I’m writing this article on my path of becoming a better researcher on IoT devices. My goal was to create a portable device that I could use to scan BLE (aka Bluetooth Low Energy) devices and improve future tasks – like pentesting IoT for clients. Disclaimer: No harm or malicious activities have been done to… Continue reading BLE Driving 101
Category: Papers
Using UART to connect to a chinese IP cam
This blog post has been created for completing the requirements of the SecurityTube Offensive Internet of Things course. http://www.securitytube-training.com/online-courses/offensive-internet-of-things-exploitation/index.html Student ID: IoTE- 766 Following my interest in going deeper on IoT – specially on hardware hacking, I grabbed a chinese IP cam – Loftek and started checking its internals. I already had researched the web… Continue reading Using UART to connect to a chinese IP cam
My notes on Hacking BLE – list of resources
In the last few weeks I went for a drive into the Bluetooth Low Energy (aka BLE) topic. There are many articles on the web on “how to hack BLE” and stuff like that, so this is just a compilation of the things I wrote on my notepad and my decision of sharing it with… Continue reading My notes on Hacking BLE – list of resources
Reflected File Download Cheat Sheet
This article is focused on providing infosec people how to test and exploit a Reflected File Download vulnerability – discovered by Oren Hafif of Trustwave. This vulnerability is not very well known but if well implemented could be very dangerous. I’ve been writing security reports on RFD since January 2015 (most still undisclosed) and found… Continue reading Reflected File Download Cheat Sheet