RSVP here: http://events.linkedin.com/New-Tech-Society-Happy-Hour/pub/836765

Hey Folks!

The group is growing and we're excited for everyone to once again have a chance to connect in person. Join us for the New Tech Society happy hour. It's just around the corner:

Please bring your friends--the more the merrier! Totally low-pressure and casual--be yourself!

We can't say that we are giving away free ipads or iphones, but we are generously gifting a free drink to the first 10 people to arrive.

Looking forward to seeing you!

The NTS Crew

**Please RSVP on Eventbrite HERE**

Are you a woman with 25 or more years of experience working in technology? Do you want to build relationships with other women in tech who are still in there swinging? PDXWIT wants to foster a community for women like you.

Join us at the Ruby Receptionists office in Portland. The agenda is to help us further ground this new group in our third hosted meeting, organized by Jean Richardson.

PDXWIT is a community-based non-profit organization. Our purpose is to strengthen the Portland women in tech community by offering educational programs, partnerships, mentorships, resources, and opportunities. We are unifying a supportive environment for current and potential women in tech, all of whom are committed to helping each other. Our goal is to bring together and empower women in tech and to encourage others to pursue tech careers. This is our step towards reducing the gender imbalance in the industry and addressing the current negative effects of that imbalance on women.

Trans and non-binary people are always welcome at our events.

Acquiring customers for our SaaS companies is arguably one of the most difficult challenges we face. We need to figure it out what works and what doesn't work, and we need to do it before the money runs out.

In this Meetup we'll discuss:

• The marketing strategies that are working for us, and the ones that didn't.

• Lessons we learned taking our products to market.

• Paid vs organic marketing channels: which ones are best for every stage of growth.

• How we've identified our most profitable market segments and how we're providing value to them.

• Social media, search engine marketing, PR and advertising. Pros and cons of each channel, and which ones are right for us.

Coffee, tea and draft beer will be provided. Come hang out with other SaaS founders and share your story!

** Please RSVP on Eventbrite HERE **

Join us for happy hour at Urban Studio, sponsored by Lyft and in partnership with Tech Ladies!

As a woman-focused community, we’ve decided it is no longer enough for our support of other underrepresented groups to be implied. This month, we’ve decided it is time to focus on the interconnectedness of the various social categorizations and dedicate the theme of this event to “Intersectionality,” with a conversation starter of “What’s a recent book, writer or film that has changed your perspective?”

While the event is primarily intended for networking, we will have a short segment at 5:30 to share important announcements and showcase two women from Lyft!

Introduction to Lyft, including what they do and what job opportunities are available!

Lita Cho, Senior Software Engineer at Lyft, will talk to us about how intersectionality has been woven into the company’s diversity and inclusion efforts.

Janani Sundarrajan, Software Engineer at Lyft, will talk about Lyft’s progressive Gender Inclusion and Affirmation policy which was recently released.

During the event, we’ll have an Activity Table where people can get creative. This is a fantastic way to meet others if large groups are not your thing. If you have trouble finding it, look forMeg Aul, our Event Activities Director.

PDXWIT is a community-based non-profit organization. Our purpose is to strengthen the Portland women in tech community by offering educational programs, partnerships, mentorships, resources and opportunities. We are unifying a supportive environment for current and potential women in tech, all of whom are committed to helping each other. Our goal is to bring together and empower women in tech and to encourage others to pursue tech careers. This is our step towards reducing the gender imbalance in the industry and addressing the current negative effects of that imbalance on women.

Trans and non-binary people are always welcome at our events.

  This event will consist of two hours of lecture on iOS development basics, followed by an hour of discussion and networking.  If you are curious about iOS development and want to know what it is like to get into iOS development, this is a perfect event for you. If already know some iOS development, this may be helpful to you too to meet some other iOS developers and maybe get guidance about how to become a professional iOS developer. People of all background is welcome, no programming background is necessary.

   Pizza will be served for lunch. This event is fee, but the attendance is limited to 15 persons only.

  Please bring your own Mac laptop, if you want to practice with the class. You should have the latest version of Xcode installed. If you have question about installing Xcode, feel free to contact the organizer.

  Machine Learning is a hot buzz  word now and  the new version of Swift will have ML library. It is an exciting news. I am not any expert on ML, but hoping to learn more about it and how to use it in iPhone apps. I invite all iOS developers in the group who has been curious about the feature and may be already have done some studies in the area, to come to this open discussion session. If anyone is willing to put up a presentation (ppt or video) containing their knowledge in the area, that is welcome too. We have a big screen for projection in this facility. 

We're all faced with the challenge of creating an awesome software product for our customers. A big part of this is having a highly functional software development team.  

In this Meetup we'll discuss:

• When to develop software in-house versus outsourcing or partnering with another software platform. Some SaaS companies utilize a mix of in-house and outsourced developers. We'll brainstorm various possible approaches.

• How do you train new developers?  What approaches have been successful and what has been a dismal failure? - Does it make sense to hire senior developers only or a mix of junior and senior developers?

• Team / project organization - Do you do daily standups? How do your organize sprints? How are deadlines established and by whom? Is your team in the same office or are some remote? What tools do you use (Slack, Trello, etc.)? With all of the bugs, feature requests, UI overhauls, when do you ship updates to the product?

• Communication and transparency - How do you speak to the rest of the team in a language everyone understands? Do you hold weekly/bi-weekly meetings to announce progress? How do you showcase new features to clients?

Coffee, tea and draft beer will be provided. Come hang out with other SaaS founders and share your story!

If there's more on this topic you would like to discuss, send us a message and we'll try and get it added to the agenda.

Join PASCAL on Saturday the 11th of November for a day of tours, entertainment and dialogue. 

Drop on by if you would like to: 
- Learn more about who PASCAL be, and what do PASCAL
- Start hacking stuff immediately
- Learn about current threats and how they work, or
- Simply mingle and have a relaxing afternoon with Infosec nerds.

Basic concessions will also be available!

• What we'll do
Come and explore how to tell great data stories to support better business decisions using Google Cloud Data Studio. Google Data Studio turns your data into informative dashboards and reports that are easy to read, easy to share, and fully customizable. Dashboarding allows you to tell great data stories to support better business decisions. Easily access all the data sources you need to understand your business and make better decisions. Transform your raw data into the dimensions, metrics, and calculations you need — no code or queries required. Harness the collective wisdom of your team. Share and collaborate in real time. Work together quickly, from anywhere.

• What to bring

• Important to know

Hack2Learn is a monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to all the various types of challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!
For the first Hack2Learn meetup, we will walk you through the setup process, starting with installing a virtual machine and setting up a beginner friendly Linux environment (Kali counts as beginner friendly, right?), followed by a lightning lesson on command line. Once everyone is ready, we will dive right in to a STEMCTF challenge created by MITRE Cyber Academy. Basic understanding of at least one programming language and/or security concepts is helpful, but not necessary. Honestly, when we say all you need is a desire to learn, we mean it!
If you have a laptop, bring it. We have a handful of loaners for those who need them, as well as several desktop PCs for use at the hackerspace. So, brush off your social anxiety, leave your impostor syndrome at the door, and let your inner hacker take a crack at capture the flag- PASCAL edition!

Questions? email [masked], or leave a comment on the meetup page (though we tend to not check that as often.)

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at Portland's only non-profit hackerspace are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with MrDe4d, Cylon, Wireglitch and the rest of the misfit hackers of PDX this Saturday!

After (and probably during) this presentation, we will, as presenters and attendees, decide on which tool (or framework) to focus on for a new bi-monthly workshop. We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! The future workshop will be scheduled after all Q&A and demos are complete and will take place 2-4 weeks after, at which point we will continue the series until we have completed a thorough review of each tool.
Questions? please email MrD34d--> [masked] or Cylon--> [masked]. We can also be found on the encrypted messaging app called Wire, which is available for desktop, Android and Apple devices (@mrdead or @wireglitch for invites to the PASCAL channel.)
PASCAL has snacks and drinks for some dollars and cents, though everyone is welcome to bring their own food and drink.
Final Note: if you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Hackers of the night- unite! There are many cliches revolving around hackers and hacker culture that are, well, true. For example, we are night owls; we thrive in the night and do our best work in the dark. We use caffeine as our main source of energy and Sour Patch Kidz as our main source of nutrition. We wear black hoodies and carry backpacks full of gear as we stalk through night, avoiding the moonlight and sticking to the shadows as we totally, completely, and utterly ravage the city's WiFi!

Speaking of gear, here is a general list of items you will need to participate in this quest for[masked]x Total Domination: an Android phone (rooted or not rooted, with or without Kali installed BUT! You will probably want a rooted Android device because you will need monitor mode. You can skip the rooting and use a Raspberry Pi 3 and ssh into it with a non rooted phone via a terminal app), pretty much any Alpha radio, omni & directional antennae, and an insatiable appetite for learning.

