Ways To Track You on The Web, And How To Start To Protect Yourself
Thursday, November 21, 2019 at 6:00pm
Gates 174
Without protection, users on the web are tracked on nearly every site they visit, by parties familiar and unknown alike. This talk will give some background to how tracking became so rampant on the web, along with why it should be a cause for concern to everyone. The majority of the talk will then discuss how web users are tracked, using methods ranging from dead simple too sophisticated and complex. We’ll spend some time thinking through counter measures, both deployed and theoretical, including a comparison of existing popular blocking tools. Finally, we’ll discuss some possible, planned future defenses.By the end of the talk, attendees should have a much better understanding of the scale of the tracking problem, along with which tracking methods we have solutions to, and which the privacy community still needs to address.This will be an informal presentation, with an emphasis on discussion and working through problems together.
Speaker: Pete Snyder, privacy researcher at Brave Software
Nmap Host and Service Enumeration like a FOSS
Wednesday, October 23, 2019 at 4:00pm
Spilker 143
Learn to use one of the most versatile tools in the security domain! Bring your laptop for a hands-on Nmap workshop where you will perform host and service enumeration on live targets. We will start with the basics on how to install Nmap, run your first scan, and progress through more sophisticated techniques like OS and service detection.
Speakers: Ellie Dunn and Alex Keller (Applied Cyber staff advisor)
Spring 2019
Applied Defense at Google
Wednesday, May 22, 2019 at 3:00pm
Y2E2 382
Learn about real-life cybersecurity issues at scale and how approaches may differ between internet-based tech companies and other industries like intelligence and finance.
Speaker: John Asante
Pursuing Novel Discoveries in APT Research
Wednesday, May 1, 2019 at 3:30pm
Shriram SB35
File similarity technologies applied across petabytes of malware sets generate novel discoveries within APT research, expanding possibilities for clustering and attribution. Let’s examine an overview of clustering, attribution challenges, and examples of such discoveries as supported by our own similarity engine, YARA.
Speaker: Kurt Baumgartner
Winter 2019
Leveraging Apple’s Game Engine to Heuristically Detect macOS Threats
Thursday, March 7, 2019 at 3:00pm
Spilker 317
By examining recent exploits and malware attacks, we’ll illustrate that macOS is a rather vulnerable and an ever more targeted OS. And unfortunately for Mac users, traditional signature-based approaches often fail to detect such threats. Instead a heuristic-based, behavioral approach is clearly needed. In this talk, we will discuss a new open-source monitoring framework which passively collects a myriad of system events. Building on top of this, we will then detail a predicate-based system that leverages Apple’s game (logic) engine to quickly and efficiently apply rules against these events. End result? A comprehensive detection, response and threat hunting platform.
Speaker: Patrick Wardle
Blue Team, Best Team: The joys, pains, and pride of building and running a defensive security organization.
Wednesday, February 27, 2019 at 5:00pm
Shriram 262
The information security community glorifies offensive research, stunt hacks, and red teaming. For many years, defensive work was not viewed as particularly enticing or interesting – but this is starting to change. There has been a catalyst in the defensive world which has pushed detection engineering, response tradecraft, and intelligent engineering back into focus for the industry. As many are starting to realize, defensive work is challenging, rewarding, and can be immensely impactful.
This talk will be an informal and candid exploration of the realities of building and running a blue team for a modern Tech company. Topics covered will include organizational theory, operational challenges, detection engineering philosophy, telemetry and orchestration, and automation. Chris and Dane will also host a short defense-oriented ask-me-anything (AMA) at the end of the talk.
Speakers: Dane Stuckey and Chris Long
Dane Stuckey (@cryps1s) is the CISO / Cyber Janitor for Palantir. Dane has 8 years of information security experience and has specialized in incident detection/response, Windows platform security, and security program development. Prior to joining Palantir full-time, Dane worked in the U.S. Intelligence and Law Enforcement community. Dane graduated with a Bachelors in Information Security with an emphasis in Digital Forensics from the University of Texas, San Antonio."
