Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Hands-on cybersecurity activities [clear filter]
Tuesday, August 13
 

8:30am EDT

Building an exploitable WiFi environment for your classroom
With the widespread of WiFi nowadays, it is important to show students how WiFi exploitation happens in practice. The theory behind exploiting WEP and WPA2 has been available for a number of years. However, it has not been easy to offer students the opportunity to apply these theories in a real environment. In this workshop, you will learn about WiFi access points which can be configured for exploitation. We will discuss scenarios where WEP access points have connected clients and no connected clients as well as WPA2. You will learn how Raspberry Pis can be used to act as the necessary clients for those access points. In addition, you will have access to the Raspberry Pi scripts and all access point configuration directions.

Speakers
avatar for Ahmed Ibrahim

Ahmed Ibrahim

University of Virginia
Ahmed Ibrahim is an Assistant Professor in the Department of Computer Science at the University of Virginia. He holds a PhD from the University of Kentucky and two M.Sc. Degrees. Ahmed also has a Certificate in College Teaching and Learning and is actively participating in teaching... Read More →


Tuesday August 13, 2019 8:30am - 11:20am EDT
Room C

8:30am EDT

Hands on Penetration Testing Workshop with Kali Linux, Metasploit and Windows
As with most things in the Security realm, before you can defend against attacks, you need to understand how the attackers work before you can defend and mitigate against them.

This invaluable hands on (BYO Laptop) workshop will showcase some new Cyber Range college/intermediate level penetration testing labs that the Cyber Range is in the process of publishing for instructor general availability. Come experience some of this powerful hands on content as you use your Range Kali attack VM and vulnerable target Windows VM to grok how these attacks actually function. After learning how to utilize these tools to pentest our own systems, we find ourselves in a better place to discuss the measures one would need to take to prevent or mitigate against such attacks and in the process, increase our own network security profile

Workshop Labs and Handouts Include:
- Lab 1 - Launching & Defending Against a Windows DoS Attack
- Lab 2 - Password Credential Keylogging
- Lab 3 - Trojan Malware - popping a reverse shell on a target


Speakers
avatar for Thomas 'Tweeks' Weeks

Thomas 'Tweeks' Weeks

Consulting Cloud Engineer, VA Cyber Range
Tweeks (or Thomas Weeks) is the Director of Future Technology at Virginia Tech, Division of IT, and also sits as a Consulting Engineer at the Virginia Cyber Range where he creates cloud VM images for the Range, writes/edits Range labs, and works with Range authors to get their lab... Read More →


Tuesday August 13, 2019 8:30am - 11:20am EDT
Dewberry Hall

8:30am EDT

Scanning for Vulns and Throwing Sploits -- Without Leaving Your Desktop
Understanding the difference between vulnerabilities and exploits is an important part of a cybersecurity student’s education. One of the best ways to gain this understanding is by actually exploiting vulnerabilities on target systems. In this workshop, attendees will learn how to use freely available security tools to teach basic exploitation concepts. The workshop will begin with a discussion of VirtualBox with an emphasis on those configurations necessary for safely launching exploits in a virtual environment. After a review of VirtualBox, attendees will explore Metasploitable, an intentionally vulnerable operating system designed for testing security tools and demonstrating common vulnerabilities. After Metasploitable, workshop users will review Kali Linux and its embedded vulnerability and exploitations tools, including nmap, but especially Metasploit, the leading software platform for developing, testing, and executing exploits. The workshop will close by teaching attendees how to launch exploits against target Windows and Linux Metasploitable systems.

After the workshop, electronic copies of all the presentation and lab materials will be provided to attendees so that they can be used in their own courses.