If you do not have access to or do not have time to acquire all or some of the gear listed- do not fret. Stay calm, and warwarlk on. Actually, just let us know what you are missing or which item you would like to test out and we will do our best to provide (you can let us know via Meetup, actually, by answering the question when you RSVP..this is one of those rare instances in which the question isn't totally superfluous.)

MOAR DETAILS
Warwalking is similar to Wardriving except we take to the city on foot, not in a vehicle. Your hand/eye/foot coordination will be put to the ultimate test as you try not to trip and fall and result in a 9gag meme while passively collecting node and AP data. Which brings me to a very important point that you may have been wondering about...YES! IT IS LEGAL! As mentioned, warwalking and wardriving is the act of PASSIVELY collecting data, and sometimes taking note of this data (check out warchalking for lulz.)
We will meet at PASCAL Hackerspace at 11pm/2300hrs, and be headed out, on foot, at 11:30pm sharp after doing a gear check and making sure everyone is pumped! In case you are new to the Portland area, be warned that light rain is to be expected any time, anywhere and you should be sure you're wearing comfortable clothing. Also, we will not make fun of you if you decide to go full RPG-mode (Cylon has been known to dress head to toe as Aiden Pierce for no other reason than he felt like it and it is fun!) So, dust off your combat boot/trench coat ensemble and be Neo for a night! Or keep it simple with thick prescription sunglasses and work it like Whistler! Ok, I'm done alliterating...

Questions? Find us on Wire Encrypted Messaging app (it's like Slack but encrypted!) and send a connection request to MrDe4d (@mrdead) or Wireglitch (@wireglitch). You can also email us at [masked] or [masked] or [masked].

Every year, ChickTech gives 150 local girls the opportunity to attend a weekend long inspiring technology camp. Girls are nominated by their teachers, then surprised with acceptance packets that illuminate their potential. Join a group of ChickTech volunteers in stuffing acceptance packets! We will gather at the ChickTech office, eat light snacks, and chat while we work together to inspire the next generation of technologists. First-time volunteers and people of all genders are welcome!

Please meet at the building's enterance on SW 10th and Washington. A ChickTech representative will be there to greet you from 5:30-5:45. If you arrive late please call (949)[masked] to be let into the building.

Recruiting Open House and PDX Tech + Pong

We have a very special twist on our usual Tech + Pong event for October. Come join us on October 11th for Happy Hour to celebrate the opening of the new AltSource headquarters in SE Portland!

If you currently work for a local tech company, are looking for a new job opportunity in tech, or if you are looking for ways to get more involved with the tech community here in Portland, this recruiting and networking event is for you! It’s a great opportunity to speak with hiring managers in a casual environment and learn more about the job openings at both Altsource and The Dyrt. Plus, there will be food, drinks, a DJ, giveaways and the usual ping-pong tournament!

This event is completely free, but please RSVP so we can get a head count for food and drinks.

Time:
5:00 Doors Open & Happy Hour
5:30 Tournament Kick Off

Tournament:
Bring $5 cash for the winner-takes-all ping-pong tournament if you want to play! Check out the tournament rules https://www.meetup.com/PDX-Tech-Pong/events/249548412/

Location:
1120 SE Madison St. Portland OR 97214 (entrance on 12th and Hawthorne)

Sponsors:
AltSource is a custom software development company.
AltSource is hiring! Check out the AltSource careers page. (https://www.altsrc.net/Careers/?ref=JoinAltSource)

The Dyrt (think like Yelp for camping) - gives away outdoor gear for user submitted campground reviews. The Dyrt is looking Ember developers, React Native Mobile Developers and a UI/UX Designer (https://blog.thedyrt.com/jobs/working-at-the-dyrt/)

Join PASCAL on the second Saturday of the month for a day of tours, entertainment and dialogue.

Drop on by if you would like to:
- Learn more about who PASCAL be, and what do PASCAL
- Start hacking stuff immediately
- Learn about current threats and how they work, or
- Simply mingle and have a relaxing afternoon with Infosec nerds.

Basic concessions will also be available!

Week of October 13th we will be focusing on METASPLOIT! Mooooo.

This Saturday at PASCAL we are offering the Hacker Symposium featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with MrDe4d, Cylon, Wireglitch and the rest of the misfit hackers of PDX this Saturday!

After (and probably during) this presentation, we will, as presenters and attendees, decide on which tool (or framework) to focus on for this bi-monthly workshop. We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! The future workshop will be scheduled after all Q&A and demos are complete and will take place 2 weeks after, at which point we will continue the series until we have completed a thorough review of each tool.
Questions? please email MrD34d--> [masked] or Cylon--> [masked]. We can also be found on the encrypted messaging app called Wire, which is available for desktop, Android and Apple devices (@mrdead or @wireglitch for invites to the PASCAL channel.)
PASCAL has snacks and drinks for some dollars and cents, though everyone is welcome to bring their own food and drink.
Final Note: if you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Hack2Learn is a monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to all the various types of challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this workshop at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!
For the October edition of Hack2Learn, we will be focusing on web and binary challenges. First we will make sure everyone is set up with a virtual machine and the OS of their choice (though Kali is recommended, specifically for the web challenges). For the binary challenges we will install Cutter which is something of an intro to Radare2. You are encouraged to familiarize yourself with Cutter and R2 prior to the workshop; take a look--> https://github.com/radareorg/cutter (note: downloading a VM and/or installing a new OS is not necessary for using Cutter when working on the binary challenges, unless you're using Mac OS in which case you will need to spin up a VM for either Windows or Linux).
Basic understanding of at least one programming language and/or security concepts is helpful, but not necessary. Honestly, when we say all you need is a desire to learn, we mean it!
Cylon is setting up a wireless hacking station for October H2L as well, and will be offering some hands-on experience to anyone interested in the wonderful world of wireless hax!
If you have a laptop, bring it. We have a handful of loaners for those who need them, as well as a few desktop PCs for use at the hackerspace. So, brush off your social anxiety, leave your impostor syndrome at the door, and let your inner hacker take a crack at capture the flag!

Questions? Send an email to [masked], or leave a comment on the meetup page (though we tend to not check that as often.)

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with MrDe4d, Cylon, Wireglitch and the rest of the misfit hackers of PDX this Saturday!

After (and probably during) this presentation, we will, as presenters and attendees, decide on which tool (or framework) to focus on for a new bi-monthly workshop. We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! The future workshop will be scheduled after all Q&A and demos are complete and will take place 2-4 weeks after, at which point we will continue the series until we have completed a thorough review of each tool.
Questions? please email MrD34d--> [masked] or Cylon--> [masked]. We can also be found on the encrypted messaging app called Wire, which is available for desktop, Android and Apple devices (@mrdead or @wireglitch for invites to the PASCAL channel.)
PASCAL has snacks and drinks for some dollars and cents, though everyone is welcome to bring their own food and drink.
Final Note: if you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Exciting news, Pascalians! PASCAL Hackerspace will be hosting the world-renowned Dean Pierce for a presentation and workshop on hacking smart contracts!! Come learn about the basic concepts surrounding smart contracts and the latest in keeping them secure!

What to expect during a Dean Pierce presentation: knowledge, verbs, adjectives, human hand gestures, an insider look at how smart contracts are created and how they are manipulated, lulz, and if we are lucky, maybe he will shed some light on how smart contract hacks can be applied to one of PASCAL's favorite pastimes- CTFs (fingers crossed this may be included in the workshop portion.)

A bit more about Dean. Dean is an OG Portland hacker and definitely a human. When he isn't making and breaking blockchainz, he's out doing human things such as bipedal walking, eating a food and consuming oxygen.

We hope to see you there!

SSH is the protocol that makes possible the secure administration of remote Unix-like systems. Any aspiring Linux hacker would do well to understand a little bit about how SSH works, and what it can do.

In this presentation, we're taking you through the basics of the ubiquitous OpenSSH implementation. We're going to cover the SSH client, the server, keys, best practices, and useful features like tunneling.

To participate in the interactive portion of the event, bring a laptop that runs MacOS, or Linux either natively or in a virtual machine.

As a supplement, we will be distributing digital copies of SSH Mastery by Michael Lucas.

Please RSVP if you're coming, and let us know if you can't make it so we can make room for others.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with MrDe4d, Cylon, Wireglitch and the rest of the misfit hackers of PDX this Saturday!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! The future workshop will be scheduled after all Q&A and demos are complete and will take place 2-4 weeks after, at which point we will continue the series until we have completed a thorough review of each tool.
Questions? please email MrDe4d--> [masked] or Cylon--> [masked]. We can also be found on the encrypted messaging app called Wire, which is available for desktop, Android and Apple devices (@mrdead or @wireglitch for invites to the PASCAL channel.)
PASCAL has snacks and drinks for some dollars and cents, though everyone is welcome to bring their own food and drink.
Final Note: if you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Hack2Learn: Hackers, Assemble! (Part 2)

Hack2Learn is a bi-monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to all the various types of challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!

