Sheffield Ethical Student Hackers

24 Apr 2023 – AGM + Email Security

Presented by James

Location: Diamond Workroom 3, 7pm - 8:30pm

Difficulty: Easy

Today is our AGM plus a session from James on email security

27 Mar 2023 – CTF Prep

Presented by Mac

Location: Online, 7pm - 8:30pm

Difficulty: Easy

Today's session will be on preparation for the CTF - we'll look at some challenges from last year and have a quick intro to reverse engineering, so try to download Ghidra (https://ghidra-sre.org/InstallationGuide.html) beforehand

06 Mar 2023 – Cryptography

Presented by Atri and Ella

Location: Diamond - Workroom 1, 7pm - 8:30pm

Difficulty: Easy

Join us for a session on cryptography and discover the art of encryption. Explore the techniques used to secure information and gain insight into the world of code-breaking before our visit to Bletchley. This session is open to all members of SESH, CompSoc and SWICS.

27 Feb 2023 – Web Hacking Part 3

Presented by Mac

Location: Hicks Building F28, 7pm - 8:30pm

Difficulty: Easy

More advanced web hacking including deserialisation, NoSQL injection, and some cool supply chain attacks.

20 Feb 2023 – Active Directory

Presented by James & Ayyub

Location: Bartolome House BB15a, 7pm - 8:30pm

Difficulty: Easy

An estimated 90% of the Global Fortune 1000 use Active Directory. Learn how it works, what its weaknesses are and have ago at exploiting what makes up most companies core infrastructure.

20 Feb 2023 – Windows Security

Presented by James & Ayyub

Location: Bartolome House BB15a, 7pm - 8:30pm

Difficulty: Easy

An estimated 90% of the Global Fortune 1000 use Active Directory. Learn how it works, what its weaknesses are and have ago at exploiting what makes up most companies core infrastructure.

13 Feb 2023 – Windows Security

Presented by Mac & Atri

Location: Diamond - Workroom 1, 7pm - 8:30pm

Difficulty: Easy

We'll teach you some theory and crucial commands, then test some exploits old and new, including Follina, Eternal Blue, and Potato Attacks

06 Feb 2023 – Web Hacking Extras

Presented by Sam & Atri

Location: Arts Tower - Lecture Theatre 5, 7pm - 8:30pm

Difficulty: Easy

Some new web attacks and DVWA

05 Dec 2022 – Xmas CTF 🎅

Presented by Mac

Location: Diamond Theatre 9, 7pm - 8:30pm

Difficulty: Easy

We have a fun mini-CTF for you for our last session of the semester. Christmas jumpers encouraged! Sign up for a https://tryhackme.com account and login to our room at: https://tryhackme.com/jr/seshxmasctf2022

28 Nov 2022 – Hack the Box - RedPanda

Presented by Mac

Location: Diamond Theatre 8, 7pm - 8:30pm

Difficulty: Hard

We will be doing a Hack the Box machine (RedPanda) which is still available on free tier HacktheBox but has retired. You'll need an account at https://www.hackthebox.com/. This is a great session for practicing and recapping all the skills from this semester, and will ship with slides summarising everything we've done so far

21 Nov 2022 – Networking & Hacking Practice

Presented by Mac + Atri

Location: Hicks Lecture Theatre 10, 7pm - 8:30pm

Difficulty: Medium

This week we'll take you over some important networking concepts and let you apply them to a hacking challenge! You can practice your enumeration, shell popping, and SSH tunneling skills before we do our first boot2root next week.

14 Nov 2022 – AWS Workshop with CompSoc

Presented by James + Felix

Location: Diamond LT8 (1st Floor), 7pm - 8:30pm

Difficulty: Easy

AWS (Amazon Web Services) provides on-demand cloud computing platforms and APIs to individuals and companies. Learning how to utilise them (and cloud services in general) is extremely beneficial both for your career and personal development. We will cover S3, static pages with S3, EC2, how to host a website on EC2 and how to do all this securely.

07 Nov 2022 – Linux Security

Presented by Mac

Location: Diamond Workroom 1, 7pm - 8:30pm

Difficulty: Medium

Exploring what weaknesses there are in the linux operating system and how we can harden it to prevent attacks.

Fundamental Skills

31 Oct 2022 – Initial Access & Shells

Presented by Mac

Location: Diamond Workroom 1, 7pm - 8:30pm

Difficulty: Medium

This week we will be popping and catching shells!

