Building a Cellular Man-in-the-Middle Setup for 4G

With the ongoing rise of the Internet of Things (IoT) and current 4G/5G technologies, testing connected devices and mobile communcation in terms of security is more important than ever before. Approriate testing enviromnents are required in order to examine devices that transmit data over cellular networks.

With this 4G test setup, it is possible to redirect the internet traffic, normally sent over the mobile network, through a dedicated test network. This enables testers to intercept, redirect and modify the traffic with tools like mitmproxy or mitm_relay.

Continue reading “Building a Cellular Man-in-the-Middle Setup for 4G”

Creating evil WiFi hotspots, network bridges and complex hybrids

Intercepting traffic between devices and the internet is part of the day to day work of an IoT pentester. More often than not, those devices only support one type of connectivity, and it’s usually the one you don’t have at hand, at that moment (well, at least sort of 😉 ). So, this guide will show code snippets for creating (evil) access points and network bridges (under Linux) for:

Continue reading “Creating evil WiFi hotspots, network bridges and complex hybrids”

ARM-X Challenge: Breaking the webs

At the beginning of November, @therealsaumil announced “a brand new IP camera CTF challenge” on Twitter:

Continue reading “ARM-X Challenge: Breaking the webs”

Security of Things – World Conference

Believes in Cryptoanarchy & hopes for the upcoming Age of digital Enlightment. Involved in the Blockchain Community & Cryptoeconomics. Research topics focused on Blockchain Applications regarding Security aspects.

High level atmosphere. High level management. High level topics.

The companies represented came from nearly every industry sector: banking, energy, telecommunication, government, manufacturing &  chemical industry as well as retail, entertainment, transportation, automotive and of course IT security. The delegates and speakers were all C-level management and mostly CIO / CISO.

So what are the hottest topics? Where is the industry in terms of IoT Security at the moment? Continue reading “Security of Things – World Conference”