For the next Hack2Learn workshop (yes, we are finally getting this event rolling again!), we will be taking a crack at Assembly-focused CTF (Capture The Flag) challenges: specifically, the PICOCTF2018
Assembly 0-2. MrDe4d will be walking everyone through these challenges, step by step (pun!) so that everyone in attendance will gain theoretical as well as applicable knowledge.
Being able to gain control of system memory is a powerful skill, and is a gateway to understanding memory structure, how data is accessed and processed, how the OS, CPU and programs interface with one another and ultimately how to pwn. A lot of people find Assembly intimidating..and while it may seem daunting and complicated at first glance but, as with any programming language, a grasp of logic as well as dedication to learning are all that are required. In addition to walking you through every step in each challenge, a relatively quick
intro to Assembly will be given, hopefully demystifying it a bit for everyone. MrDe4d will cover basic syntax, instructions and conditions. As we dive deeper into each aspect of the challenges, we will continue to reiterate what has been covered with Assembly- we expect questions to be frequent and recurring. It is absolutely OK to ask the same thing more than once; PASCAL Hack2Learn is a friendly learning environment!
H2L has two major goals: for everyone to capture the flags, and to learn to reverse engineer. This is not a workshop focused on learning a tool, rather it is designed to get attendees thinking logically, critically & to get everyone accustomed to being uncomfortable and not knowing the answer.
In order to participate, attendees will need a computer running either Linux (distro of choice though for this workshop Debian flavors are recommended) or Windows with a VM for Linux, & an install of Cutter 1.7.2 (a Radare2 GUI).

Note: Running Linux is not absolutely necessary when using Cutter. Both Windows and Mac are suitable and Cutter will run fine. Cutter still definitely has a learning curve to it.. fortunately, there is an excellent tutorial/intro on Megabeets.net!

Questions? Email [masked] or get on the PASCAL Discord and interact with other PDX hackers (ask for invite).

PASCAL Hackerspace is happy to announce a new bimonthly workshop! One of the core goals of our organization is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

Each 90 minute session we will focus on a different topic, although we may repeat them if there are requests to revisit material. Currently there will be 20-30 minutes of presentation, a walk through of a problem, followed by breaking into small groups to practice. Attending sequential events is probably helpful if the material is new to you, but not required.

First Session's Theme: Analysis Foundations

What is an algorithm, besides a scary word?
I'm a practical person, why do I care?
What is a data structure?
What is complexity analysis?
What is Big O? Big Theta? Big Omega?
How do I apply them?

Please bring your preferred note-taking device(s) and preferred scratch paper.

A laptop with your editor & language of choice may be handy for trying out your solutions- especially important if you are prepping for technical interviews, but is not at all required.

The PASCAL board is excited to be hosting this event alongside a very accomplished and brilliant woman in security-

Allison Marie Naaktgeboren is a Senior Software Engineer. She has previously written (and regretted) code at Mozilla, Amazon, Cisco, FactSet Research Systems, and the Biorobotics Laboratory in Carnegie Mellon’s Robotics Institute. Allison holds a Bachelor’s Degree in Computer Science from Carnegie Mellon University in Pittsburgh.

Allison is a mentor in the PDXWiT mentorship program, supports the Women Who Code Portland Algorithms track, and mentors high school students in robotics and programming (Go Rebel @lliance!) She is a member of PASCAL & the OWASP Portland chapter.

That's right, watch some guy stand up in front of a room of people and go full commando! Whoa, don't get too excited there. I will be wearing clean...ish undergarments. By "going commando", I am referring to conducting any and all of your everyday computing tasks from the command line! Everything from being productive in an office environment to posting the twitters and streamin' the youtubes! Why, you ask? We are all hackers here aren't we? And what hacker doesn't want to look as cool in real life as we do in the movies? So come and enjoy all the typie-typie carpal tunnel goodness!

Joe Cathell (that's Ca-THELL, not cat+hell..even though Joe is something of a crazy cat man) is an infosec professional at the Washington University in St. Louis. When he's not defending our next generation of doctors from Russian hackers (true story, ask him!), he can usually be found at the Arch Reactor Hackerspace. Joe is both a founding member of Arch Reactor and serving as the current president of the board of directors. He is also a co-organizer of the monthly STL2600 and DC314 meetup, as well as a regular presenter. He likes blue raspberry Icees, building robots and competitive butter sculpting.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Some Teams are Red, Others are Blue, I Play Defense, and So Can You!

An endpoint security primer in three (?-ish) parts.
Part 1: MacOS
Part 2: Windows
Part 3: Linux

Come learn about the other side of the cybersecurity equation: how to raise the bar for attackers trying to pwn your endpoints. This talk series will focus on sane, sensible, and usable defaults; what each operating system can bring to the table; security through proper configuration; and small/medium scale distribution and management.

Part 1: We'll start with a broad overview of securing endpoints, the classes of attacks that might be encountered depending on your use cases, and what it means to be "secure." Then, we'll talk about configuring macOS for reasonable security, beginning with the hardware chain of trust, moving through the bootloader and touching on what Apple's hw/sw integration allows for: Activation Locks, MDM/DEP, and Software Recovery. Moving up the stack, we'll discuss the tiers of built-in macOS software security, and if time permits, several third party options to strengthen endpoint options.

Part 2: Let's kick off with quick refresher on previous topics, and then dive right in to Windows endpoint security. Because of the diversity of hardware, there will be less low-level focus this session, but BitLocker, TPM, and OPAL will be in the mix. Then, learn why Secure Boot is not a conspiracy, how Hyper-V is bae, why Windows 10 is actually the best thing since... earlier Windows 10 releases!, what Group Policy can do for you, and which version of Windows is the minimum necessary for any kind of sanity.

Part 3: In the stolen words of Steve Ballmer, compartmentalize compartmentalize compartmentalize! We'll talk about mitigating inevitable compromise, and then move to Linux security. Coreboot, Heads, and refreshers from PC hardware kick us off, then it's into the wilderness! We'll try and nail down some best practices for the wide and varied world of Linux distros, the security benefits of containers, why Flatpak is awesome, and a quick touch on grsecurity (aka "why we can't have nice things"). If there's time, we'll even try to talk about the security benefits of other nix's like OpenBSD & Qubes.

Part 4: This is unwritten, unplanned and unscheduled, but part 4 (and 5, and beyond!) could include topics like:
- hypervisors! and why trying to share memory has yet to be a good idea;
- how to do your best to secure them anyway;
- how and why you should deploy hardened and/or minimum viable configurations automatically (ansible, JAMF, AD/SCCM...)

This is intended as a high-level overview to get a baseline for each of the three operating systems; content will change and grow based on feedback and requests. Come help me evolve my endpoint security game, and steer the course for future events!

This series is brought to you by PASCAL Hackerspace, and presented by Magneto (the hacker, not the mutant...ok well, he could* be a mutant for all we know...)
Magneto is: prototyping the future. trying to kill sleep. Security analysis and automation for profit. Other security-related things for fun. Obtuse prose. Dream job: Starship Captain. There's a reason for the nickname.

PASCAL Hackerspace is happy to announce a new bimonthly workshop! One of the core goals of our organization is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

Each 90 minute session we will focus on a different topic, although we may repeat them if there are requests to revisit material. Currently there will be 20-30 minutes of presentation, a walk through of a problem, followed by breaking into small groups to practice. Attending sequential events is probably helpful if the material is new to you, but not required.

First Session's Theme: Analysis Foundations

What is an algorithm, besides a scary word?
I'm a practical person, why do I care?
What is a data structure?
What is complexity analysis?
What is Big O? Big Theta? Big Omega?
How do I apply them?

Please bring your preferred note-taking device(s) and preferred scratch paper.

A laptop with your editor & language of choice may be handy for trying out your solutions- especially important if you are prepping for technical interviews, but is not at all required.

The PASCAL board is excited to be hosting this event alongside a very accomplished and brilliant woman in security-

Allison Marie Naaktgeboren is a Senior Software Engineer. She has previously written (and regretted) code at Mozilla, Amazon, Cisco, FactSet Research Systems, and the Biorobotics Laboratory in Carnegie Mellon’s Robotics Institute. Allison holds a Bachelor’s Degree in Computer Science from Carnegie Mellon University in Pittsburgh.

Allison is a mentor in the PDXWiT mentorship program, supports the Women Who Code Portland Algorithms track, and mentors high school students in robotics and programming (Go Rebel @lliance!) She is a member of PASCAL & the OWASP Portland chapter.

Join PASCAL on the second Saturday of the month for a day of tours, entertainment and dialogue.

Drop on by if you would like to:
- Learn more about who PASCAL be, and what do PASCAL
- Start hacking stuff immediately
- Learn about current threats and how they work, or
- Simply mingle and have a relaxing afternoon with Infosec nerds.

Basic concessions will also be available!

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Welcome to PASCAL Hackerspace's newest hands-on workshop: Build2Learn!

The general idea of the Build2Learn twice-monthly sessions is to take several categories of tools, analyze their functionality, and re-implement them using your language of choice.

The goal is not to present a tutorial. The goal is to have discussion around the the process of breaking the problem down into specific use cases and requirements i.e. tasks that can be more easily implemented.