24 Oct 2022 – BadUSB

Presented by James

Location: Bartolome House, Seminar Room DB13, 7pm - 8:30pm

Difficulty: Easy

This week we will be learning how you can instantly exploit in-person targets using hardware. We will be programming DigiSparks to emulate a keyboard in order to automate tasks, exploit targets and learn how these types of attacks can be mitigated or prevented.

Software / Link Requirements (These will need to be installed or registered prior to the Session)

17 Oct 2022 – EGM and Enumeration

Presented by Mac Goodwin & James

Location: Diamond, Workroom 1, 7pm - 8:30pm

Difficulty: Easy

This week's session will be on Enumeration. This will go over some of the most common tools and services and will be an interactive session which will use Hack The Box, and will require prior setup. There is also an EGM this week which will take place for the final half hour.

Fundamental Skills

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

10 Oct 2022 – Guest Talk from YHROCU

Presented by DS Damian Speare

Location: Diamond, Workroom 1, 7pm - 8:30pm

Difficulty: Easy

Come along to our first guest talk of the year and find out about the work of the Yorkshire and Humber Regional Organised Crime Unit (YHROCU) and their internship opportunities.

03 Oct 2022 – Intro to Linux

Presented by James Lawford & Mac Goodwin

Location: Hicks Building, Room K14, 7pm - 8:30pm

Difficulty: Easy

An introduction to Unix-based operating systems and the tools you will use as an ethical hacker A linux instance is not required as we are using SSH as it is a beginner session, but if you have it already any distro is fine.

Fundamental Skills

Software / Link Requirements (These will need to be installed or registered prior to the Session)

26 Sep 2022 – Intro to Hacking and Web Hacking

Presented by Sebastian Southwell & Mac Goodwin

Location: TBD, 7pm - 8:30pm

Difficulty: Easy

Our first session on web hacking methodologies, tools, and simple attacks.

Fundamental Skills

21 Sep 2022 – Give it a Go 2021 - Intro to Hacking & Caesar Cipher

Presented by Mac & James

Location: Hicks Building - Lecture Theatre 4, 2pm - 4pm

Difficulty: Easy

Our Web Hacking Give it a Go session, where we'll teach you some basic Web Application attacks and methodologies!

Fundamental Skills

20 Sep 2022 – Meet our Societies Talk (with DCS)

Presented by Mac Goodwin

Location: Various, Various across 20th + 21st September - check your intro week timetable

Difficulty: Easy

Our introduction to the society, including our goals for the year. Made for the Department of Computer Science intro week talks for students in Intro Week.

09 May 2022 – Blue Teamers's viewpoint

Presented by John

Location: TBD, 7pm - 8:30pm

Difficulty: TBD

2nd part of a 2 session series on Red and Blue teaming. Watch a certified Blue teamer discover how the red teamer compromised the system, tools for logging and post-compromise response.

02 May 2022 – Red Teamers's viewpoint

Presented by Jack

Location: TBD, 7pm - 8:30pm

Difficulty: TBD

1st part of a 2 session series on Red and Blue teaming. Watch an OSCP certified penetration tester exploit an application, see how they discover vulnerabilities and compromise the target.

25 Apr 2022 – Tor, Cryptocurrencies, & AGM

Presented by Vlad & Nicki

Location: TBD, 7pm - 8:30pm

Difficulty: Medium

We talk about anonymising technologies, and elect next year's committee

04 Apr 2022 – HTB Session

Presented by TBD

Location: TBD, 7pm - 8:30pm

Difficulty: TBD

TBC - we may run a HTB session over Easter if people are interested

Dependent Sessions (Recap may be needed)

28 Mar 2022 – CTF Preparation Session

Presented by Mac and Seb

Location: Diamond Workroom 1, 7pm - 8:30pm

Difficulty: Easy

We'll teach you everything you need to know about Capture the Flag competitions, ahead of our GroceryTF CTF challenge this weekend!

Dependent Sessions (Recap may be needed)

21 Mar 2022 – Advanced Web Hacking

Presented by TBD

Location: TBD, 7pm - 8:30pm

Difficulty: TBD

We'll be learning about some more complex exploits, such as Server-Side Template Injection, Server-Side Request Forgery, Remote File Inclusion, and more to prepare you for the CTF!

