This paper will walk you through the proof-of-concept and technical details of exploitation for IOActive's recent NFC relay attack on the newest Tesla vehicle, the Model Y. To successfully carry out the attack, IOActive reverse-engineered the NFC protocol Tesla uses between the NFC card and the vehicle, and they then created custom firmware modifications that allowed a Proxmark RDV4.0 device to relay NFC communications over Bluetooth/Wi-Fi using the Proxmark's BlueShark module.
1b2f050c027e1bfe9702c6a2a927a78ccba6ef0043e76bbe3a63de1a54eaecc8
Whitepaper called DensePose From WiFi. It discusses how scientists from Carnegie Mellon University have figured out how to map a human's 3D form by using two wifi routers.
79e410d611cf1fce59906fb6029e819c60c9ad628363ca5b29efc9728ff69195
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
05a704e3c8f7792a17315080a21214a4448fd2452c1b0dd5226a3a55f90b58c3
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
4f0bfd486efc6ea7229f7fbc54340ff8b2094a0d73e9f617e0a39f878999a247
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
96092a8af7af27cdc1923cd5167dfca4a17e9f5fd866973b7b6eb6d3b479e13b
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
8ae08a7c28741f6ace2769267112053366550e7f746477081188ad38410383ca
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
794ffed5400f35cb78f3466eabb47546f050e0ac35287c174acce60763a0fa7c
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
fe7fb1b045da8a14075766c68f4481fe1168f26f66d281e114965cf6b360574b
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
d93ac16aade5b4d37ab8cdf6ce4b855835096ccf83deb65ffdeff6d666eaff36
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
8e595ccab9fe90fc7c770634ad13e30da2d7fef21497b34d56d7014b991a4585
TRENDnet TEW-818RDU versions 1 ("ac1900") and 2 ("ac3200") PIN disclosure exploit.
009d8d367598cb87819d868de644c6b1b9cfadd95a5147b5bc510f5a951e0427
DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.
eec29a64f031854e639f5edda7e65d034b41f755867195fb575def106ccf5112
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
ba5b3eda44254efc5b7c9f776eb756f7cc323ad5d0813c101e92edb483d157e9
Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.
ec5629cf75d78e38ffa5b6ad34949dab7b4453c9a4a959c8c265a2d3fd64a02d
DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.
900a69552ae4f2e1b99cd5231bc485c4e70297254407c0b371ac96a0d19853b9
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
2d22ae13360d466ffff1699cb1300ce5f807ffe9762314bb60ee49d9d2efe98d
pytacle is a tool inspired by tentacle. It automates the task of sniffing GSM frames of the air, extracting the key exchange, feeding kraken with the key material and finally decode/decrypt the voice data. All You need is a USRP (or similar) to capture the GSM band and a kraken instance with the berlin tables (only about 2TB).
cead6750ebf4e048bedf3785c081a076646d9ac0c3cbb69969ede77feb3833c6
Skyjack takes over Parrot drones, deauthenticating their true owner and taking over control, turning them into zombie drones under your own control.
1b98f29ef25d025fd339b29c2523e4f447d2b77b9ad899161c58fff2e9465639
Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
9750b007daffaffecea3b8dd2332bf74cc24955c307861197a20d04d845bc412
hwk is an easy-to-use wireless authentication and de-authentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating the packet types.
599d4f7ecaaefe8226beca944bc48e8459be941747089d6a88a9ff0beee0cb68
This is a ruby script that will generate the default WPS PIN for the Arris DG860A providing you know the HFC MAC address.
c7863af7c0b63cc7a8a7a00ecdafdfa05079ac5aeba5d78d1c4963d298c65f84
Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.
9611698676e916490e7e33d98b18839292c0c6cd89d52c1228a8bc0865e2cd69
Wireless Decoder is an application that demonstrates how to recover wireless passwords on Vista/Win7/Win8. Comes with source and the binary.
a576e6dee330f135380b131a11fde69fe94d2a950eddf754394ea6db2a5eb6f6
Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
64dade5f69626c9a40b0bef33636014bc6dfe2cf79dc2c8d8f19a52d4409b6ca
ChronIC is the Chronos Integrated Commander, a wearable Sub-GHz RF hacking tool. Written in python.
2e5b1a404052563be569b4eb937c43f4f60865492e6ff788e324c1240648695d