Nullcon 2014 happened at an interesting time for me. I had moved back to Bengaluru (from the US) 3 months ago and was trying to understand the Information Security scene in India. After attending a couple of null Meets in Bengaluru, I was excited about the variety of areas folks were working on. One of the volunteers in Bengaluru told me about nullcon and encouraged me to attend. While I had heard of nullcon (my colleague Ksenia had presented in 2013), I did not know much about the conference. After a little bit of research about the conference and looking at the lineup of speakers, I decided to give it a shot. The fact that it was being held at a sea-side resort in Goa, certainly made the decision easier.

When we started null – The Open Security Community, we didn’t really plan beyond the monthly gathering of infosec peeps and enthusiasts in cities like Pune and Bangalore.

We didn’t ask for registration, take any attendance (beyond a cursory head count) and things were swell.

What we didn’t really think about (atleast I didn’t) was that we would still be doing this with enthusiasm and passion 5 and 1/2 years after we started. It is quite natural to start thinking about the next level after gaining proficiency in doing security related events month after month.

Hello everyone. This post describes an incident that occurred on the 15th of March at a null Humla session, at Bangalore. This incident is a very good example of why it is important to follow the Code of Conduct during null sessions.

Hello All :)

As you may know, n|u Jobs a.k.a null security jobs is an initiative by null – The Open Security Community. The aim of the project is to facilitate employment in the field of information security. The job posters and seekers both can post/apply for jobs online and are not charged anything for using the service.

We at null Delhi had many participants (especially the new comers in the field of hacking and security) ask basic questions about CTFs like what is CTF? How to participate in CTF contests? What kind of skills are required? so and so forth since the time of nullcon V earlier this year. While we were answering those questions we found a need of a real time challenge which we can put in front of attendees and they can probably play around with it to find the answers themselves. During this course we decided to put different challenges in front of the attendees related to various domains of security (reverse engineering, web application hacking, cryptography, forensics, operating systems, etc.) and ask them to solve these challenges at the venue itself. They can take assistance from the mods and their neighbors or do it themselves. After every challenge we would cover a detailed walkthrough which would not only focus on the solution of the particular challenge but would also clarify the concepts of techniques to be used during CTFs.

We had our 1st ever null Dharamshala meet on the 29th of March 2014. There were around 25 participants who attended. Their professions ranged from IT professional, web developer to freelancers. The view from the venue was breathtaking. One could see the whole of Dharamshala from there.

Author : Roopashree S

About : Roopashree has recently started attending null Chapter meets and Humla sessions. She is associated with one of the largest security providers and current area of interest is Web Security Testing.

I had a fabulous experience at “Wireless Hacking with Kali” Null Humla session. When the humla session was announced, the subject sounded very interesting.

Author: Sandeep Singh

I finished my work at 5:00 AM in the morning as usual and unfortunately was not feeling sleepy so what next? Yes! It’s the Ahaa Moment of the Day – Why not pen down the spirit that keeps us ticking! I decided to write about the spirit of null that keeps us ticking and keeps it running faster every day.

Puliya means culvert or a small bridge in Hindi.

We have been getting constant feedback about our null Humla and null Bachaav sessions. The feedback is both ways and almost all the champions are of the opinion that there are some essential non-security skills that are sorely lacking in a lot of attendees.

Bachaav (meaning defence in Hindi) is a completely hands-on workshop with the clear focus on learning the tools, techniques and approaches of defensive security using simulated servers and networks.

Bachaav is different from a normal null meet in its focus and duration. The focus is on learning specific tools and techniques and the duration is about 5-6 hours of hands-on work.