Dependent Sessions (Recap may be needed)

14 Mar 2022 – Cryptography

Presented by Rong

Location: Diamond Workroom 2, 7pm - 8:30pm

Difficulty: TBD

Learn the basic theory of cryptography and run some attacks against RSA, hashes, and more!

07 Mar 2022 – WiFi Hacking

Presented by Vlad Cranga

Location: Diamond Workroom 2, 7pm - 8:30pm

Difficulty: Medium

This session covers Wi-Fi security, various attacks and tools, and practising password cracking. New to the society? Come to your first session for free, just message a committee member!

28 Feb 2022 – Mike Jones RFID

Presented by Mike Jones

Location: BlackBoard, 7pm - 8:30pm

Difficulty: Easy

Mike Jones, a reformed ex-anonymous hacker, will be demonstrating how we can use RF (Radio Frequency) to exfiltrate data. The session will be on BlackBoard and will require a membership to join. New to the society? Come to your first session for free, just message a committee member!

21 Feb 2022 – BadUSB

Presented by Nick

Location: Diamond Workroom 2, 7pm - 8:30pm

Difficulty: Easy

Instantly exploit in-person targets using hot pluggable attacks with a BadUSB. We will be programming DigiSparks to emulate a keyboard in order to automate tasks and exploit targets!

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

14 Feb 2022 – Active Directory

Presented by Mac

Location: Diamond Workroom 2, 7pm - 8:30pm

Difficulty: Medium

A look at the most common corporate network infrastructure, and how to break it! This is an info-packed session, and you may find it easier to follow if you've looked at our Reconnaisance, Shells, OS Security and Privilege Escalation sessions - but you should be fine without!

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

07 Feb 2022 – Recap and TryHackMe

Presented by Mac & Seb

Location: Online, 7pm - 8:30pm

Difficulty: Easy

A quick recap of last semester and a fun TryHackMe Boot2Root

Dependent Sessions (Recap may be needed)

13 Dec 2021 – Holiday Hackers

Presented by Mac, Nick, Nicki, Vlad, Seb

Location: TBD, 7pm - 8:30pm

Difficulty: Medium

TBD

06 Dec 2021 – Hack the Box

Presented by TBD

Location: TBD, 7pm - 8:30pm

Difficulty: Medium

TBD

29 Nov 2021 – Privilege Escalation

Presented by Seb, Mac, Nicki, Nick

Location: TBD, 7pm - 8:30pm

Difficulty: Medium

Come and learn Windows and Linux local enumeration and privilege escalation

Dependent Sessions (Recap may be needed)

22 Nov 2021 – Shells

Presented by Mac & Nick

Location: Diamond Workroom 1, 7pm - 8:30pm

Difficulty: Medium

Kali VM recommended, as well as TryHackMe account. Linux Command Line Fundamental Skills will be useful!

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

15 Nov 2021 – Docker (CompSoc Collab)

Presented by Nick, Felix, and Mac

Location: Diamond Workroom 1, 7pm - 8:30pm

Difficulty: Easy

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

08 Nov 2021 – Reconnaissance

Presented by Seb & Vlad

Location: Arts Tower LT06, 7pm - 8:30pm

Difficulty: Easy

TBD

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

01 Nov 2021 – Social Engineering

Presented by Nicki

Location: TBD, 7pm - 8:30pm

Difficulty: Easy

TBD

25 Oct 2021 – Operating System Security

Presented by Mac and Nick

Location: Hick's Building LT05, 7pm - 8:30pm

Difficulty: Medium

Exploring how we can harden Windows and Linux operating systems from attacks.

Dependent Sessions (Recap may be needed)

Software / Link Requirements (These will need to be installed or registered prior to the Session)

18 Oct 2021 – Yorkshire & Humber Regional Organised Crime Unit talk

Presented by DS Spinks

Location: Hicks Building LT05, 7pm - 8:30pm

Difficulty: Easy

DS Spinks will be giving you an insight into fighting Cyber Crime and will be talking about a year in industry placement opportunity.

11 Oct 2021 – Automation in Cyber Security

Presented by Mac and Seb

Location: Arts Tower workroom 3, 7pm - 8:30pm

Difficulty: Easy

Automation in cyber security.

Software / Link Requirements (These will need to be installed or registered prior to the Session)

04 Oct 2021 – Intro to Web Hacking

Presented by Nicki Ridsdale, Sebastian Southwell

Location: Arts Tower workroom 3, 7pm - 8:30pm

Difficulty: Easy

Our first session on web hacking methodologies, tools, and simple attacks.

