HELLO
HACKER

Join us on August 24th, 2023 as we set sail on Casco Bay off Portland, Maine for an unforgettable experience. This event is specially designed for technology professionals looking to connect, share ideas, and create meaningful relationships. 🌟 Highlights of the event: Mingle with fellow tech professionals in a relaxed setting Enjoy breathtaking views and a beautiful sunset over Casco Bay Forge new connections and strengthen your professional network 🥗🍻 This is a BYOB and potluck event! Please bring your favorite beverage and a dish to share with fellow attendees. Let's create a feast as we connect and converse! 🚨 Please note that space is limited for this event to ensure an intimate and engaging atmosphere. Be sure to sign up early to secure your spot! To ensure that folks can connect, please only reserve tickets for those who are interested or are working in the infosec industry. We want to create a focused environment for meaningful professional discussions and networking.

TBD - Portland area

Join us for our Bad-USB Workshop where you'll learn how to build devious USB devices that can wreak havoc on unsuspecting victims. Our goons will teach you the ins and outs of creating malicious USBs and provide valuable mitigation techniques to help protect against these attacks. Plus, you'll have the opportunity to participate in an open lab and put your newfound skills to the test. Don't miss out on this exciting and informative event!

DC207 will MTUG's annual user conference on May 4th in their 'Birds of a Feather' room. The conference is awesome this year, register now at https://www.eventbrite.com/e/2023-annual-mtug-information-technology-summit-tradeshow-registration-500891087727 and stop by and say hi!

Testing out detection capabilities before putting them into operation is important, even if you don’t have a big production environment to protect (yet). That’s where Atomic Red Team comes in! Together, we’ll talk about an open source library of prebuilt tests to evaluate your environment’s visibility and how you can make your own environment to test them in. Then, we’ll walk through what events are created after running a test and what we can learn from them. This is truly the core fiber of Atomic!

Join us for an exciting Capture the Flag (CTF) event hosted by DC207 on March 23rd! This virtual event will be held on the mainesec.org Discord server and is open to anyone who is interested in testing their cybersecurity skills. Whether you're a beginner or an experienced hacker, this CTF is designed to challenge your knowledge and problem-solving abilities. Compete against other players and see who can solve the most challenges in the shortest amount of time. The CTF will feature a variety of challenges in different categories, including cryptography, web security, reverse engineering, and more. Each challenge will have a certain number of points assigned to it, and the player or team with the most points at the end of the event will be declared the winner. So, mark your calendar and get ready to show off your skills at the DC207 CTF event on March 23rd. Join the mainesec.org Discord server to participate and have fun!

Are you ready to take a trip back in time? Well, strap on your fanny pack and dust off your Gameboy (or Gamegear + 37 batteries) because DC207 is inviting you the ultimate retro-gaming happy hour experience at Arcadia! On February 16th at 6 PM, we're inviting all information security professionals, technology practitioners, geeks, and students alike to join us for a night of nostalgia, networking and fun. Arcadia has all of the classics and of course, a wide selection of pinball machines to test your pinball wizard skills. So come ready to eat, drink, play and mingle with like-minded individuals. Remember, "It's dangerous to go alone! Take this." (and your business card). Don't miss out on this opportunity to have a great time and make valuable connections. We promise it will be a night you won't forget. See you there!

DC207 is hosting a very special soldering workshop in January to kick-start the new year. Join us to learn how to assemble and repair electronic components - no experience required! We'll have kits and build a light-up fidget spinner, plenty of helpers, and an instructor showing you the ins and outs of building your first electronics project. We'll have a flipper zero giveaway, new DC207 stickers, pizza, and good times held by all. You MUST sign up for this event - space is limited!

The internet is a scary place. There are bad folks everywhere, just waiting to steal your data or invade your privacy. A VPN seems like the perfect solution to this problem – after all, it encrypts your traffic and routes it through a secure tunnel, keeping you safe from prying eyes... right? But unfortunately, VPNs are not the cure-all that the doctor ordered. Jim Troutman joins us for a very special talk "VPNs are internet snake oil". This Shmoocon 2022 talk got media attention and it's coming to DC207. So, join us, you won't want to miss this provocative and informative presentation.