The core goal of programming is problem solving, the aim here is to facilitate and encourage this skill.

There will be a focus on performing code review and encouraging people to demo their progress to the group.

Session_0 will focus on the following:

>Help individuals setup their development environment
>Make sure that the git workflow is well understood
>Help with a language selection
Note: while there will not be any prescribed languages,we suggest
either python or javascript. This is not to deter the use of other
languages. Just to suggest that there may be more help available using
something listed above.
>Help users install git for their operating system
>Help users create a github account and setup git to use it
>Help users install language and tooling (if needed)
>Help users install text editor and discuss the merits of different options

For more information, please visit-https://randy5235.github.io/build2learn/ or view the current repository directly on Github here: https://github.com/randy5235/build2learn . The purpose of this repository is to provide a resource for documentation and source code for the Build2Learn session(s) at PASCAL Hackerspace.

For questions regarding PASCAL Hackerspace and events hosted there in general, please email [masked]. For questions regarding Build2Learn, please reach out to Randy here on Meetup! He can be found here: https://www.meetup.com/members/10974695/

PASCAL Hackerspace is happy to announce a new bimonthly workshop! One of the core goals of our organization is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

Each 90 minute session we will focus on a different topic, although we may repeat them if there are requests to revisit material. Currently there will be 20-30 minutes of presentation, a walk through of a problem, followed by breaking into small groups to practice. Attending sequential events is probably helpful if the material is new to you, but not required.

First Session's Theme: Analysis Foundations

What is an algorithm, besides a scary word?
I'm a practical person, why do I care?
What is a data structure?
What is complexity analysis?
What is Big O? Big Theta? Big Omega?
How do I apply them?

Please bring your preferred note-taking device(s) and preferred scratch paper.

A laptop with your editor & language of choice may be handy for trying out your solutions- especially important if you are prepping for technical interviews, but is not at all required.

The PASCAL board is excited to be hosting this event alongside a very accomplished and brilliant woman in security-

Allison Marie Naaktgeboren is a Senior Software Engineer. She has previously written (and regretted) code at Mozilla, Amazon, Cisco, FactSet Research Systems, and the Biorobotics Laboratory in Carnegie Mellon’s Robotics Institute. Allison holds a Bachelor’s Degree in Computer Science from Carnegie Mellon University in Pittsburgh.

Allison is a mentor in the PDXWiT mentorship program, supports the Women Who Code Portland Algorithms track, and mentors high school students in robotics and programming (Go Rebel @lliance!) She is a member of PASCAL & the OWASP Portland chapter.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Hack2Learn: Hackers, Assemble! (Part 2)

Hack2Learn is a bi-monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to all the various types of challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!

For the next few Hack2Learn workshops, we will be taking a crack at Assembly-focused CTF (Capture The Flag) and reversing challenges. MrDe4d will be walking everyone through these challenges, step by step (pun!) so that everyone in attendance will gain theoretical as well as applicable knowledge.
Being able to gain control of system memory is a powerful skill, and is a gateway to understanding memory structure, how data is accessed and processed, how the OS, CPU and programs interface with one another and ultimately how to pwn. A lot of people find Assembly intimidating..and while it may seem daunting and complicated at first glance but, as with any programming language, a grasp of logic as well as dedication to learning are all that are required. In addition to walking you through every step in each challenge, a relatively quick
intro to Assembly will be given, hopefully demystifying it a bit for everyone. MrDe4d will cover basic syntax, instructions and conditions. As we dive deeper into each aspect of the challenges, we will continue to reiterate what has been covered with Assembly- we expect questions to be frequent and recurring. It is absolutely OK to ask the same thing more than once; PASCAL Hack2Learn is a friendly learning environment!
H2L has two major goals: for everyone to capture the flags, and to learn to reverse. This is not a workshop focused on learning a tool (though we do use Cutter often), rather it is designed to get attendees thinking logically, critically & to get everyone accustomed to being uncomfortable and not knowing the answer.
In order to participate, attendees will need a computer and an install of Cutter 1.7.4 (a Radare2 GUI that can be used with Linux, Windows or Mac).

Note: Running Linux is not absolutely necessary when using Cutter. Both Windows and Mac are suitable and Cutter will run fine. Cutter still definitely has a learning curve to it.. the tutorial/intro on Megabeets.net is recommended.

Questions? Email [masked] or get on the PASCAL Discord and interact with other PDX hackers (ask for invite).

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Tonight we will have a presentation from Jason Lengstorf from Gatsby on. As always we will also have time to connect with others in the GraphQL community, talk about what you are tinkering with, problems you are encountering, and more. See you there.

Talk Details

Title: Why does Gatsby use GraphQL?

Gatsby is a framework for generating apps and websites that are fully static. Why, then, does it use GraphQL? In this talk, Jason Lengstorf will dive into the challenges of managing data for complex sites and how GraphQL allows Gatsby to manage this complexity more effectively.

Speaker Details

Jason Lengstorf is a developer advocate, senior engineer, and occasional designer at Gatsby. He’s an advocate for building highly productive teams through better communication, well designed systems and processes, and healthy work-life balance, and he blogs about that sometimes. He lives in Portland, Oregon.

Some Teams are Red, Others are Blue, I Play Defense, and So Can You!

An endpoint security primer in three (?-ish) parts.
Part 1: MacOS
Part 2: Windows
Part 3: Linux

Come learn about the other side of the cybersecurity equation: how to raise the bar for attackers trying to pwn your endpoints. This talk series will focus on sane, sensible, and usable defaults; what each operating system can bring to the table; security through proper configuration; and small/medium scale distribution and management.

Part 1: We'll start with a broad overview of securing endpoints, the classes of attacks that might be encountered depending on your use cases, and what it means to be "secure." Then, we'll talk about configuring macOS for reasonable security, beginning with the hardware chain of trust, moving through the bootloader and touching on what Apple's hw/sw integration allows for: Activation Locks, MDM/DEP, and Software Recovery. Moving up the stack, we'll discuss the tiers of built-in macOS software security, and if time permits, several third party options to strengthen endpoint options.

Part 2: Let's kick off with quick refresher on previous topics, and then dive right in to Windows endpoint security. Because of the diversity of hardware, there will be less low-level focus this session, but BitLocker, TPM, and OPAL will be in the mix. Then, learn why Secure Boot is not a conspiracy, how Hyper-V is bae, why Windows 10 is actually the best thing since... earlier Windows 10 releases!, what Group Policy can do for you, and which version of Windows is the minimum necessary for any kind of sanity.

Part 3: In the stolen words of Steve Ballmer, compartmentalize compartmentalize compartmentalize! We'll talk about mitigating inevitable compromise, and then move to Linux security. Coreboot, Heads, and refreshers from PC hardware kick us off, then it's into the wilderness! We'll try and nail down some best practices for the wide and varied world of Linux distros, the security benefits of containers, why Flatpak is awesome, and a quick touch on grsecurity (aka "why we can't have nice things"). If there's time, we'll even try to talk about the security benefits of other nix's like OpenBSD & Qubes.

Part 4: This is unwritten, unplanned and unscheduled, but part 4 (and 5, and beyond!) could include topics like:
- hypervisors! and why trying to share memory has yet to be a good idea;
- how to do your best to secure them anyway;
- how and why you should deploy hardened and/or minimum viable configurations automatically (ansible, JAMF, AD/SCCM...)

This is intended as a high-level overview to get a baseline for each of the three operating systems; content will change and grow based on feedback and requests. Come help me evolve my endpoint security game, and steer the course for future events!

This series is brought to you by PASCAL Hackerspace, and presented by Magneto (the hacker, not the mutant...ok well, he could* be a mutant for all we know...)
Magneto is: prototyping the future. trying to kill sleep. Security analysis and automation for profit. Other security-related things for fun. Obtuse prose. Dream job: Starship Captain. There's a reason for the nickname.

Join PASCAL on the second Saturday of the month for a day of tours, entertainment and dialogue.

Drop on by if you would like to:
- Learn more about who PASCAL be, and what do PASCAL
- Start hacking stuff immediately
- Learn about current threats and how they work, or
- Simply mingle and have a relaxing afternoon with Infosec nerds.

Basic concessions will also be available!

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Waffle 0day is upon us!

Come celebrate the superiority of this human food in all of its square glory. Pancakes? pfft. Crepes? sac de barf. Lefse? lolwut. Waffles are the preferred and unofficial dietary supplement of hackers in the Portland area, and this day is to commemorate our life long dedication to the Square Beyond Compare (huh? what's that? some waffles are round you say? Guess what- they're still comprised of many smaller squares! Deal with it!).

Members of PASCAL will be providing waffle noms and beverages, bringing their best batter and facing off with other Titans of the Square in the March edition of Waffle 0day Jubilee!

There will also be music or a movie, games and fun/bizarre conversation centering around topics such as "Why Pancakes are the Inferior Multidimensional Array", "Why Crepes Don't Stack Up", and "Why Stack and Array Puns are on the Rise".

