Saturday, April 11, 2015

Hiding in Plain Sight - B-Sides Orlando 2015

The abstract, slides, documents, and files associated with my talk at B-Sides Orlando 2015 can be found below.

Hiding in Plain Sight

B-Sides Orlando 2015 - April 11th, 2015
What if penetration testing programs went a step further? Once legal and ethical approvals are obtained, a device could be placed within the organization to test more than network and application security. By placing a “rogue device” within an organization the general user knowledge of physical IT practices, IT security policies, and awareness of devices in the environment can be evaluated.

This talk will cover creating a penetration platform that can be hidden in plain sight for under $200. The device will be housed in a common item found within many offices and places of business. The device will have a number of camouflage techniques that allow it to blend into the environment to avoid detection.

The device will include remote connection capabilities, wireless and wired attack/monitoring functions, and monitoring methods to let the penetration tester know when the device has been discovered.

The talk will cover:
• Device functions and requirements
• Device materials and build
• Creating a device that “blends in” (Dents, organization standards, asset tags, dust)
• Getting alerts when the device is discovered
• Penetration testing capabilities
• Preventing devices like this in your environment.

This talk will demonstrate how to build a low, cost, flexible, remote penetration testing platform for ethical and legal testing programs that can be hidden in plain sight. The talk will also show the audience some of the techniques an attacker may use to hide monitoring devices within organizations. Knowledge of these techniques may help develop and refine IT practices to discover these devices.

Click here for the Google Drive shared folder including:

  • Talk Slides and Notes
  • Build Guide
  • STL Files for 3D Printed Parts
  • Avery Template
  • RedProx Graphics Files (XCF Format)

No comments:

Post a Comment