With the rise of support for multi-factor authentication in popular services and devices, the YubiKey family of hardware tokens has risen in popularity. Hardware tokens are more secure than using SMS as a delivery method because an attacker has to steal them from you and can't do so remotely. Yubico, the manufacturer of the YubiKeys has excellent guides for different use-cases of their tokens, but I found that the one for Ubuntu lacks in the real world: It does not expect an encrypted filesystem and fails
Introducing nzyme: WiFi monitoring, intrusion detection and forensics
Today I am releasing my latest open source hobby project: nzyme. It's a Java-based program that puts wireless network adapters into monitor mode, sniffs management frames from all configured 2.4Ghz or 5Ghz channels and writes them into a Graylog instance for monitoring and analysis. About In my previous post, Common WiFi Attacks And How To Detect Them, I laid out the many ways an attacker can attack a wireless network. With this post, I am introducing nzyme, an open source tool used to detect these
How to install BLEAH on Kali Linux
A few days ago, Simone Margaritelli aka evilsocket released BLEAH, a BLE (Bluetooth Low Energy, or Bluetooth Smart) scanner and device enumerator that is incredibly simple to use. I just played around with it and documented the installation steps on the most recent Kali Linux. I will not cover how to use BLEAH. Read Simone's introductory blog post and the README for that. Hardware requirements You don't need special Bluetooth equipment like the Ubertooth One to use BLEAH. Any onboard Bluetooth chip should do. I am
Common WiFi attacks and how to detect them
I'm talking about DFIR (Digital Forensics and Incident Response) for WiFi networks at DerbyCon 2017 and will be releasing nzyme (an open source tool to record and forward 802.11 management frames into Graylog for WiFi security monitoring and incident response) soon. Note that I will simplify some of the 802.11 terminologies in this post. For example, I'll talk about "devices" and not "stations, " and I'll not use the term "BSS" for "networks." The issue with 802.
Regular expression (regex) performance: The fundamental guide
There is a good chance that you are touching regular expressions from time to time if you are in any way involved with IT operations or development. They are not easy to learn and successfully matching a string with a regex can be a very rewarding feeling after a long time of debugging.