Be there, or be symmetrically quadrilateral.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Welcome to PASCAL Hackerspace's newest hands-on workshop: Build2Learn!

The general idea of the Build2Learn twice-monthly sessions is to take several categories of tools, analyze their functionality, and re-implement them using your language of choice.

The goal is not to present a tutorial. The goal is to have discussion around the process of breaking the problem down into specific use cases and requirements, i.e. tasks that can be more easily implemented.

The core goal of programming is problem solving, the aim here is to facilitate and encourage this skill.

There will be a focus on performing code review and encouraging people to demo their progress to the group.

Session_0 will focus on the following:

>Help individuals set up their development environment
>Make sure that the git workflow is well understood
>Help with a language selection
Note: while there will not be any prescribed languages,we suggest
either python or javascript. This is not to deter the use of other
languages. Just to suggest that there may be more help available using
something listed above.
>Help users install git for their operating system
>Help users create a github account and setup git to use it
>Help users install language and tooling (if needed)
>Help users install text editor and discuss the merits of different options

For more information, please visit-https://randy5235.github.io/build2learn/ or view the current repository directly on Github here: https://github.com/randy5235/build2learn . The purpose of this repository is to provide a resource for documentation and source code for the Build2Learn session(s) at PASCAL Hackerspace.

For questions regarding PASCAL Hackerspace and events hosted there in general, please email [masked]. For questions regarding Build2Learn, please reach out to Randy here on Meetup! He can be found here: https://www.meetup.com/members/10974695/

Some Teams are Red, Others are Blue, I Play Defense, and So Can You!

An endpoint security primer in three (?-ish) parts.
Part 1: MacOS
Part 2: Windows
Part 3: Linux

Come learn about the other side of the cybersecurity equation: how to raise the bar for attackers trying to pwn your endpoints. This talk series will focus on sane, sensible, and usable defaults; what each operating system can bring to the table; security through proper configuration; and small/medium scale distribution and management.

Part 1: We'll start with a broad overview of securing endpoints, the classes of attacks that might be encountered depending on your use cases, and what it means to be "secure." Then, we'll talk about configuring macOS for reasonable security, beginning with the hardware chain of trust, moving through the bootloader and touching on what Apple's hw/sw integration allows for: Activation Locks, MDM/DEP, and Software Recovery. Moving up the stack, we'll discuss the tiers of built-in macOS software security, and if time permits, several third party options to strengthen endpoint options.

Part 2: Let's kick off with quick refresher on previous topics, and then dive right in to Windows endpoint security. Because of the diversity of hardware, there will be less low-level focus this session, but BitLocker, TPM, and OPAL will be in the mix. Then, learn why Secure Boot is not a conspiracy, how Hyper-V is bae, why Windows 10 is actually the best thing since... earlier Windows 10 releases!, what Group Policy can do for you, and which version of Windows is the minimum necessary for any kind of sanity.

Part 3: In the stolen words of Steve Ballmer, compartmentalize compartmentalize compartmentalize! We'll talk about mitigating inevitable compromise, and then move to Linux security. Coreboot, Heads, and refreshers from PC hardware kick us off, then it's into the wilderness! We'll try and nail down some best practices for the wide and varied world of Linux distros, the security benefits of containers, why Flatpak is awesome, and a quick touch on grsecurity (aka "why we can't have nice things"). If there's time, we'll even try to talk about the security benefits of other nix's like OpenBSD & Qubes.

Part 4: This is unwritten, unplanned and unscheduled, but part 4 (and 5, and beyond!) could include topics like:
- hypervisors! and why trying to share memory has yet to be a good idea;
- how to do your best to secure them anyway;
- how and why you should deploy hardened and/or minimum viable configurations automatically (ansible, JAMF, AD/SCCM...)

This is intended as a high-level overview to get a baseline for each of the three operating systems; content will change and grow based on feedback and requests. Come help me evolve my endpoint security game, and steer the course for future events!

This series is brought to you by PASCAL Hackerspace, and presented by Magneto (the hacker, not the mutant...ok well, he could* be a mutant for all we know...)
Magneto is: prototyping the future. trying to kill sleep. Security analysis and automation for profit. Other security-related things for fun. Obtuse prose. Dream job: Starship Captain. There's a reason for the nickname.

One of the core goals of PASCAL is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

This session we have a very talented guest speaker.

Talk Abstract:

Rust is a new systems programming language, designed to compete with C and C++. Rust ensures memory and thread safety, with minimal (often zero) overhead. Rust brings many modern comforts to systems programming, like dependency management and an extensive public package registry. Mozilla is rewriting portions of its Firefox web browser in Rust to improve its performance and security.

In this talk, I'll explain the key design decisions that make Rust interesting, and do some live coding to give a sense of what the language is like to work with.

Speaker Bio:

Jim Blandy has been a professional programmer for 28 years, working for the Free Software Foundation, Red Hat, and Mozilla. He has been a maintainer of GNU Emacs, GNU Guile, and the GNU Debugger (GDB), and is one of the original designers of the Subversion version control system. He is a co-author of the book Programming Rust from O'Reilly. He is a member of the Developer Tools team at Mozilla.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

PASCAL Hackerspace is proud to announce a new presentation series in which an experienced security researcher, Malcolm, will be guiding us through the intricacies of network forensics!

The class will begin with a basic overview of what networks are; from conversations and snail mail to signal processing and radio operations (including ham radio!), ultimately leading into computer networks. We will review each aspect that comprises a network (paying special attention to protocols), how they function and eventually moving on to how they can be exploited!

The focus will predominantly be on TCP/IP and the OSI model computer networks. Layers, abstraction and encapsulation will be covered as well as the various physical and data link layers of each model. Each of the TCP/IP and OSI layers will be explained in detail, with some extra special attention being paid to the Transport Layer and its packets!

The end of the presentation will culminate in a hands-on workshop. Attendees will get assistance with installing Wireshark (if you do not already have it)- then proceed with live Network Forensics Seek and Pwn: capture, investigate, analyze!

Malcolm is a threat researcher with a major networking and security company, and has been doing networking for way too long. He wants to help other hackers learn the wonderful and weird world of packets, and all the terrible things you can do with them.

Hack2Learn is a bi-monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to various types of reverse engineering and binary challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!

For the next several Hack2Learn workshops, we will be taking a crack at Assembly-focused CTF (Capture The Flag) and reversing challenges, specifically microcorruption. MrDe4d will start by giving a short presentation on a particular aspect of the theory behind ASM (last time we talked about ISRs in MSP430 MCUs). The goal of the presentation prior to the challenge is to (hopefully) help everyone in attendance to gain theoretical as well as practical knowledge.
Being able to gain control of system memory is a powerful skill, and is a gateway to understanding memory structure, how data is accessed and processed, how the OS, CPU and programs interface with one another and ultimately how to pwn. Throughout the series we will cover basic syntax, instructions, conditions, and more! As we dive deeper into each aspect of the challenges, we will continue to reiterate what has been covered with Assembly- we expect questions to be frequent and recurring. It is absolutely OK to ask the same thing more than once; PASCAL Hack2Learn is a friendly learning environment!
H2L has two major goals: for everyone to capture the flags, and to learn to reverse. This is not a workshop focused on learning a tool (though we do use Cutter), rather it is designed to get attendees thinking logically, critically & to get everyone accustomed to being uncomfortable and not knowing the answer.
As we will be focusing on microcorruption CTF challenges for the next several workshops, it is not necessary to have Cutter or any other debugger installed. Microcorruption has its own web based debugger that is very easy to learn and use!

Questions? Email [masked] or get on the PASCAL Discord and interact with other PDX hackers (ask for invite).

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Welcome to PASCAL Hackerspace's newest hands-on workshop: Build2Learn!

The general idea of the Build2Learn twice-monthly sessions is to take several categories of tools, analyze their functionality, and re-implement them using your language of choice.

The goal is not to present a tutorial. The goal is to have discussion around the process of breaking the problem down into specific use cases and requirements, i.e. tasks that can be more easily implemented.

The core goal of programming is problem solving, the aim here is to facilitate and encourage this skill.

There will be a focus on performing code review and encouraging people to demo their progress to the group.

Session_0 will focus on the following:

>Help individuals set up their development environment
>Make sure that the git workflow is well understood
>Help with a language selection
Note: while there will not be any prescribed languages,we suggest
either python or javascript. This is not to deter the use of other
languages. Just to suggest that there may be more help available using
something listed above.
>Help users install git for their operating system
>Help users create a github account and setup git to use it
>Help users install language and tooling (if needed)
>Help users install text editor and discuss the merits of different options

For more information, please visit-https://randy5235.github.io/build2learn/ or view the current repository directly on Github here: https://github.com/randy5235/build2learn . The purpose of this repository is to provide a resource for documentation and source code for the Build2Learn session(s) at PASCAL Hackerspace.

