Top 9 Past Security Talks By Dr. Phil Polstra

Dr. Philip Polstra

Author of ‘Linux Forensic’, 'Windows Forensic', 'Hacking & Penetration Testing With Low Power Devices' | Frequent speaker at DEFCON, Blackhat, BSides, GrrCON, ShakaCON | Renowned forensic expert

About : Digital forensics professor by day. Hardware hacker and penetration tester by night. Associate Professor, Digital Forensics at Bloomsburg University of Pennsylvania. Attended Northcentral University

Dr. Phil Polstra shall be conducting a Handson 'Windows & Linux Forensic' workshop at SACON - Bangalore on 10 & 11th November, 2017. To register/know more click here

Top 10 Past Security Talks by Dr. Phil Polstra

1. Am I Being Spied On ? Low Tech Ways Of Detecting High Tech Surveillance

Conference : DEFCON22

Brief : Is someone spying on you? This talk will present several low-tech ways that you can detect even high-tech surveillance. Topics covered will include: detecting surveillance cameras with your cell phone, signs that you are under physical surveillance, detecting active and passive bugs with low cost devices, and detecting devices implanted inside computers, tablets, and cell phones.

For complete slide/presentation : Click here

2.Cyber hi-jacking airplanes

Conference: DEFCON22

Brief : This talk will take a systematic look at the mechanisms others are claiming would permit such cyberhijacking. Each of the most popular techniques will be examined mythbuster style. Along the way several important aircraft technologies will be examined in detail.

For complete presentation/slide : Click Here

3.Hacker In The Wires

Conference: DEFCON23

Brief : 

This talk will show attendees how to use a small ARM-based computer that is connected inline to a wired network for penetration testing. The computer is running a full-featured penetration testing Linux distro. Data may be exfiltrated using the network or via a ZigBee mesh network or GSM modem.

The device discussed in this talk is easily integrated into a powerful penetration test that is performed with an army of ARM-based small computer systems connected by XBee or ZigBee mesh networking.

For complete presentation/slide : Click Here

4.Mouse Jiggler Offense & Defense

Conference: DEFCON24

Brief : This talk will present ways of detecting and defending against such assaults on your system by mouse jiggler wielding individuals. It will also show you how to build your own simple mouse jiggler. Nothing beyond basic Linux usage is required to understand this talk. Attendees will leave with several ways to defend against mouse jigglers and the knowledge of how to create their own mouse jigglers.

For complete presentation/slide : Click Here

5.One Device To Pwn Them All

Conference: DEFCON23

Brief : This talk will present a device that can be used as a dropbox, remote hacking drone, hacking command console, USB writeblocker, USB Mass Storage device impersonator, or scripted USB HID device. The device is based on the BeagleBone Black, can be battery operated for several days, and is easily constructed for under $100.

For complete presentation/slide : Click Here

6.We are Legion : Pentesting with an Army of Low-power Low-cost Devices

Conference: DEFCON21

Brief : This talk will show attendees how they can do penetration testing with a network of small, battery-powered, penetration testing systems. The small devices discussed will be running a version of The Deck, a full-featured penetration testing and forensics Linux distro. The Deck runs on the BeagleBoard and BeagleBone family of devices (including the next-gen BeagleBone released in April aka the Raspberry Pi killer). These devices are easily hidden and can run for days to weeks off of battery power thanks to their low power consumption. Various configurations will be presented including a device the size of a deck of cards that is easily attached to the back of a computer which is powered by USB and can be connected inline with the computer's Ethernet connection. 

For complete presentation/slide : Click Here

7.Bypassing Endpoint Security $20 or less

Conference: DEFCON20

Brief : In this talk cheap easily constructed devices which can be used to bypass endpoint security software by making any USB mass storage (flash or hard) drive appear as authorized devices will be presented.

The design and implementation will be discussed in detail. Devices can be constructed for approximately $18 and $30 for a small package which requires soldering of 4 wires, and a slightly larger package which requires no soldering, respectively. Some familiarity with microcontrollers and C programming would be helpful, but not required for attendees to get the most from this talk.

For complete presentation/slide : Click Here

8. Mesh Stalkings-Penetration Testing With Small Networked Devices

Conference: BlackHat Europe 2013

Brief : This talk will show attendees how they can do penetration testing with a network of small, battery-powered, penetration testing systems. The small devices discussed will be running a version of The Deck, a full-featured penetration testing and forensics Linux distro. The Deck runs on the BeagleBoard-xM, BeagleBone, and similar ARM-based systems. These devices are easily hidden and can run for days to weeks off of battery power thanks to their low power consumption. While each device running The Deck is a full-featured penetration-testing platform, connecting systems together via a mesh network allows even more power and flexibility.

For complete presentation/slide : Click Here

9.Low-power Hacking Bootcamp training course

Conference: BlackHat USA 2015

Reference:

The previous talk links, documents, talk description, videos have been taken from various sources like Defcon and BlackHat .

Views: 97

Comment

You need to be a member of CISO Platform to add comments!

Join CISO Platform

 

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2017   Created by CISO Platform   |   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

Related Posts