30 Sep 2021 – Intro to Linux

Presented by Nick Ruffles, Vlad Cranga

Location: SU Gallery Room 3, 7pm - 8:30pm

Difficulty: Easy

A GIAG session that aims to give a quick introduction to Linux the power that it holds.

Software / Link Requirements (These will need to be installed or registered prior to the Session)

29 Sep 2021 – Give it a Go 2021 - Web Hacking

Presented by Nicki & Mac

Location: SU Gallery Room 3, 7pm - 8:30pm

Difficulty: Easy

Our Web Hacking Give it a Go session, where we'll teach you some basic Web Application attacks and methodologies!

20 Sep 2021 – Meet our Societies Talk (with DCS)

Presented by Nick Ruffles

Location: TBD, 7pm - 8:30pm

Difficulty: Easy

Our introduction to the society, including our goals for the year. Made for the Department of Computer Science intro week talks

17 May 2021 – 🏴󠁢󠁳󠁢󠁹󠁿 Raspberry Pi CTF 🏴󠁢󠁳󠁢󠁹󠁿

Presented by Mac Goodwin

Location: BlackBoard, 6pm - 8pm

Difficulty: Hard

Our bakery-themed CTF, featuring challenges for players of all skill levels, and a chance to win a Raspberry Pi and a SESH hoodie!

10 May 2021 – 📡 Wifi Sniffing 📡

Presented by Brooks Rady

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

An exploration of the airwaves! Come along to learn some Wireshark snooping, MAC spoofing, and WiFi cracking.

03 May 2021 – 9️0️ Binary Exploitation 9️0️

Presented by Jack Barradell

Location: BlackBoard, 6pm - 8pm

Difficulty: Hard

A look into reverse engineering and modifying binaries.

26 Apr 2021 – 👨‍💻 Mike Jones Anonymous talk 👨‍💻

Presented by Mike Jones

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Mike Jones, a reformed ex-member of the Anonymous hacking group talks about his experiences! You won't want to miss this talk

19 Apr 2021 – 🗳️ AGM 🗳️

Presented by Nick, Chloe and Sohyun

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Vote for the next committee members!

22 Mar 2021 – 🎮 Game Breaking 🎮

Presented by Nick

Location: BlackBoard, 6pm - 8pm

Difficulty: Hard

A quick dive into reverse engineering games and making them misbehave. You might want to brush up on your assembly for this one.

15 Mar 2021 – 🗔 Web app hacking 🗔

Presented by Mac

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

A deeper dive into some web hacking techniques covered in first semester, and some brand new ones - from SSTI to Deserialisation!

08 Mar 2021 – 🏁 Making a CTF 🏁

Presented by Nicola

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

A guide to creating and deploying a Capture the Flag challenge using AWS and Flask!

01 Mar 2021 – 🚶 HTB Walkthrough 🚶

Presented by ???

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

A walkthrough of the Academy machine on HTB.

22 Feb 2021 – 👩‍💻 Intro to Assembly 👩‍💻

Presented by Nick and Brooks

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

An overview of assembly code & computer memory, and a couple of demos!

15 Feb 2021 – 📧 Social Engineering 📧

Presented by Nicola

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Focussing mainly on phishing, this session will show you techniques used for launching an effective phishing campaign and then how to best prevent one.

08 Feb 2021 – 🕵🏼 Online Anonymity 🕵🏼

Presented by Mac and Brooks

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

A look at the technologies behind VPNs and Tor, their vulnerabilities, and how to setup your own.

14 Dec 2020 – 🎅 Holiday Hackery?! 🎅

Presented by ???

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

Our final session of the semester! We'll tackle TryHackMe's advent of cyber challenges in a laid-back session, and there may even be some prizes up for grabs...

07 Dec 2020 – 🔓 Hack The Box 🔓

Presented by Mac & Brooks

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

Put your skills to the test! Drawing together everything you’ve learned from throughout the semester, join our committee in an applied hacking challenge from Hack The Box. Come ready to contribute ideas or even with your own machine to follow along!

30 Nov 2020 – 🔎 Open-Source Intelligence (OSINT) 🔎

Presented by Chloe & Sohyun

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Open Source Intelligence and social engineering are often one of the most important parts of cyber attacks and defense. Join us to learn about various tools and take part in a CTF.