For questions regarding PASCAL Hackerspace and events hosted there in general, please email [masked]. For questions regarding Build2Learn, please reach out to Randy here on Meetup! He can be found here: https://www.meetup.com/members/10974695/

Hello everyone. It's time for another awesome GraphQLPDX meetup. Craig Buchanan will be giving a presentation on converting a REST API to GraphQL as well as some other related topics. For more details see the abstract below. There will also be plenty of time to talk to others about GraphQL, float questions you may have, and more.

Interested in giving a lightning talk or longer presentation about something you have been tinkering with or something you have learned about GraphQL? This is a great low key place to share knowledge amongst each other. May is wide open right now. Connect with Daniel and we will make it happen.

Topic Abstract:

From controllers to resolvers, and JSON views to schemas, this talk shows how to convert a Phoenix application (https://phoenixframework.org/) from a traditional REST API to a GraphQL API using the popular Absinthe toolkit (https://absinthe-graphql.org/). Benefits include: typesafe user input, automatically documented API, and mitigation against the dreaded N+1 query problem.

Some Teams are Red, Others are Blue, I Play Defense, and So Can You!

An endpoint security primer in three (?-ish) parts.
Part 1: MacOS
Part 2: Windows
Part 3: Linux

Come learn about the other side of the cybersecurity equation: how to raise the bar for attackers trying to pwn your endpoints. This talk series will focus on sane, sensible, and usable defaults; what each operating system can bring to the table; security through proper configuration; and small/medium scale distribution and management.

Part 1: We'll start with a broad overview of securing endpoints, the classes of attacks that might be encountered depending on your use cases, and what it means to be "secure." Then, we'll talk about configuring macOS for reasonable security, beginning with the hardware chain of trust, moving through the bootloader and touching on what Apple's hw/sw integration allows for: Activation Locks, MDM/DEP, and Software Recovery. Moving up the stack, we'll discuss the tiers of built-in macOS software security, and if time permits, several third party options to strengthen endpoint options.

Part 2: Let's kick off with quick refresher on previous topics, and then dive right in to Windows endpoint security. Because of the diversity of hardware, there will be less low-level focus this session, but BitLocker, TPM, and OPAL will be in the mix. Then, learn why Secure Boot is not a conspiracy, how Hyper-V is bae, why Windows 10 is actually the best thing since... earlier Windows 10 releases!, what Group Policy can do for you, and which version of Windows is the minimum necessary for any kind of sanity.

Part 3: In the stolen words of Steve Ballmer, compartmentalize compartmentalize compartmentalize! We'll talk about mitigating inevitable compromise, and then move to Linux security. Coreboot, Heads, and refreshers from PC hardware kick us off, then it's into the wilderness! We'll try and nail down some best practices for the wide and varied world of Linux distros, the security benefits of containers, why Flatpak is awesome, and a quick touch on grsecurity (aka "why we can't have nice things"). If there's time, we'll even try to talk about the security benefits of other nix's like OpenBSD & Qubes.

Part 4: This is unwritten, unplanned and unscheduled, but part 4 (and 5, and beyond!) could include topics like:
- hypervisors! and why trying to share memory has yet to be a good idea;
- how to do your best to secure them anyway;
- how and why you should deploy hardened and/or minimum viable configurations automatically (ansible, JAMF, AD/SCCM...)

This is intended as a high-level overview to get a baseline for each of the three operating systems; content will change and grow based on feedback and requests. Come help me evolve my endpoint security game, and steer the course for future events!

This series is brought to you by PASCAL Hackerspace, and presented by Magneto (the hacker, not the mutant...ok well, he could* be a mutant for all we know...)
Magneto is: prototyping the future. trying to kill sleep. Security analysis and automation for profit. Other security-related things for fun. Obtuse prose. Dream job: Starship Captain. There's a reason for the nickname.

PASCAL Hackerspace is happy to announce a new bimonthly workshop! One of the core goals of our organization is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

Each 90 minute session we will focus on a different topic, although we may repeat them if there are requests to revisit material. Currently there will be 20-30 minutes of presentation, a walk through of a problem, followed by breaking into small groups to practice. Attending sequential events is probably helpful if the material is new to you, but not required.

First Session's Theme: Analysis Foundations

What is an algorithm, besides a scary word?
I'm a practical person, why do I care?
What is a data structure?
What is complexity analysis?
What is Big O? Big Theta? Big Omega?
How do I apply them?

Please bring your preferred note-taking device(s) and preferred scratch paper.

A laptop with your editor & language of choice may be handy for trying out your solutions- especially important if you are prepping for technical interviews, but is not at all required.

The PASCAL board is excited to be hosting this event alongside a very accomplished and brilliant woman in security-

Allison Marie Naaktgeboren is a Senior Software Engineer. She has previously written (and regretted) code at Mozilla, Amazon, Cisco, FactSet Research Systems, and the Biorobotics Laboratory in Carnegie Mellon’s Robotics Institute. Allison holds a Bachelor’s Degree in Computer Science from Carnegie Mellon University in Pittsburgh.

Allison is a mentor in the PDXWiT mentorship program, supports the Women Who Code Portland Algorithms track, and mentors high school students in robotics and programming (Go Rebel @lliance!) She is a member of PASCAL & the OWASP Portland chapter.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

PASCAL Hackerspace is proud to announce a new presentation series in which an experienced security researcher, Malcolm, will be guiding us through the intricacies of network forensics!

Network Forensics Seek and Pwn: capture, investigate, analyze!

The class will begin with a basic overview of what networks are; from conversations and snail mail to signal processing and radio operations (including ham radio!), ultimately leading into computer networks. We will review each aspect that comprises a network (paying special attention to protocols), how they function and eventually moving on to how they can be exploited! Each week the focus will shift to suit the attendees needs.

For the second edition of Network Pwnage, we will be diving into Layer
2: ARP, RARP, GARP, VLAN tags and how to abuse them, cam tables, ARP
flooding, and how to turn your local switch into a hub for better
sniffing opportunities.

As usual, there will be a short (30-40 minute) presentation of
material and then a hands on lab/experimentation time to put our new
skills to use. Attendees are encouraged to bring a laptop to play
along.

(I'm going to have to play around a bit to find the right tool set for
this one, as https://www.monkey.org/~dugsong/dsniff/ is pretty old,
and there are several people who claim to have taken over the
project...)
--Malcolm

Malcolm is a threat researcher with a major networking and security company, and has been doing networking for way too long. He wants to help other hackers learn the wonderful and weird world of packets, and all the terrible things you can do with them.

**NOTE**

While we will continue to work on the microcorruption CTF for the next several Hack2Learn workshops, the next meetup we are going to take a side quest and focus on a very special challenge involving hardware. It will be our first crack at embedded device security as a group. For more details- come see PASCAL next Thursday!

END NOTE

Hack2Learn is a bi-monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to various types of reverse engineering and binary challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!

For the next several Hack2Learn workshops, we will be taking a crack at Assembly-focused CTF (Capture The Flag) and reversing challenges, specifically microcorruption. MrDe4d will start by giving a short presentation on a particular aspect of the theory behind ASM (last time we talked about ISRs in MSP430 MCUs). The goal of the presentation prior to the challenge is to (hopefully) help everyone in attendance to gain theoretical as well as practical knowledge.
Being able to gain control of system memory is a powerful skill, and is a gateway to understanding memory structure, how data is accessed and processed, how the OS, CPU and programs interface with one another and ultimately how to pwn. Throughout the series we will cover basic syntax, instructions, conditions, and more! As we dive deeper into each aspect of the challenges, we will continue to reiterate what has been covered with Assembly- we expect questions to be frequent and recurring. It is absolutely OK to ask the same thing more than once; PASCAL Hack2Learn is a friendly learning environment!
H2L has two major goals: for everyone to capture the flags, and to learn to reverse. This is not a workshop focused on learning a tool (though we do use Cutter), rather it is designed to get attendees thinking logically, critically & to get everyone accustomed to being uncomfortable and not knowing the answer.
As we will be focusing on microcorruption CTF challenges for the next several workshops, it is not necessary to have Cutter or any other debugger installed. Microcorruption has its own web based debugger that is very easy to learn and use!

Questions? Email [masked] or get on the PASCAL Discord and interact with other PDX hackers (ask for invite).

Welcome to PASCAL Hackerspace's newest hands-on workshop: Build2Learn!

The general idea of the Build2Learn twice-monthly sessions is to take several categories of tools, analyze their functionality, and re-implement them using your language of choice.

The goal is not to present a tutorial. The goal is to have discussion around the process of breaking the problem down into specific use cases and requirements, i.e. tasks that can be more easily implemented.

The core goal of programming is problem solving, the aim here is to facilitate and encourage this skill.

There will be a focus on performing code review and encouraging people to demo their progress to the group.

