Uncategorized

SyScan360 Seattle

https://www.syscan360.org/

Standard
Uncategorized

PEXternalizer (and USB Sanitizer)

Pci Express eXternalizer lets you pull a PCIE1x port outside of your case using a usb3 cable.

 

https://github.com/securelyfitz/PEXternalizer

https://www.securinghardware.com/

Joe is always making fun toys.

https://github.com/securelyfitz/USBSanitizer

https://www.securinghardware.com/

Standard
Uncategorized

Securing Hardware: Applied Physical Attacks and Hardware Pentesting

Joe Fitzpatrick of Securing Hardware has announced a new course:

[…]This course focuses on approaching hardware as part of a pentest or red team engagement, implementing advanced hardware hacks, and managing the hardware ‘problem’. This two-day course builds directly upon the skills covered in Physical Attacks on Embedded Systems – consider taking the two together for a complete 4 days. If you’ve already taken another class that covers the basics of embedded/IOT/hardware hacking, including UART, JTAG, and SPI, you should have sufficient background.[…]

https://securinghardware.com/news/Announcing-Hardware-Pentesting-Course/

https://securinghardware.com/training/pentesting/

Standard
Uncategorized

Hardware security training at Black Hat

https://www.blackhat.com/us-17/training/index.html

Standard
Uncategorized

PCI Leech

 

https://github.com/ufrisk

Does not appear to be a public Github project yet.

 

Standard
Uncategorized

BIOS mod lab at upcoming SecuringHardware.com training

For those who need Evil Maid skills take note: Joe Fitzpatrick has added a BIOS mod lab to his Black Hat training on x86 physical attacks.

Applied Physical Attacks on x86 Systems
Joe FitzPatrick, SecuringHardware.com
July 30-August 2

This course introduces and explores attacks on several different relatively accessible interfaces on x86 systems. Attendees will get hands-on experience implementing and deploying a number of low-cost hardware devices to enable access, privilege, and deception which is in some cases imperceptible from software. The course has several modules: USB, SPI/BIOS, I2C/SMBus, PCIe, and JTAG. Each begins with an architectural overview of an interface, and follows with a series of labs for hands-on practice understanding, observing, interacting with, and exploiting the interface, finishing with either potentially exploitable crashes or directly to root shells.

https://www.blackhat.com/us-16/training/applied-physical-attacks-on-x86-systems.html

Standard