Feeling a bit roguish? Wish you knew how to pick locks, break out of handcuffs, and crack open safes? Well, DC207's event on October 20th is something you won't want to miss. We'll be learning the ins and outs of lockpicking from community experts over cold beers. Come to Sebego's brewpub in Scarboro for a cold brew and pop locks with your local hackers. We'll have a safe cutaway, handcuffs, and a whole lot of locks for you to try your skills on. Lockpicks will be available to borrow (or available to take home with a donation) - so bring yourself and learn how to pick locks.

DC207 is hosting a very special mystery event on September 15th. For our first time ever, we'll be at the USM Gorham campus for a fabulous presentation on creating bots, beating AI, and taking on fraudsters on Amazon. This is a special presentation - the speaker and title of the talk have been withheld. No recording devices are allowed at the event due to reasons we'll talk about at the event. Don't miss it. Sign up today to ensure you have a seat to this excellent talk!

Hey hackers! DC207, Maine's DEFCON group is gathering in April at rising tide brewing company in Portland. Join us to reflect on what's happening in the community, network, complain about latest vulnerability, or trade notes on the latest TryHackMe room you're working on. See ya there!

DC207 invites you to "Introduction to Amateur Radio" by the Wireless Society of Southern Maine, presented by Tim Watson KB1HNZ. Learn about the world of HAM radio and the world of RF! Tim is one of the founders of our club, which was established in 2010, and is currently our Treasurer.

DC207 invites you to an open hacker lab! DC207 celebrates the hacker culture of learning, taking things apart, and broadening your horizons. What better way to celebrate than to have an open lab in one of the most extraordinary maker spaces in Southern Maine?

Hey hackers! DC207, Maine's DEFCON group is gathering in April at rising tide brewing company in Portland. Join us to reflect on what's happening in the community, network, complain about latest vulnerability, or trade notes on the latest TryHackMe room you're working on. See ya there!

Dungeons and Dragons, magic, texas hold em, pokemon... you're likely familiar with one or more of those, but have you heard of Backdoors and Breaches? Join us in March 2022 to learn about the new card game from BHIS, Backdoors and Breaches. A game, a learning experience, a table top exercise, all in one fun card deck. We'll cover a brief history of the game, rules and everything you need to know to get started.

DC207 invites you to an open hacker lab! DC207 celebrates the hacker culture of learning, taking things apart, and broadening your horizons. What better way to celebrate than to have an open lab in one of the most extraordinary maker spaces in Southern Maine?

Hey hackers! DC207, Maine's DEFCONgroup is gathering this week at rising tide brewing company in Portland. Join us to reflect on the year, network, complain about log4j, trade notes on KringleCon and kick back with the local infosec community. See ya there!

DC207 invites you to their first-ever open hacker lab! DC207 celebrates the hacker culture of learning, taking things apart, and broadening your horizons. What better way to celebrate than to have an open lab in one of the most extraordinary maker spaces in Southern Maine?

A honeypot is an intentionally created fake system that is designed as a trap for the potential attackers. They deviate the attack to the fake system rather than the original system and even it helps you detect the malicious traffic and track them. In this workshop we'll be building our own honeypots with microcontrollers. Bring your laptop with you, this will be a hands-on exercise where you'll learn how to create simple honeypots using microcontrollers. All hardware will be provided and you'll be bringing home your own honeypot by the end of the workshop.

GitHub Actions are a popular thing with the DevOps crowd, but what sort of supply chain risks do they bring to an organization? Can the GitHub Action Marketplace be trusted? Scott Ellis joins us to provide an overview of GitHub Actions for those not familiar and proceed to demonstrate a few vulnerabilities that have already been used in real-world attacks.

CVES - how do they work? Well, get ready to find out! Join us on August 19th at the open bench project in Portland Maine for an exciting presentation on how to find bugs and successfully publish CVEs.