Session_0 will focus on the following:

>Help individuals set up their development environment
>Make sure that the git workflow is well understood
>Help with a language selection
Note: while there will not be any prescribed languages,we suggest
either python or javascript. This is not to deter the use of other
languages. Just to suggest that there may be more help available using
something listed above.
>Help users install git for their operating system
>Help users create a github account and setup git to use it
>Help users install language and tooling (if needed)
>Help users install text editor and discuss the merits of different options

For more information, please visit-https://randy5235.github.io/build2learn/ or view the current repository directly on Github here: https://github.com/randy5235/build2learn . The purpose of this repository is to provide a resource for documentation and source code for the Build2Learn session(s) at PASCAL Hackerspace.

For questions regarding PASCAL Hackerspace and events hosted there in general, please email [masked]. For questions regarding Build2Learn, please reach out to Randy here on Meetup! He can be found here: https://www.meetup.com/members/10974695/

Have you ever wanted to put together a network mockup? A networking lab? Perhaps you'd like to simply practice networking concepts or learn more about how a specific brand or device functions?

This class will provide an introduction to GNS3, a powerful network emulation platform.

Attendees will review the setup/configuration of GNS3 and a couple applications by examinating a simple network example and a cybersecurity example with a Q&A session to wrap it up.

Some Teams are Red, Others are Blue, I Play Defense, and So Can You!

An endpoint security primer in three (?-ish) parts.
Part 1: MacOS
Part 2: Windows
Part 3: Linux

Come learn about the other side of the cybersecurity equation: how to raise the bar for attackers trying to pwn your endpoints. This talk series will focus on sane, sensible, and usable defaults; what each operating system can bring to the table; security through proper configuration; and small/medium scale distribution and management.

Part 1: We'll start with a broad overview of securing endpoints, the classes of attacks that might be encountered depending on your use cases, and what it means to be "secure." Then, we'll talk about configuring macOS for reasonable security, beginning with the hardware chain of trust, moving through the bootloader and touching on what Apple's hw/sw integration allows for: Activation Locks, MDM/DEP, and Software Recovery. Moving up the stack, we'll discuss the tiers of built-in macOS software security, and if time permits, several third party options to strengthen endpoint options.

Part 2: Let's kick off with quick refresher on previous topics, and then dive right in to Windows endpoint security. Because of the diversity of hardware, there will be less low-level focus this session, but BitLocker, TPM, and OPAL will be in the mix. Then, learn why Secure Boot is not a conspiracy, how Hyper-V is bae, why Windows 10 is actually the best thing since... earlier Windows 10 releases!, what Group Policy can do for you, and which version of Windows is the minimum necessary for any kind of sanity.

Part 3: In the stolen words of Steve Ballmer, compartmentalize compartmentalize compartmentalize! We'll talk about mitigating inevitable compromise, and then move to Linux security. Coreboot, Heads, and refreshers from PC hardware kick us off, then it's into the wilderness! We'll try and nail down some best practices for the wide and varied world of Linux distros, the security benefits of containers, why Flatpak is awesome, and a quick touch on grsecurity (aka "why we can't have nice things"). If there's time, we'll even try to talk about the security benefits of other nix's like OpenBSD & Qubes.

Part 4: This is unwritten, unplanned and unscheduled, but part 4 (and 5, and beyond!) could include topics like:
- hypervisors! and why trying to share memory has yet to be a good idea;
- how to do your best to secure them anyway;
- how and why you should deploy hardened and/or minimum viable configurations automatically (ansible, JAMF, AD/SCCM...)

This is intended as a high-level overview to get a baseline for each of the three operating systems; content will change and grow based on feedback and requests. Come help me evolve my endpoint security game, and steer the course for future events!

This series is brought to you by PASCAL Hackerspace, and presented by Magneto (the hacker, not the mutant...ok well, he could* be a mutant for all we know...)
Magneto is: prototyping the future. trying to kill sleep. Security analysis and automation for profit. Other security-related things for fun. Obtuse prose. Dream job: Starship Captain. There's a reason for the nickname.

PASCAL Hackerspace is happy to announce a new bimonthly workshop! One of the core goals of our organization is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

Each 90 minute session we will focus on a different topic, although we may repeat them if there are requests to revisit material. Currently there will be 20-30 minutes of presentation, a walk through of a problem, followed by breaking into small groups to practice. Attending sequential events is probably helpful if the material is new to you, but not required.

Theme: Hashes & Hashing.

Please bring your preferred note-taking device(s) and preferred scratch paper.

A laptop with your editor & language of choice may be handy for trying out your solutions- especially important if you are prepping for technical interviews, but is not at all required.

The PASCAL board is excited to be hosting this event alongside a very accomplished and brilliant woman in security-

Allison Marie Naaktgeboren is a Senior Software Engineer. She has previously written (and regretted) code at Mozilla, Amazon, Cisco, FactSet Research Systems, and the Biorobotics Laboratory in Carnegie Mellon’s Robotics Institute. Allison holds a Bachelor’s Degree in Computer Science from Carnegie Mellon University in Pittsburgh.

Allison is a mentor in the PDXWiT mentorship program, supports the Women Who Code Portland Algorithms track, and mentors high school students in robotics and programming (Go Rebel @lliance!) She is a member of PASCAL & the OWASP Portland chapter.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

PASCAL Hackerspace is proud to announce a new presentation series in which an experienced security researcher, Malcolm, will be guiding us through the intricacies of network forensics!

Network Forensics Seek and Pwn: capture, investigate, analyze!

The class will begin with a basic overview of what networks are; from conversations and snail mail to signal processing and radio operations (including ham radio!), ultimately leading into computer networks. We will review each aspect that comprises a network (paying special attention to protocols), how they function and eventually moving on to how they can be exploited! Each week the focus will shift to suit the attendees needs.

For the second edition of Network Pwnage, we will be diving into Layer
2: ARP, RARP, GARP, VLAN tags and how to abuse them, cam tables, ARP
flooding, and how to turn your local switch into a hub for better
sniffing opportunities.

As usual, there will be a short (30-40 minute) presentation of
material and then a hands on lab/experimentation time to put our new
skills to use. Attendees are encouraged to bring a laptop to play
along, and to have a VM with Linux (Kali is probably best, but choose your flavor!) or Mac OS as it is generally easier to work with layer 2 on these platforms.

(I'm going to have to play around a bit to find the right tool set for
this one, as https://www.monkey.org/~dugsong/dsniff/ is pretty old,
and there are several people who claim to have taken over the
project...)
--Malcolm

Malcolm is a threat researcher with a major networking and security company, and has been doing networking for way too long. He wants to help other hackers learn the wonderful and weird world of packets, and all the terrible things you can do with them.

**NOTE**

While we will continue to work on the microcorruption CTF for the next several Hack2Learn workshops, the next meetup we are going to take a side quest and focus on a very special challenge involving hardware. It will be our first crack at embedded device security as a group. For more details- come see PASCAL next Thursday!

END NOTE

Hack2Learn is a bi-monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to various types of reverse engineering and binary challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!

For the next several Hack2Learn workshops, we will be taking a crack at Assembly-focused CTF (Capture The Flag) and reversing challenges, specifically microcorruption. MrDe4d will start by giving a short presentation on a particular aspect of the theory behind ASM (last time we talked about ISRs in MSP430 MCUs). The goal of the presentation prior to the challenge is to (hopefully) help everyone in attendance to gain theoretical as well as practical knowledge.
Being able to gain control of system memory is a powerful skill, and is a gateway to understanding memory structure, how data is accessed and processed, how the OS, CPU and programs interface with one another and ultimately how to pwn. Throughout the series we will cover basic syntax, instructions, conditions, and more! As we dive deeper into each aspect of the challenges, we will continue to reiterate what has been covered with Assembly- we expect questions to be frequent and recurring. It is absolutely OK to ask the same thing more than once; PASCAL Hack2Learn is a friendly learning environment!
H2L has two major goals: for everyone to capture the flags, and to learn to reverse. This is not a workshop focused on learning a tool (though we do use Cutter), rather it is designed to get attendees thinking logically, critically & to get everyone accustomed to being uncomfortable and not knowing the answer.
As we will be focusing on microcorruption CTF challenges for the next several workshops, it is not necessary to have Cutter or any other debugger installed. Microcorruption has its own web based debugger that is very easy to learn and use!

Questions? Email [masked] or get on the PASCAL Discord and interact with other PDX hackers (ask for invite).

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Hello fellow Graphers. This month will be a low key opportunity to come and hang out with others interested in GraphQL. Come share what you have been working on, ask questions if you need help, or just hang out.

Are you interested in giving a presentation or lightning talk on something you have been tinkering with or learned? We are always looking for more presentations. It’s a pretty low key group. Reach out to Daniel and we will make it happen.

Topic: Review of material so far by student request: Big O, arrays, linked lists, hashing and hashes.

PASCAL Hackerspace is happy to announce a new bimonthly workshop! One of the core goals of our organization is to provide educational opportunities to people in the information security and technical communities of Portland, and with AlgoBytes we get to do exactly that!

AlgoBytes is an informal workshop series to learn a bit more about the formal foundations of the field of computer science and about core data structures/algorithms frequently used for interviews, whether you've never explored them before or need a refresher.