Chris Long (@centurion) is a Detection and Response (CIRT) Engineer at Palantir. Chris has 8 years of information security experience and has specialized in incident detection/response, MacOS platform security, and is a strong advocate for the osquery platform. Prior to joining Palantir full-time, Chris worked on the Incident Detection and Response Teams for Facebook and Uber.
ForAllSecure Tech Talk
Thursday, January 31, 2019 at 3:00pm
Spilker 143
Interested in learning how to tackle challenging CTF problems from some of the best in the field? Want to learn more about symbolic execution and SMT solvers in practice? Join Applied Cybersecurity and ForAllSecure for a talk on tools and techniques for CTFs!
ForAllSecure combines autonomous machine-based cybersecurity tools with the creativity of humans. The company crafted a fully autonomous cybersecurity system, taking first place at the DARPA Cyber Grand Challenge.
They will talk about using SMT solvers in reversing and CTFs, symbolic execution for CTFs, and real world applications.
Spring 2018
Embedded Device Pwning
Thursday, April 5, 2018
Huang 305
You get your hands on an embedded device - what now? Join us as we learn about basic hardware analysis, reversing extracted firmware, and how to tailor a payload to gain persistence on a device.
Embedded devices are found everywhere. These devices are much more resource constrained than the average computer and tend to be rushed to market. This talk will focus on reverse engineering techniques, ranging from hardware tear-downs to reversing the firmware on the device.
We will scope the talk so that no prior experience will be necessary, and those who focus on software security can hopefully learn about a new class of targets to analyze.
About Leviathan: Leviathan (https://www.leviathansecurity.com) is a security consulting firm based out of Seattle. They work for a mixture of large and small clients, performing assessments for everything from web applications to analyzing unreleased hardware.
Winter 2018
Applied Cyber Hackathon
Saturday, February 4, 2018 at 9:00am
Huang basement
Discover and fix vulnerabilities in open source projects - join us for a day of hands-on learning and security hacking! Applied Cyber and security engineers from Redpoint Ventures http://www.redpoint.com/ are hosting a computer security hackathon on Saturday, February 24th.
Participants, in teams of any size, are tasked with running static analysis on open-source *nix libraries, from OpenVPN to Darknet, SciPy to memcached. From there, they can take on any combination of these three challenges:
- Discover a vulnerability: demonstrate a code exploit, and maybe even walk away from the hackathon with a CVE https://cve.mitre.org/ to your name. The more impactful your discovery, the better.
- Build a defense: implement fixes for everything from memory mismanagement to brand-new vulnerabilities. Reduce attack surface, contribute to a live code base, and prevent future exploits from ever happening.
- Experiment with tools: Redpoint Ventures has built its own static analysis tool based on Clang scan-build. This tool will be provided to all participants at the start of the competition; particularly creative use of this tool will be noted.
Whether you have years of experience or are just getting started, there is an open source project that can use your help. While we have a list of selected projects that can work with Redpoint Venture’s tool immediately, participants should feel free to work on any open source project that interests them.
Join us for a day of hands-on learning and security hacking with prizes!
Fall 2017
Introduction to Hacking: Exploiting Web, Binary, and Crypto Vulnerabilities
Friday, October 27, 2017 at 5:00pm
Shriram 366
Are you interested in cybersecurity? Have you wanted to learn offensive cyber techniques but don’t know where to get started?. The Applied Cybersecurity team is hosting an introductory workshop to get people going with practicing exploitation and offensive cyber techniques in an ethical setting.
Applied Cyber is excited to present the first in a series of workshops aimed at teaching hands-on exploitation techniques to interested students in a friendly and legal setting! In particular, we will focus on gaining familiarity with techniques used for competing in Capture the Flag (CTF)* competitions.
We’ll be hosting the first workshop this Friday, 10/27, from 5 PM - 7 PM in Shriram 366 in preparation for the Hitcon CTF next week. Bring a laptop!
This workshop will assume no prerequisite experience with hacking or cybersecurity so please attend regardless of how unfamiliar you are with the topic. For this workshop, we will focus on web vulnerabilities, binary reversing, and some basic cryptography challenges. Note that experience equivalent to CS107 will be useful.