Speakers
avatar for Marija Banovic

Marija Banovic

Student, The George Washington University
Marija Banovic was born and raised in the Balkan region. After completing high school she moved to the United States to pursue a better future. She graduated from Montgomery College with an AAS in Cybersecurity and, upon graduation, received the Montgomery College Award for Excellence... Read More →
avatar for David Vargas

David Vargas

Lecturer, The George Washington University
David Vargas is President of VATG, Inc. and adjunct professor of cybersecurity at The George Washington University. He has worked extensively in cybersecurity in both the public and private sectors and often shares his expertise at security conferences and professional meetings nationwide... Read More →


Tuesday August 13, 2019 8:30am - 11:20am EDT
Bistro

2:30pm EDT

A Beginners Guide to Kali and its tools
As a K12 educator in cybersecurity, I am experienced with how difficult it is to get started in teaching the topic. Years of tinkering, testing, and research has given me the ability to explain what works and what the industry uses. The purpose of being an educator is to prepare students for a career. This workshop is a primer on the Kali OS and its tools. I see this as a necessity in the cybersecurity field, as this is the OS that most security teams will use. Time permitting this workshop will cover the basics of Linux commands, Wget, TheHarvester, Social engineering toolkit (SET), Ncat, Nmap, Metasploit, and Wireshark. The workshop will place you in the shoes of a hacker creating a fast credential harvesting website, creating a IRC chat room, and exploiting vulnerabilities in Metasploitable 3. The workshop will require Virginia Cyber Range access to complete the hands-on labs. Educators will be provided with a PowerPoint, resource list, video tutorial, and the project files VIA download. It requires no prior knowledge, but some understanding of network protocols will be beneficial.

Speakers
avatar for Eric Kiser

Eric Kiser

Technology Teacher, Nelson County High School
I am a high school computer technology teacher and have been for 7 years.  I have been educating students in Cybersecurity for five years. I am writing a course for the VACR Called, Advanced Ethical Hacking: Authorized to do Unauthorized Things. I have a long history with computers... Read More →


Tuesday August 13, 2019 2:30pm - 4:20pm EDT
Room C

2:30pm EDT

Hands-on Hacking: CTF Workshop
If done well, a capture-the-flag (CTF) competition is an educational experience disguised as a competition. It’s hard not to get excited after teaching yourself a new skill, finding a flag, then being rewarded with CTF points. Bring your laptop! In this workshop, we will introduce different types of CTF competitions and describe how we have used them with students and IT professionals to drive interest and enhance learning in cybersecurity topics. You will also learn how to approach different types of CTF challenges and the tools you can use to solve them. You might even get some hints related to the conference CTF!

Speakers
avatar for David Raymond

David Raymond

Director, Virginia Cyber Range, Virginia Tech
Dr. David Raymond serves as Director of the Virginia Cyber Range and Deputy Director of Virginia Tech’s IT Security Office and Lab. He also teaches courses on networking and cybersecurity in the Virginia Tech Masters of Information Technology program and serves as faculty advisor... Read More →


Tuesday August 13, 2019 2:30pm - 4:20pm EDT
Dewberry Hall

2:30pm EDT

NICERC's Cybersecurity Fundamentals (lab content for the high school classroom)
Explore a deep-dive tour of NICERC's Cybersecurity Fundamentals course. See how traditional classroom instruction blends with hands-on activities to get students interested in and talking about careers and degrees in cybersecurity. Developed in partnership with Grambling State University (LA) and making use of the Virginia Cyber Range, Cybersecurity Fundamentals takes students on a journey that investigates Ethical Hacking, Penetration Testing, Social Engineering, and Vulnerability Assessment.
As a result of this session, you will learn how to use the cyber range and will learn cybersecurity concepts that should be taught in a cybersecurity class. Participants will discuss what the expectations are for students looking to pursue cybersecurity in college and you will learn how to register for FREE access to ALL of NICERC's content including more than 15 titles for use in your classroom, school, or district.

Participants should bring a laptop or mobile device capable of running an internet browser and connecting to the Virginia Cyber Range. Additionally, participants should register for access to all of NICERC's content at https://nicerc.org/curricula/curriculaaccess/

The presentation from this session is available here: https://docs.google.com/presentation/d/1aqX880Nv3eJbWDXchYfERxfDY8KBaFPaaMy_x734fA4/edit#slide=id.p6

Speakers
avatar for Chuck Gardner

Chuck Gardner

Director of Curriculum, Cyber Innovation Center
As the Director of Curriculum for NICERC, Chuck oversees the development and distribution of STEM, cyber, and computer science content as part of a grant through the Department of Homeland Security's Cyber Education Training and Assistance Program (CETAP). NICERC's team of subject... Read More →


Tuesday August 13, 2019 2:30pm - 4:20pm EDT
Bistro