Welcome to BERKE1337, a group of computer security enthusiasts at UC Berkeley. We meet on a regular basis to organize, hack, defend, educate, and have fun.
The team competes in the Western Regional Collegiate Cyber Defense Competition each year, in addition to a variety of smaller offensive security competitions. In our meetings we practice hands-on security in both offensive and defensive roles. Past practices have involved reversing custom-built Windows malware, setting up a network intrusion monitor with any Linux machine in less than 5 minutes, and cracking ciphers for security capture-the-flag competitions.
There is no required experience level to join us! If you're interested, join the mailing list so you'll get notified when we have events or practices.
BERKE1337 was originally founded as a team to compete in the Western Regional Cyber Defense Competition. Since its inception, the team has grown, but this competition is still one of BERKE1337's biggest events. In this competition, our team of eight is given a network of approximately 20 servers and workstations which must be secured against constant attack from a professional security team. Simultaneously, we must complete objectives given to us by the competition organizers, such as setting up new roles for servers or reconfiguring network topology.
WRCCDC 2013: 2nd place
WRCCDC 2014: 1st place
NCCDC 2014: 5th place
CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world. Reverse-engineering, network sniffing, protocol analysis, system administration, programming, and cryptanalysis are all skills which can be useful in a CTF.
Throughout the year, BERKE1337 holds many workshops and practices so members can gain key knowledge in computer security. Workshops range in subject matter and skill level. Examples of past workshop topics include firewalls, malware, and intrusion detection systems.
All workshops are announced over the mailing list.
An incomplete list of some of our members.
Hacking computers since 1996. Expertise in network, web and software security. Also sometimes uses a soldering iron. Broke T-Mobile Wi-Fi Calling in 2013.
I'm a 4th year EECS student. I work at ResComp as the Lead Unit Supervisor, so I oversee all the tech support for the dorms. I find security really interesting, and took CS161 last year. I spent about a year doing tech support myself so I have plenty of experience with malware, in addition to getting really good at project management and giving presentations.
I'm a 4th year EECS student with a focus in security. I was once Lead Information Security Engineer for Student Affairs at Cal, and am now doing dev work for Berkeley Information Security and Policy. I've also done penetration testing for iSEC Partners, a San Francisco-based security consultancy. I like fighting with and creating malware, and recently I've been learning a bit about hacking the airwaves (SDR).
I'm a 3rd year CS major. I helped start up the team and I'm very interested in the policy and incident response aspects of security. I'm most familiar with cyber defense games, but I've been trying my hand at network and systems forensic challenges for CTFs and I'm having lots of fun. I'm also a member of the UC Berkeley IEEE and the Student Technology Council.
I'm a 4th year CS student that has been in interested in security for some time. Started CalSEC with Max Burkhardt and another friend in freshman year, been pretty active in security research and reading since. I enjoy Linux Administration and developing software in a security conscious fashion with a little bit of offense now and again.
I'm a Nth year undergrad. I like building things more than breaking them. I've made webapps, a voice-activated TV, and a X11 window layout tool. My BERKE1337 specialty is Linux sysadminning. I'm a programmer at Residential Computing, and I also designed their website.
We frequently get questions about how to get started in the field of cybersecurity. One of our goals is to help teach the field in our workshops and through competitions, but if you're looking for some extra material, here are some good resources:
Above all, the best way to learn security is by doing it. Read some of the above materials, find an attack or defense you'd like to try, set up a test environment (don't attack anyone else's stuff), and have at it!