Each 60 minute session we will focus on a different topic, although we may repeat them if there are requests to revisit material. Currently there will be 20-30 minutes of presentation, a walk through of a problem, usually followed by breaking into small groups to practice. Attending sequential events is probably helpful if the material is new to you, but not required.

Topics announced about 2 weeks in advance

Please bring your preferred note-taking device(s) and preferred scratch paper.

A laptop with your editor & language of choice may be handy for trying out your solutions- especially important if you are prepping for technical interviews, but is not at all required.

The PASCAL board is excited to be hosting this event alongside a very accomplished and brilliant woman in security-

Allison Marie Naaktgeboren is a Senior Software Engineer. She has previously written (and regretted) code at Mozilla, Amazon, Cisco, FactSet Research Systems, and the Biorobotics Laboratory in Carnegie Mellon’s Robotics Institute. Allison holds a Bachelor’s Degree in Computer Science from Carnegie Mellon University in Pittsburgh.

Allison is a mentor in the PDXWiT mentorship program, supports the Women Who Code Portland Algorithms track, and mentors high school students in robotics and programming (Go Rebel @lliance!) She is a member of PASCAL & the OWASP Portland chapter.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

PASCAL Hackerspace is proud to announce a new presentation series in which an experienced security researcher, Malcolm, will be guiding us through the intricacies of network forensics!

Network Forensics Seek and Pwn: capture, investigate, analyze!

The class will begin with a basic overview of what networks are; from conversations and snail mail to signal processing and radio operations (including ham radio!), ultimately leading into computer networks. We will review each aspect that comprises a network (paying special attention to protocols), how they function and eventually moving on to how they can be exploited! Each week the focus will shift to suit the attendees needs.

For the 4th session of Network Pwnage, we will be diving into Layer 4, TCP/UDP/ICMP.

Having gotten this high in the stack, we'll start to do some serious packet capture analysis, so bring a laptop with Wireshark installed.

As usual, there will be a short (30-40 minute) presentation of
material and then a hands on lab/experimentation time to put our new
skills to use.

Malcolm is a threat researcher with a major networking and security company, and has been doing networking for way too long. He wants to help other hackers learn the wonderful and weird world of packets, and all the terrible things you can do with them.

**NOTE**

While we will continue to work on the microcorruption CTF for the next several Hack2Learn workshops, the next meetup we are going to take a side quest and focus on a very special challenge involving hardware. It will be our first crack at embedded device security as a group. For more details- come see PASCAL next Thursday!

For the second part of this hardware challenge, we will be taking an indepth look at the device ROM and MCU. We will be using the MiniPro chip reader, and again working with TTL converters.

END NOTE

Hack2Learn is a bi-monthly CTF (capture the flag) meetup hosted at PASCAL in Portland, OR. PASCAL is an organization of equal opportunity hackers, and we will be introducing you to various types of reverse engineering and binary challenges that you might face at any level, and at any time in the fields of information security and technology as a whole, for fun or profit.
Hacker/Tech culture and community can sometimes be a bit (or a byte ^_^) off-putting, especially to those trying to figure out what exactly it is, what we are and what we do. During this meetup at PASCAL, we welcome n00bs with open arms! Never competed in a CTF challenge before? Never even heard of CTFs? Do you have a strong desire to learn & teach alongside peers? GOOD!! You will fit right in at Hack2Learn!

For the next several Hack2Learn workshops, we will be taking a crack at Assembly-focused CTF (Capture The Flag) and reversing challenges, specifically microcorruption. MrDe4d will start by giving a short presentation on a particular aspect of the theory behind ASM (last time we talked about ISRs in MSP430 MCUs). The goal of the presentation prior to the challenge is to (hopefully) help everyone in attendance to gain theoretical as well as practical knowledge.
Being able to gain control of system memory is a powerful skill, and is a gateway to understanding memory structure, how data is accessed and processed, how the OS, CPU and programs interface with one another and ultimately how to pwn. Throughout the series we will cover basic syntax, instructions, conditions, and more! As we dive deeper into each aspect of the challenges, we will continue to reiterate what has been covered with Assembly- we expect questions to be frequent and recurring. It is absolutely OK to ask the same thing more than once; PASCAL Hack2Learn is a friendly learning environment!
H2L has two major goals: for everyone to capture the flags, and to learn to reverse. This is not a workshop focused on learning a tool (though we do use Cutter), rather it is designed to get attendees thinking logically, critically & to get everyone accustomed to being uncomfortable and not knowing the answer.
As we will be focusing on microcorruption CTF challenges for the next several workshops, it is not necessary to have Cutter or any other debugger installed. Microcorruption has its own web based debugger that is very easy to learn and use!

Questions? Email [masked] or get on the PASCAL Discord and interact with other PDX hackers (ask for invite).

Join PASCAL on the second Saturday of the month for a day of tours, entertainment and dialogue.

Drop on by if you would like to:
- Learn more about who PASCAL be, and what do PASCAL
- Start hacking stuff immediately
- Learn about current threats and how they work, or
- Simply mingle and have a relaxing afternoon with Infosec nerds.

Basic concessions will also be available!

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Come learn about the other side of the cybersecurity equation: how to raise the bar for attackers trying to pwn your endpoints. This talk series will focus on sane, sensible, and usable defaults, security through proper configuration, and small/medium scale distribution and management.

********

DefSec 0x05: Ansible, Part 1

Dive deep into the Dirac Sea...of security automation!

Let's talk about Ansible (the RedHat automation/configuration management tool, not the scifi FTL machine). To quote a different introductory course, "Ansible is an automation and configuration management technology used to provision, deploy, and manage compute infrastructure across cloud, virtual, and physical environments." This initial session will focus on:
- a high-level overview of what Ansible is
- how it works
- beginning to use Ansible via ad-hoc commands
- reasoning + planning about tasks -> playbooks -> roles
- how you might deploy it at scale
- and finally, as time permits: hands on with playbooks!

Part 2 of this talk (coming soon!) will focus on a practical application of Ansible, namely deploying the Ubuntu Linux CIS benchmark against multiple virtual machines for hardening purposes.

This series is brought to you by PASCAL Hackerspace, and presented by Magneto (the hacker, not the mutant. Probably.) He does security analysis and automation for profit, and systems thinking and other security-related things for fun. Uses obtuse prose. Talks fast and loud. Dreams of eliminating sleep. Protoypes the future.

This Saturday at PASCAL we are offering a Hacker Symposium of sorts, featuring a few handy tools of the trade as well as two major frameworks often used in developing exploits and attacking systems or networks. We will be surveying several of the tools that are part of Kali, and easy to install on any Debian derived distro. It seems many folks, sometimes even the professionals already hip deep in the field of tech, are unaware of the power their packages wield! The wild hacker kidz at PASCAL are going to show you how to get started with packaged/pre-loaded tools like Burp Suite, Binwalk, Wireshark, Kismet and will also provide you with an overview of the Metasploit and Volatility frameworks. Come take your first step with Reverse Engineering at PASCAL using Binwalk! Excuse yourself and set up a proxy with Burp Suite! Breath deep and sniff packets with Kismet! Enjoy these puns and more, in person with Cylon and the rest of the misfit hackers of PDX!

We will set aside time to answer questions, and hold demonstrations of each utility discussed. This is all about what YOU want to learn!! Questions? please email Cylon--> [masked]. PASCAL also has a Discord server as means of communication regarding upcoming events, news in infosec and memes (inquire within).
If you RSVP and are no longer able to make it, please do take the time to change your RSVP so that someone else may attend, even if it is only an hour before! Thanks!

Tonight we will have a presentation by Sean Grove from OneGraph. As always we will also have time to connect with others in the GraphQL community, talk about what you are tinkering with, problems you are encountering, and more. See you there.

Are you interested in giving a presentation or lightning talk on something you have been tinkering with or learned? We are always looking for more presentations. It’s a pretty low key group. Reach out to Daniel and we will make it happen.

Speaker Details

Sean's been convinced there are better ways to develop applications across the stack for years, and built time-traveling debuggers, interface builders, layout tools, and graphic design tools in his quest to explore the space. His company was the first to deploy ClojureScript's Om library to a production app in early 2014, he helped lay the architecture for CircleCI's open-source frontend app and precursorapp.com, built systems to support tens of millions of dollars in transactions, and most recently founded OneGraph, a single GraphQL endpoint for all your most important APIs.

Hey everyone. We are back for August. Tonight we will have some lightning talks and plenty of time to discuss what you have been tinkering or building.

Want to give a lightning talk on GraphQL? Connect with Daniel in the comments or @dslemay on Twitter. It's a super low key group and we all have knowledge to share.

Looking forward to seeing you then.

Hey all. Welcome to another GraphQLPDX meetup. Come get together with other GraphQL enthusiasts and those interested in the technology to have some food and chat all things GraphQL, other tech welcome too :).

If you are interested in giving a lightning talk or discussing something cool you have learned about GraphQL at this month's meetup or in the future, please reach out to Daniel on meetup or @dslemay on Twitter. Hope to see you there.