From time to time I feel properly motivated to devote energy to a project that I think has merit. Here are some projects I’m devoting time and energy to at the moment.

Consensus Audit Guidelines

The Consensus Audit Guidelines (CAG) are the twenty most important controls and metrics for effective cyber defense and continuous FISMA compliance.

LORCON: Loss Of Radio CONnectivity

LORCON is a library to abstract driver-dependencies in wireless packet injection, achieving a cross-platform library for developers and researchers to use. I'm currently using LORCON on Linux and Windows systems, and we plan on adding support for other platforms as well. You can find out more about LORCON and grab some sample applications at the official website, or by grabbing the Shmoocon presentation Mike Kershaw and I put together.


The BNAP, BNAP database is a user-contributed list of Bluetooth Device Address (BD_ADDR) prefixes. I encourage everyone with a Bluetooth device to visit the site and add the first few bytes of their MAC address to the growing list of entries. This information is shared openly for research purposes, and I am currently using it in the discovery of non-discoverable Bluetooth devices.

Bluetooth Headset Eavesdropping

I spent a fair amount of time working on developing techniques for eavesdropping on Bluetooth headsets. I put together a YouTube Video which was published on the SANS Institute Channel, which got a lot of attention from Digg and other sites. The details were presented at the SANS NS2007 Conference with an accompanying blog post (using the old blog software, I need to update it), including the presentation slides and all the code I used.

802.11 Pocket Reference Guide

A handy legal-sized PDF that you can printout as a quick cheat-sheet for Wireshark display filter references, IEEE 802.11 header data, and Kismet shortcuts. This will be especially helpful to my SANS SEC617 students!

ISO 639:1988 (E/F) Language Codes and Hexadecimal Equivalents

A modified version of the ISO 639:1988 (E/F) Language Codes specification with added hexadecimal values for each language code. Useful for interpreting the output of the language code attribute list displayed in the Bluetooth Service Discovery Protocol (SDP) output from tools such as BlueZ "sdptool".

2 Responses

Comments are closed for this entry.