Chip Hacking: Exploiting Systems Beneath the OS
Thursday, October 19, 2017 at 5:00pm
Shriram 262
Baseboard Management Controllers have been deployed over the past decade to allow IT professionals remote access to the underlying hardware of computer systems. In many cases they have vulnerabilities which bypass OS defenses, allowing an attacker complete, undetected control over a machine. As a result, these attacks represent some of the most valuable, dangerous attacks against computer systems.
This workshop will first present what Baseboard Management Controllers are, followed by a demonstration of the recent Intel AMT hack and several other vulnerabilities found in these systems.
We will cover details which draw on CS107-level material. However, people of all backgrounds are welcome.
Spring 2017
Zero to Hero in 60 Weeks: How To Build a World-Class IR Team
Thursday, May 25, 2017 at 4:00pm
Huang 305
Learn from the founding member of Uber’s Security Response team about what it takes to build one of the best security teams in the world.
This talk will deep dive on many technical challenges facing companies today and battle tested solutions that have enabled Uber’s Security Team to respond in any situation.
Alex Levinson is one of Uber’s senior security engineers and has been instrumental in shaping Uber’s Security Response team (Incident Response team) into what it is today. Alex will describe what Uber’s IR team does, explain how the IR team’s mission breaks into technical roles, go over each role in detail, and share how they have evolved over time.
Introduction to Digital Privacy
Thursday, May 11, 2017 at 4:00pm
Old Union 200
Are you new to cybersecurity? Interested in learning how to protect your digital privacy? This workshop will explore some basic security concepts that are relevant to activism, business, and finance.
We will open with guest speaker Jennifer Granick, then break into stations discussing a range of policy and technical topics. Food will be served!
Breakout Sessions
Phishing: Curious about the phishing email that went around last week? Want to learn how to keep yourself safe? We can help you out!
Secure Communication: We will demonstrate how to secure your communications and accounts using encryption and two-factor authentication. Tools such as GPGmail (https://gpgtools.org/) and Signal let you encrypt your emails and messages so that they cannot be read in-flight, ensuring that your conversations remain private between you and the recipient. We’ll also talk about how to add additional security measures to your online accounts to protect against your accounts being hijacked.
Disk Encryption: What is encryption and what does it protect you from? Almost every device today has some support for full-disk encryption. Learning how to set up and use disk encryption is essential to ensuring your privacy and security from both individuals and powerful governments, and everything in between.
Digital Finance and Cryptocurrency: What trust do we place in financial institutions and how are our electronic transactions protected? Learn about the basic security and privacy risks of finance and how cryptocurrencies like Bitcoin address these issues.
Speaker: Jennifer Granick
Granick practices, speaks, and has published books about computer crime and security, electronic surveillance, security vulnerability disclosure, encryption policy, and the Fourth Amendment. She has received the the 2016 Duo Security’s Women in Security Academic Award for her expertise and her guidance for young women in the security industry.
To learn more, check out https://cyberlaw.stanford.edu/about/people/jennifer-granick
The Practical Hacker’s Handbook: Ch 1-3
Thursday, April 13, 2017 at 5:00pm
Spiker 232
WikiLeaks Vault 7: “Marble”: This session will give an overview of the WikiLeaks Vault 7 project and explore the latest release, “Marble,” in more depth. The Marble Framework is an obfuscation library developed by the CIA, and its release was called “one of the most technically damaging” for it. Come learn about what this framework actually does and why it could affect CIA operations. (Presenter: Brad Girardeau)
Fare Hacking: This introductory session will cover techniques for finding and booking significantly discounted plane fares for both domestic and international travel. Learn how to leverage the pro tools of the trade like Google Flights, Matrix ITA, and Momondo to locate the cheapest flights, mistake fares, and coveted “fuel dumping” legs. Bring your laptop and join the hunt for an awesome trip! (Presenter: Alex Keller)
iPhone Jailbreaking 101: This segment will be an introduction to jailbreaking, including what jailbreaking is, how to do it, and what are the consequences. There will be a live example showing how to SSH into a jailbroken iPhone. (Presenter: Brandon Azad)
Spring 2016
Web Hacking: Basic Web-Based Vulnerabilities
Wednesday, May 11, 2016 at 4:30pm
Shriram 366
Want to know how hackers steal password databases and take over websites? Come to our technical workshop this Wednesday to get hands-on experience with web hacking. You will attack a website using cross-site scripting and SQL injection and then exploit the famous Heartbleed and Shellshock bugs to take control of the webserver.
