mirror of
https://github.com/adulau/Open-Source-Security-Software-hackathon.git
synced 2024-12-27 19:26:04 +00:00
161 lines
8.7 KiB
TeX
161 lines
8.7 KiB
TeX
% !TEX program = XeLaTeX
|
||
\documentclass{beamer}
|
||
\usetheme[pageofpages=of,% String used between the current page and the
|
||
% total page count.
|
||
bullet=circle,% Use circles instead of squares for bullets.
|
||
titleline=true,% Show a line below the frame title.
|
||
alternativetitlepage=true,% Use the fancy title page.
|
||
titlepagelogo=oss-software-hackathon.png,% Logo for the first page.
|
||
% watermark=watermark-polito,% Watermark used in every page.
|
||
% watermarkheight=100px,% Height of the watermark.
|
||
% watermarkheightmult=4,% The watermark image is 4 times bigger
|
||
% than watermarkheight.
|
||
]{Torino}
|
||
|
||
%\usepackage{xeCJK}
|
||
%\usepackage{ruby}
|
||
%\setCJKmainfont{Hiragino Mincho Pro}
|
||
%\renewcommand{\rubysep}{0.1ex}
|
||
|
||
\usepackage[utf8]{inputenc}
|
||
\usepackage{tikz}
|
||
\usetikzlibrary{shapes,arrows}
|
||
\usepackage{listings}
|
||
\lstset{ %
|
||
language=C, % choose the language of the code
|
||
basicstyle=\footnotesize, % the size of the fonts that are used for the code
|
||
numbers=left, % where to put the line-numbers
|
||
numberstyle=\footnotesize\color{cyan}, % the size of the fonts that are used for the line-numbers
|
||
stepnumber=1, % the step between two line-numbers. If it is 1 each line will be numbered
|
||
numbersep=5pt, % how far the line-numbers are from the code
|
||
backgroundcolor=\color{white}, % choose the background color. You must add \usepackage{color}
|
||
showspaces=false, % show spaces adding particular underscores
|
||
showstringspaces=false, % underline spaces within strings
|
||
showtabs=false, % show tabs within strings adding particular underscores
|
||
rulecolor=\color{red},
|
||
frame=single, % adds a frame around the code
|
||
tabsize=2, % sets default tabsize to 2 spaces
|
||
captionpos=b, % sets the caption-position to bottom
|
||
breaklines=true, % sets automatic line breaking
|
||
breakatwhitespace=false, % sets if automatic breaks should only happen at whitespace
|
||
escapeinside={\%*}{*)} % if you want to add a comment within your code
|
||
}
|
||
\usepackage{hyperref,xcolor}
|
||
\renewcommand\UrlFont{\color{red}\sffamily\tiny}
|
||
|
||
\author{\includegraphics[height=.04\paperheight]{twitter.png}@circl\_lu - \emph{TLP:WHITE}}
|
||
\title{The (potential) Art of the Hackathon}
|
||
\subtitle{A blend of ideas, code, documentation, GUI, UX to {\bf happy infosec communities}}
|
||
\institute{\url{info@hack.lu}}
|
||
\date{March 26, 2018}
|
||
|
||
\begin{document}
|
||
|
||
\begin{frame}[t,plain]
|
||
\titlepage
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{Objective}
|
||
\begin{center}
|
||
The objective of this hackathon is to have an interactive session in order to exchange, {\bf enhance} and discover new {\bf Open Source Security Software} and tools. The aim is not to be fully exhaustive or have a nicely packaged software at the end of the day, but to either bootstrap a new project, bootstrap enhancements on existing projects or improve {\bf interoperability}.
|
||
\end{center}
|
||
\begin{center}
|
||
As we are all learning together, don't hesitate to ask questions to each other and {\bf interact during the session(s)}.
|
||
\end{center}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{What a hackathon is not (in our view) \ldots}
|
||
\begin{itemize}
|
||
\item \ldots CTF (Capture The Flag)
|
||
\item \ldots Game of Code (code competition)
|
||
\item \ldots place to measure skills or be condescending if someone does not know something
|
||
\item \ldots place to work (Fun takes priority and everything is informal and the Hacker Ethic\footnote{\url{http://www.acrewoods.net/free-culture/the-hacker-ethic-and-meaningful-work}} prevails)
|
||
\item \ldots sprint, Hackathons like Marathons, is not conquered by going as fast as possible early-stage, {\bf being constant and persevering is key}
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{A hackathon is (in our view) a\ldots}
|
||
\begin{itemize}
|
||
\item \ldots place to learn from each other
|
||
\item \ldots great opportunity to connect with like-minded people in real life
|
||
\item \ldots constant discovery of new stuff, tools, techniques, recipes, concepts, thoughts
|
||
\item \ldots bringing {\bf communities together\footnote{\tiny Social Architecture, Pieter Hintjens \url{http://www.foo.be/docs-free/social-architecture/main.pdf}} and improving interoperability between Open Source Security Software}
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{What are requirements? Do I need to know the latest programming language?}
|
||
\begin{itemize}
|
||
\item Good news everyone! {\bf NO} special Ninja, Samurai or other 31337 Hax0r skillz needed.