Join us in socializing - in person! After a long time of just meeting online, let's get together and catch up. No formal talk, or subjects, just beers and peers. :-)

Hardware hacking is for everyone! Fundamentals and benefits of learning hardware hacking. How to set up a lab on a tight budget, and a POC on hacking around the house.

Join us for an informative session on AWS Vulnerability scanning and management. We'll be joined by Josh Moss who will walk us through how to look for and find problems in your cloud and devops driven infrastructure with free open source tooling. You won't want to miss it! Sign up today

Join DC207 for the kickoff to a special event we're hosting with the help of Secure Code Warrior! We’ve partnered with Secure Code Warrior to bring you a defensive security-based tournament from a developer's perspective. The tournament allows you to test your skill against the other participants in a series of vulnerable code challenges that ask you to identify a problem, locate insecure code, and fix a vulnerability. Join us on the day for our kickoff event, and then finish the challenge over the week.

Maine's community of security experts get together for some awesome knowledge sharing. Join us for presentations on malware analysis, pivoting, and the nmap scripting engine. See you there, and don't forget to register over at http://events.dc207.org

Chris Elgee joins us for a holiday themed DC207! We'll be talking all about the SANS holiday hack challenge, something Chris has been involved with for years. Join us for an overview of this awesome holiday event and learn more about what goes into the creation of such an event.

In this exciting deep dive on application security we'll be exploring real world examples of advanced hacking techniques like attack chaining, command injection, remote code execution and broken access control. Burninator will presenting her take on the world of application security and red teaming. Don't miss, it's going to be great!

Come hither and play a fun game in cyberspace with your fellow New England hackers! We're hosting our first Jeopardy-style trivia game, with buzzers and everything. Points and prizes are awarded at the host's discretion - so come prepared with a frosty beverage, an open google browser, and have some fun with us!

Amateur Radio is a hobby enjoyed by hundreds of thousands of people worldwide. Learn about radios, antennas, atmospheric transmission. During this introduction, we’ll demonstrate some state-of-the-art radio equipment and explain how you can get involved with this awesome hobby.

Web crawlers or spiders have been a mainstay in the testing toolkit of security folks for many years. They’re great for mapping out websites and understanding what you’ll be testing. There’s one disadvantage to spiders though, they only show you what you have access to… what if some of those resources are user specific, or are behind resources you can’t see or reach? In this talk, Ryan Boutot will be introducing a new open source tool for security researchers called XSSpider. XSSpider is a unique spidering tool which is meant to run within an XSS payload and execute spidering from the user’s browser, saving everything it finds for later review. You will simply not want to miss the debut of this new awesome tool.

DEFCON 28 is a wrap! Did you have fun? What did you like about DEFCON 28? We'll be tapping a few folks to give recaps of the highlights of DEFCON 28 and talk through the things learned. Come for a casual meetup to talk about all the things you saw and didn't see! :-)

Featuring four lightening talks from local community members. We'll focus primarily on speakers who have not presented before, or people who are new to the industry. Topics will include security certifications, Azure, Elastic, and resources for the newly developing professional. You won't want to miss it!

Join us for this special event where we'll be joined by the super awesome Mubix, aka Rob Fuller. Rob has over 14 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks - as well as performing penetration tests and Red Team assessments against those same networks. More recently, Rob has performed numerous successful Red Team assessments against commercial Fortune 50 companies representing some of the best defensive teams in the industry. More event details to follow.

A lot is expected of software developers these days; they are expected to be experts in everything despite very little training. Throw in the IT security team (often with little-to-no knowledge of how to build software) telling developers what to do and how to do it, and the situation becomes strained. This strained relationship can be overcome! Join us and Tanya for a masterclass in AppSec.

DC207 is hosting another awesome capture the flag event! Come to hone your skills and learn how to hack in this fun and inviting setting.

Jim Troutman's ShmooCon 2020 winning talk is going to explore the unloved protocol, DNS. It's the glue that keeps the internet together, and can be used in surprising and unexpected ways. Join us for this awesome talk!

In this hands-on workshop we’ll be building passive Ethernet tap devices. With these we’ll be able to sniff network traffic and analyze the data between endpoints.