Many browsers (including Chrome) offer protections against cross site scripting that will interfere with the demos. If you want to participate in the cross site scripting demo, we recommend installing Firefox beforehand.
HTML/Javascript knowledge is recommended but not required.
Slaying SSL Dragons with mitmproxy
Wednesday, April 27, 2016 at 4:30pm
Shriram 366
Ever wonder what information your smartphone is giving away?
mitmproxy (mitmproxy.org) is an open source man-in-the-middle HTTPS proxy. It can be used as an interactive proxy to intercept and modify requests or as a passive proxy to act like tcpdump, but for HTTP. It is highly extensible using a simple Python scripting interface. Maximilien Hils, one of the mitmproxy authors, will give a brief introduction to mitmproxy and show how you can use it to debug applications, see what data your smartphone is giving away, tamper with APIs, and more.
There will be a hands-on demo, so feel free to bring your laptop if you want to participate!
Locksport: An Introduction to Ethical Lockpicking
Wednesday, April 13, 2016 at 4:30pm
Shriram 366
This technical session will focus on non-destructive methods for defeating locks with simple tools you can make yourself. Topics will include basic lock design and a sample of picking, raking, and bypass techniques. Additional time will be devoted to discussing the overlap between physical and cyber security. All attendees are expected to strictly uphold the TOOOL (The Open Organisation Of Lockpickers) rules of ethics.
Winter 2016
Network Metadata: What’s all the fuss about?
Thursday, March 3, 2016
Edward Snowden’s NSA revelations made “metadata” a hot news topic as well as a political football. After a brief review of its origin and history, this talk will explain exactly what network metadata is; where it fits in the spectrum of network traffic analysis; why it remains useful even for encrypted traffic; and how you can use it to observe a rich range of system behaviors. Join us for a survey of this timely and interesting topic with Stanford netflow expert John Gerth (CS/EE) and Alex Keller (SoE).
Risk Analysis in the Cyber World
Thursday, February 25, 2016
Join Marshall Kuypers, CISAC fellow for a presentation of quantitative models for determining cyber risk, and decision-making in the face of cyber threats.
Killer Apps: Lethal Software in a Networked World
Thursday, February 4, 2016
Come watch Tim Junio, CEO of Qadium give a presentation on massive data-gathering and all the cool (and terrifying) applications they have found.
Anonymity and the Tor Network
Thursday, January 29, 2016
This will be an overview of techniques and tools used to maintain anonymity over the web. This session will cover both beginner (e.g. Tor) as well as more advanced topics in obfuscation.
Speaker: Mike Precup
Intro to Fuzzing with AFL
Wednesday, January 21, 2016
We will be covering a popular technique called fuzzing or fuzz testing that is used to reveal security vulnerabilities or errors in programs, networks, and operating systems.
Speaker: Brandon Azad
Set Up and Introduction to the Kali Toolbox
Wednesday, January 14, 2016
Kali is a popular and free security platform that contains a wide collection of penetration testing (i.e. hacking) tools. In this session, we will be going over how to set up Kali on a virtual machine and providing a brief overview of select tools on the platform.
Speakers: Emma Marriot, Priyanka Sekhar, and Brandon Azad
Winter 2015
Search Based Exposures (Google Hacking)
Thursday, November 19, 2015
Come join Applied Cybersecurity for our kick-off session with Alex Keller, Systems Admin and Security Lead, Stanford School of Engineering to learn how to find vulnerabilities using web-based search exposure.
Speaker: Alex Keller, Applied Cyber staff advisor