Searching the poisonous needle, NSE, & CrossCTF

Null Singapore

Wednesday, July 19th

6:45 pm - Searching the poisonous needle, NSE, & CrossCTF


  • Introduction & Announcements
  • “Searching the poisonous needle in a remote haystack” by Vitaly Kamluk
  • “Introduction to Nmap Scripting Engine (NSE)” by Wong Wai Tuck
  • “Cross-CTF: A Follow-Up on the CTF Scene in SIngapore)” by Wong Wai Tuck


“Searching the poisonous needle in a remote haystack” – This talk will focus on the release of new open-source tool for remote malware and digital forensics that was developed by the author while working with Interpol. The talk will contain technical details that will explain the architecture and features of OS for remote forensics, ways to overcome challenges of remote user trust, and demo on how to built your own Live OS in minutes.

“Introduction to Nmap Scripting Engine (NSE)” – In this talk, Wai Tuck will talk about an often ignored feature of Nmap, the Nmap Scripting Engine (NSE) – what it is, how to use it, and how to write your own simple scripts. Wai Tuck will walk through a demo of using Nmap to discover a vulnerability, and then writing a short script to automatically detect for that vulnerability downstream. If we have time, Wai Tuck will run through more complicated scripts, such as smb-vuln-cve[masked] (aka Sambacry).

“Cross-CTF: A Follow-Up on the CTF Scene in Singapore” – In this talk, Wai Tuck will share about updates to the CTF scene in Singapore and how it has evolved in the past year. This includes the motivation behind running Cross Varsity CTF (previously X-CTF, but now rebranded to CrossCTF) for its second run, as well as the insights the organising team has gained from running the competition. Wai Tuck will also share about the infrastructure and interesting challenges that the team has made for the competition, which includes reverse engineering an Arduino, collecting data from LED exfiltration, binary exploitation, binary patching and reverse engineering.

Bio of Speakers

Vitaly Kamluk, Principal Security Researcher at Kaspersky Lab. Speaker at null Meetups, HITCON, Black Hat Asia, Black Hat USA, DEFCON, ZeroNights, PHDays and more.

Wong Wai Tuck is sophomore going junior year Information Systems student at Singapore Management University (SMU). He is the outgoing President of Whitehat Society, the Information Security Special Interest Group at SMU. He is currently a Google Summer of Code (GSoC) intern at Nmap and has produced several detection scripts that is available in the latest release of Nmap, including a script to detect the Sambacry vulnerability. He has led initiatives for new competitions targeting different groups in Singapore, including WhiteHacks@SG (which targets JC students) and now CrossCTF 2017. In his free time, he tries his hand at getting certs, and currently holds OSCP.


Wednesday, July 19th
6:45 PM to 8:30 PM

EY (Ernst & Young)
North Tower, Level 14, 1 Raffles Quay
Singapore 048683

Have an event? Submit it here

Similar events

Nov 22nd 6:30 pm - Carousell X DataScience SG

For the coming November, we are happy to have Carousell to share more on the data science work they are working on.

Nov 22nd 7:00 pm - Book Night with Singapore’s leading VCs, entrepreneurs and big thinkers

Join Singapore’s leading VCs, entrepreneurs and big thinkers on November 22 for an intimate discussion of the New York Times Bestseller “Principles: Life & Work”, recently released by the legendary Ray Dalio.

Nov 22nd 6:30 pm - Creating a Great Customer Experience with Data

Hear from the experts from data and marketing world about how you can understand your customers in detail and develop a customer experience strategy that delivers real value leveraging data.

Nov 23rd 7:00 pm - Co-Founders Matching Event – Meet your Business Half!

If you believe that meaningful connections are best made face-to-face; if you are a start-up founder; if you are looking for a business partner; or looking to be part of a startup – we look forward to having you join us!

Nov 23rd 7:00 pm - #15 Real UX Research Practices That Work

Join two lovely UX professionals, who share about their UX research practices and tips.

Nov 28th 6:30 pm - Building the Cloudflare Network & Web Acceleration 101

2 Web Performance Talks at Cloudflare: 1. Learn the behind-the-scenes operations of Cloudflare; from interconnecting with ISPs and routing traffic across the internet, to identifying attacks and processing over 10 trillion log lines a month. 2. Learn the realities of modern web acceleration and the best practice you can use to speed up your online presence; using caching, modern web protocols and on-site optimisations.

Nov 28th 7:00 pm - Fintech and Big Data

Join us to learn more 2 speakers about how we can further expand the potential of FinTech, as well as its risks & necessary regulations.

Nov 28th 3:30 pm - Startups + Investors Speed Date

Find the support you’re looking for to sky-rocket the growth of your company We will match Startups looking for serie A fundings with the most appropriate investors’ category.

Nov 29th 7:00 pm - Talk CSS #23 Party Edition

We’re turning two! Join us for a celebration and learn something new about the front end world. There will be cake.

Nov 29th 6:30 pm - How to Land Your Dream Job in Tech

Our passionate panelists will share their stories, tips and advice on landing a job in the exciting world of technology.

Upcoming events