Archive for the ‘Penetration Testing’ Category

Invasion of the Mobile Phone Snatchers

Today I delivered the first of a trilogy of webcasts promoting my new course with the SANS Institute “Mobile Device Security and Ethical Hacking” (Security 575). In the presentation we look at the threat of lost or stolen mobile devices, examining how an attacker can use backup tools to extract data from mobile devices, bypass [...]

June 1, 2012   Posted in: Android, Apple, BlackBerry, Hacking, iPhone, Mobile, Penetration Testing, Windows Phone  No Comments

Pen Test Perfect Storm 6: We Love Cisco!

Today, Kevin Johnson, Ed Skoudis and I delivered the 6th part of the Pen Test Perfect Storm Trilogy: We Love Cisco!. In the webcast, hosted by CORE Security Technologies, we discussed attack techniques against Cisco devices, combining wireless, network and web app techniques to exploit common network architectures. Topics include: Enumerating SNMP Community strings Retrieving [...]

March 23, 2011   Posted in: Cisco, Penetration Testing  No Comments

ISACA Review: Hacking Exposed Wireless 2nd Edition

A special thanks to Horst Karin for posting a great review of my new book, Hacking Exposed Wireless 2nd Edition on the ISACA website. If you haven’t already checked it out, you can browse the book through Amazon’s Page Viewer. For the first time in print, we provided an in-depth coverage of attacking and exploiting [...]

December 9, 2010   Posted in: 802.11, Bluetooth, Exploit, Hacking, Linux, OSX, Penetration Testing, Security, ZigBee  One Comment

Webcast Tomorrow: Smart Grid and AMI Security Concerns

Tomorrow at 1pm EST Matt Carpenter (InGuardians), Walt Sikura (Industrial Defender) and I are delivering a webcast titled “Smart Grid and AMI Security Concerns” where we talk about the security challenges of the smart grid, discussing tools and techniques through which an attacker could exploit the security of the smart grid. I’m very fortunate to [...]

July 22, 2009   Posted in: Hardware, Penetration Testing, Smart Grid  4 Comments

Cowpatty 4.5

After too much time I have posted coWPAtty 4.5 with several fixes and a couple of new features: Fewer restrictions on collecting the data needed to mount an attack.В  The default behavior requires all 4 frames of the 4-way handshake to mount an attack.В  If you specify “-2″ on the command-line, coWPAtty will only require [...]

June 4, 2009   Posted in: 802.11, Penetration Testing, Security, Tool  4 Comments

Pen Test Perfect Storm Trilogy Slides

Over the last several months I had the pleasure of working with Ed Skoudis and Kevin Johnson in presenting a trilogy of webcasts titled the Pen Test Perfect Storm where we talk about techniques to combine network, web app and wireless pen testing. By combining these components of classic pen-tests, we are able to more [...]

May 3, 2009   Posted in: 802.11, Exploit, Hacking, Penetration Testing, Security, Vista  No Comments

Why Zoher Anis Rocks My Inbox

If you haven’t met Zoher Anis at a SANS conference or other popular venue, please make an effort to do so as soon as possible. Zoher is one of the most awesome guys I know, and humbles me with his new presentation “Why Joshua Wright loves Windows Vista ? And why you should be glad [...]

April 11, 2009   Posted in: 802.11, Hacking, Penetration Testing, Security, Vista, Wireless  No Comments