A 2-post collection

Introducing nzyme: WiFi monitoring, intrusion detection and forensics

Today I am releasing my latest open source hobby project: nzyme. It's a Java-based program that puts wireless network adapters into monitor mode, sniffs management frames from all configured 2.4Ghz or 5Ghz channels and writes them into a Graylog instance for monitoring and analysis. About In my previous post, Common WiFi Attacks And How To Detect Them, I laid out the many ways an attacker can attack a wireless network. With this post, I am introducing nzyme, an open source tool used to detect these

Read more

Common WiFi attacks and how to detect them

I'm talking about DFIR (Digital Forensics and Incident Response) for WiFi networks at DerbyCon 2017 and will be releasing nzyme (an open source tool to record and forward 802.11 management frames into Graylog for WiFi security monitoring and incident response) soon. Note that I will simplify some of the 802.11 terminologies in this post. For example, I'll talk about "devices" and not "stations, " and I'll not use the term "BSS" for "networks." The issue with 802.

Read more