Hermit’s Hardware Hacking Box

Have you ever wanted to get into hardware hacking as well as offensive security, but didn’t know how to get started? Good news! For a recent meeting of the Pittsburgh Hacker’s Association I put together a presentation on how to setup the standard box I use for almost everything. It’s a dual-boot system with both Ubuntu and Kali, a shared data partition, and all the tools you could ever need pre-configured and installed. If you want to get started, just grab the PDF and get going!

Good hunting! 🙂

Starting the 2020 eChallenge Coin Redux

There’s a designer named Bradán Lane who makes some excellent hardware, and one of my favorite things he’s created is a set of challenge coin circuits. I won’t go into too much detail on them other than to note they have a fun story line, a series of challenges, and you have to exercise some basic hardware hacking skills to participate. If you’d like more details, please check out the listing for the coin on Tindie. But what if you don’t know how to get started? Well, a friend of mine (Visual) and I recently played through this, and thought we’d document how to get started for anyone who needs a little extra help. Let’s get started!

Continue reading “Starting the 2020 eChallenge Coin Redux”

QuickHit: Things to Attack

Need a quick list of things to attack?  Try these. 🙂

Continue reading “QuickHit: Things to Attack”

Wireless Hacking

This is just a quick post to provide the presentation I gave tonight at PwnSchool.  If you’d like to review it you can download it here.  Thanks!

Topics covered:

  • Introduction to Radio Frequency
  • Wireless  Hacking (WEP and WPA2)
  • RFID Hacking (HID Prox and MIFARE)
  • Bluetooth Hacking (Bluelog/bluesnarfer/Wireshark/etc)

The Four Three Rule of Team PenTesting

Two posts in one night, because I’m catching up on some backlog items.  I’ve been teaching/training a team on PenTesting lately, and it’s caused me to think through some personal truths and approaches that I’ve taken for several years.  While going through that process I came to realize that I’d never really formally codified them; this is my attempt to do just that.  It all comes down to what I’m now going to call the “Four Three Rule of Team PenTesting”.

Continue reading “The Four Three Rule of Team PenTesting”

Website Powered by WordPress.com.

Up ↑