This article goes into detail regarding how you can attack Wi-Fi networks using the open source tool called Bettercap. This is an improved method that doesn’t require a deauth packet to be sent.
I was just made me aware of some awesome open source efforts for doing car hacking with a CAN bus virtually. Check out the article here:
I have already taken the liberty of forking the underlying CAN bus GitHub repo:
Thank you IAmSecurity for making me aware of this!
I found this on Twitter this week where Black Hills Infosec walks you through how to exploit Windows boxes using SMB and LLMNR man-in-the-middling to get a foothold.
This YouTube video is titled “Lightening fast CTF solving – Automatic Exploit Generation & Side Channel Analysis” was sent to me by Sketch from this year’s BSides DC. It shows how to automate exploitation for stack overflows and format string vulnerabilities and the tool suite is built on top of the “angr” framework, Intel’s Pin framework and the “pwntools” package for Python. At the tail end of the video he actually applies this tool suite against a NETGEAR SOHO router which not only finds the vulnerability but will actually exploit it remotely and discusses how it can be used to identify and exploit these vulnerabilities in IoT devices.
I have already taken the liberty of forking all of his GitHub repositories and you can find them here:
This week at the RSA Conference held in San Diego, CA they had a panel that discussed the five most dangerous attacks and how to defend against them. The panel included Ed Skoudis who’s hailed as the best penetration tester in the country and is a SANS Institute Fellow.
Why has PDF not been replaced with something else is beyond me. So I was reading an article discussing researches have found all of the major PDF readers, including Adobe Acrobat Reader, and signing services are vulnerable to forgery attacks where the PDF can be modified without impacting it’s signature.
Remember a few months ago reading about the SPECTRE vulnerability and how you thought it’s too obscure to be of a threat? Well, time to change your thinking. Some security researchers have found a way to leverage the vulnerability to hide malware.
VDA Labs just posted this write-up on Twitter for how they do OSINT collection using mitmproxy. mitmproxy is an open source Man-In-The-Middle proxy that has the ability to be extended via an exposed Python scripting engine which VDA Labs takes advantage of to scrape sites such as LinkedIn.