What is hacking?

Taking advantage of something’s existing functionality in an unintended way to achieve a goal.

What is ethical hacking?

Taking advantage of something’s existing functionality in an unintended way to achieve a goal.

In ethical hacking, this goal is to improve the security of a system. This is achieved through finding and responsibly disclosing vulnerabilities in a process called Penetration Testing.

Most importantly, this process is done legally and with explicit permission from the system owner.

⚠ A Serious Warning ⚠

Over the course of the year you are going to learn a number of skills that can be used in a malicious manner.

This is NOT what we are running the group for.

We do not tolerate malicious or illegal behaviour.

We will not hesitate to report you to relevant authorities for misuse of the material we deliver

In case that isn’t scary enough for you…

Unauthorised access to computer material, punishable by twelve months’ imprisonment and/or an unlimited fine.

Unauthorised access with intent to commit or facilitate commission of further offences, punishable by twelve months/maximum fine on summary conviction and/or five years/fine on indictment;

Unauthorised modification of computer material, punishable by twelve months/maximum fine on summary conviction and/or ten years/fine on indictment;

You might also be hired by GCHQ

Avoid these laws with some simple steps

Don’t mess with systems that aren’t yours, instead practice on either your own hardware, our lab machines, and websites such as Hack The Box.

When doing pen-tests, always discuss with the client to decide on appropriate scope and get this in writing.

Code of Conduct

We are a hacking group. Everyone should feel welcome to participate in our community.

We will not tolerate our members engaging in being Racist/Sexist/Homophobic/Transphobic/Ableist/Discriminatory Against Mental Health.

Be nice, thanks.

Enough of the scary stuff ;)

Now that’s out of the way, this year will include the following:

• Lectures on relevant material delivered by us
• Specially designed labs to complement taught material
• Guest Talks
• Group challenges and competitions
• External Capture the Flag competitions and conferences
• Socials

To get the most out of this group, you will need to put in time learning for yourself.

What will you learn?

• Session 1: Intro and Recon
• Session 2: Enumeration
• Session 3: Infrastructure Exploitation
• Session 4: Cryptography, Cracking, Credentials
• Session ??: Hack the box, Privesc, Phishing, Web app exploitation, Reverse engineering, Hardware hacking, Skiddy scripting, Network forensics, Steganography, Buffer overflows, Radio hacking.

LUHack 2023/24

Presentations in the sky lounge every week (Slides uploaded to Discord afterwards)

We hack Virtual Machines which you can access via tailscale. luhack.uk/start for info

Getting Connected

Right click the bot’s mention in #luhack-instructions and click ‘message’

Type `/verify begin` and enter your lancaster email.

Check your lancaster email, you’ll have received an email

Copy the quoted command at the bottom, if the command doesn’t autofill, click the popup

Check back in the LUHack discord, you should have access now, and can proceed to getting connected to our labs.

To get access to our labs, visit luhack.uk/start and follow the contained guide to install Tailscale.

Once you have Tailscale installed, you can click this button to get access to our kali vm service. Or use your own kali install if you desire.

Thanks for listening!