May 19, 2013

Intro to Hackersh, Workshop: May 26th, 2013

Hackersh: A free open-source security interpreter


Event: Intro to Hackersh: A free open-source security interpreter
When: Sunday May 26th
Speaker: Itzik Kotler, DC9723 (DEFCON Israel Tel-Aviv)
Cost: FREE
When: Sun, May 26, 1pm – 4pm
Talk: ~2pm-4pm
Where: 17725 NE 65th St A-155, Redmond, WA 98052      

--- The Event ---

Itzik Kotler is visiting our area from DC9723 (Israel, Tel-Aviv) and has kindly offered to provide a free workshop on his project, Hackersh ("Hacker Shell"). We are excited to provided him with a place to share his work, and an opportunity to speak with some passionate people from the local area.

 --- The Tool ---

Imagine the amount of time and effort it would take to write a bug-free script or application that will accept a URL and port scan the associated host. Then for each HTTP service discovered, create a new thread and perform a black box penetration test, all while impersonating a Blackberry 9900 smart-phone.  
While you're thinking, here's how you would have done it in Hackersh:
"http://localhost" \
    -> url \
    -> nmap \
    -> browse(ua="Mozilla/5.0 (BlackBerry; U; BlackBerry 9900; en) AppleWebKit/534.11+ (KHTML, like  Gecko) Version/ Mobile Safari/534.11+") \
    -> w3af

Meet Hackersh (“Hacker Shell") – A command interpreter, written in Python with Pythonect-like syntax, with built-in security commands, and out of the box wrappers for various security tools, including: nmap, nikto, w3af, and dnsdict6 to name a few...  

Aside from being interactive, Hackersh is also scriptable with Pythonect, a free, open source data-flow programming language based on, and written in, Python.  

This workshop will introduce participants to automating security tasks using Hackersh and Pythonect.
Demonstrations and scripts will be included to showcase concepts, usage and ideas.

--- Needed to Participate ---

Since this is a workshop, people are free to bring a laptops to run the examples. Any Linux system with Python 2.6.x or 2.7.x will do the trick. 

--- Relevant Websites ---


--- Talk Slides ---

Slides: HackLikeIts2013_BLR.pdf