23 Nov 2020 – ␛ Privilege Escalation ␛

Presented by Sohyun

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

What would happen if a user can access the administrator control? This week, we will look into what privilege escalation is, what is the purpose of this attack and what are the ways of doing it. We will also explore some demos about getting root access on Linux.

16 Nov 2020 – 🧾 Enumeration 🧾

Presented by Mac & Nick

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Dive into the world of enumeration - from discovering devices and services on a network and scoping out a way in, to finding paths for lateral movement and escalation vectors, we'll show you some of the most crucial tools and techniques.

09 Nov 2020 – 🐚 All the Shells! 🐚

Presented by Nick

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

This week we will be looking into the different kinds of shells that are available on Linux, what they do, how they work and how we can use them to gain access to remote machines. We will also be looking into port forwarding and the capabilities of Metasploit!

02 Nov 2020 – 🌐 Networking 🌐

Presented by Brooks

Location: BlackBoard, 6pm - 8pm

Difficulty: Medium

Hacking as a discipline wouldn’t really exist if you had to cart a keyboard with you to every machine you wanted to break into – computer networks enable remote machines to communicate with each other and make things like the Internet possible. This session will explore both the theory behind these networks and some of the practical tools for exploring and understanding them.

26 Oct 2020 – 🐍 Automation in Python 🐍

Presented by Mac

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

This week we’ll be looking at automation, one of the most crucial tools for cybersecurity; whether it’s repeating menial tasks, or rebuilding a common tool to understand how it works. We will take you over some tools we have written, and show you how they can be used on things like Juice Shop!

19 Oct 2020 – 👮 Guest Presentation - Yorkshire and Humber Regional Organised Crime Unit 👮

Presented by Guest Speaker Chris

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Chris will be in this week to talk us through some of the career opportunities available with the police! Make sure to come along to this one to hear about an exciting area of work and make some new links with industry professionals! You can sign up with this link if you are not already a member. If you are a member, you should be able to see the room in Blackboard Collaborate.

12 Oct 2020 – 🧃 Juice Shop II 🧃

Presented by Nick

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

OWASP (Open Web Application Security Project) Juice Shop is an intentionally vulnerable web application that shows off multiple common and advanced exploits that can appear in web applications. Learn how the vulnerabilities exist and how to exploit them yourself. This will be a more advanced follow up from the GIAG session.

05 Oct 2020 – 💻 Introduction to Linux 💻

Presented by Chloe & Brooks

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

Learn how to use the Linux terminal, a vital tool of developers and cybersecurity professionals alike. Control local and remote machines by mastering the fundamental commands and test your newfound skills by breaking into the Bandit machines hosted by OverTheWire.

28 Sep 2020 – 🧃 Juice Shop I (Give it a Go) 🧃

Presented by Nick & Mac

Location: BlackBoard, 6pm - 8pm

Difficulty: Easy

OWASP (Open Web Application Security Project) Juice Shop is an intentionally vulnerable web application that shows off multiple common and advanced exploits that can appear in web applications. Learn how the vulnerabilities exist and how to exploit them yourself. More details here

04 Nov 2019 – Linux part 2

Presented by John Richardson

Location: Diamond LT9,

Difficulty: Easy

15 Oct 2019 – Linux part 1

Presented by John Richardson

Location: Diamond LT9,

Difficulty: Easy

06 Oct 2019 – Private Investigations: Memory Forensics

Presented by John Richardson

Location: Diamond LT9,

Difficulty: Hard

18 Mar 2019 – Net Forensics

Presented by John Richardson

Location: Diamond LT9,

Difficulty: Medium

04 Mar 2019 – Hack Back Revision

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Medium

24 Feb 2019 – Introduction to web hacking part 2

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Easy

24 Feb 2019 – Introductory to binary exploitation Part 2 Stack Overflows

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Hard

11 Feb 2019 – Introductory to binary exploitation Part 1 The Background

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Medium

09 Feb 2019 – Introduction to web hacking part 1

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Easy

09 Feb 2019 – Bitsquatting

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Medium

09 Feb 2019 – Cybertor

Presented by John Richardson

Location: Diamond LT9,

Difficulty: Medium

09 Feb 2019 – Refreshers Recap

Presented by Jack Barradell

Location: Diamond LT9,

Difficulty: Easy