|
||
\item Hackathons have produced amazing: documentation, examples on software use-cases, graphic designs, etc\ldots without any magical powers ;)
|
||
\item One requirement is: be curious, adventurous, challenging in your ideas and respectful
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{HELP, I am overwhelmed \& not sure how to start}
|
||
\begin{itemize}
|
||
\item Relax, you are not alone, we are also overwhelmed how awesome the group is :)
|
||
\item Look around you, amazing people are present who help each other to get started
|
||
\item Set yourselves goals, make a quick evaluation on how realistic it is
|
||
\item Ask and share your ideas, questions and requests
|
||
\begin{itemize}
|
||
\item {\bf 5 minutes introduction per project (at the beginning of the hackathon)}
|
||
\item {\bf 5 minutes presentation interrupt (when ever you like)}
|
||
\end{itemize}
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{What have been done in previous OSSS hackathons? 1/3}
|
||
\begin{itemize}
|
||
\item MISP\footnote{\url{https://www.misp-project/}} \& Cortex\footnote{\url{https://github.com/TheHive-Project/Cortex}} integration to allow the information sharing platform MISP to connect \& use Cortex intelligence services. Cortex 1.1.1: 2-way MISP integration now a reality
|
||
\item cve-search performed a new major release \& reorganised the contribution aspect to ease the external contribution \& test suite improvements
|
||
\item shotovuln\footnote{\url{https://github.com/444xxk/shotovuln}} - an offensive bash script for pentesters to find generic privesc issue on Unix boxes
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{What have been done in previous OSSS hackathons? 2/3}
|
||
\begin{itemize}
|
||
\item Viper\footnote{\url{https://github.com/viper-framework/viper}} made significant progress towards Python 3 support, including work on Python 3 port of PEfile \& the creation of an open test suite for PEfile
|
||
\item A new project has been evaluated for the exchange of software vulnerability information within open source projects supporting software evaluation, or security assessment. The idea is to share a common format between cve-search\footnote{\url{https://www.cve-search.org/}}, aboutcode to share software vulnerabilities within open source projects
|
||
\item Updates in JSMF-Android\footnote{\url{https://github.com/ICC-analysis/JSMF-Android}} - Analysis of Inter-Component Communication links (ICC) \& source code of Android applications (AST)
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{What have been done in previous OSSS hackathons? 3/3}
|
||
\begin{itemize}
|
||
\item The Seeker of IoC - CERTitude\footnote{\url{https://github.com/CERT-W/certitude}} is a Python-based tool, which aims at assessing the compromised perimeter during incident response assignments
|
||
\item Improvement of mail\_to\_misp\footnote{\url{https://github.com/MISP/mail_to_misp/}} with support for Thunderbird was added
|
||
\item MISP taxonomy\footnote{\url{https://github.com/MISP/misp-taxonomies}} improvement with assessment of the analysts
|
||
\item MISP galaxy\footnote{\url{https://github.com/MISP/misp-galaxy}} improved with an extended ransomware cluster
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{What's next?}
|
||
\begin{itemize}
|
||
\item Open discussion on what ideas people already have and want to hack on
|
||
\item Do we want to group together on certain ideas?
|
||
\item Panic, I still do not feel comfortable on what to do\ldots $\to$ No worries, projects have idea lists\footnote{\url{https://github.com/MISP/MISP/wiki/Hackathon}}.
|
||
\end{itemize}
|
||
\end{frame}
|
||
|
||
\begin{frame}
|
||
\frametitle{Flexitime-line in Luxembourg and Japan - 26 March 2018}
|
||
10:00 - Hackathon intro \\
|
||
10:10 - Project 5 minutes round table\\
|
||
12:30 - Lunch (while hacking)\\
|
||
18:00 - Conclusions, what have we learned \\
|
||
19:00 - The end? Next hackathon? \\
|
||
anytime - 5 minutes break presentation
|
||
\end{frame}
|
||
|
||
|
||
\end{document}
|
||
|