Thursday, August 1, 2013

Passive Aggressive Bluetooth Scanning with Python

I will be giving a talk titled "Passive Aggressive Bluetooth Scanning with Python" at BSides LA on 8/22/13.  Here is a summary of the talk:

Bluetooth devices can be scanned either though active or passive techniques. Active scanning is done with commodity bluetooth hardware and utilizes fundamental bluetooth features whereas passive scanning techniques require specialized hardware and software libraries to consume and interpret the lowest levels of the bluetooth stack. The aim of this talk is to show how both techniques can be used together to obtain more thorough scan results. During this talk, I will go over some of the newly released python libraries I created for passive bluetooth monitoring and present demos and sample tools which combine both passive and active scanning techniques.

All slides and content related to this talk can be found in this github repo.

Monday, July 1, 2013

The Bluetooth Device Database

I will be speaking at DEFCON 21 this year about a project of mine titled "The Bluetooth Device Database".  In short, this is a fun project of mine that shows how track-able people are by discoverable bluetooth devices.  Here is a summary of the talk:

As of 2013, it is estimated that there are now billions of bluetooth devices deployed worldwide. The goal of the Bluetooth Database Project is to track and freely distribute real time sightings and statistics of these wide spread devices. The data collected from these devices can be used to answer questions pertaining to various topics, such as device geolocation, device proliferation, population analysis, device misconfigurations, and an assortment of other security related analytics.

During this presentation I will go over the current community driven, distributed, real time, client/server architecture of the project. I will show off some of analytics that can be leveraged from the projects data sets. Finally, I will be releasing various open source open source bluetooth scanning clients (Linux, iOS, OSX). These clients are easily installable across various operating systems and can be used to systematically contribute data to the project. 

All content related to this project which includes slides, client code, and server code can be found in this github repo.

Monday, June 3, 2013

Passive Bluetooth Monitoring with Scapy and Pandas @ Lockdown 2013

I will be giving a talk titled "Passive Bluetooth Monitoring with Scapy and Pandas" at Lockdown 2013.  During this talk, I will be boring the audience with some Pandas data analytics as well as releasing some new tools.  Included in these tools is a rough proof of concept pure python bluetooth baseband library for use with the Ubertooth dongle.

The slides, demo code and other content will be available at this github repo.

Thursday, January 10, 2013

My 2012 Blackhat Ubertooth/Scapy slides, videos and content is now avalable

The video, slides and content from my Ubertooth/Scapy talk at Blackhat USA 2012 is now available here.  This talk was a shorter version of my DEFCON 20 talk.

Here is a summary of the content:

Recognizing a need to support passive bluetooth monitoring in Scapy, Python's interactive monitoring framework, a project was launched to produce this functionality. Through this functionality, a new means for interactively observing bluetooth was created along with Python APIs to assist in the development of bluetooth auditing, pentesting and exploitation tools.

The project supplements the work of Michael Ossman et al by providing Python extensions and Scapy modules which interact with an Ubertooth dongle. The project also provides support for other passive bluetooth techniques not present in the current Ubertooth core software such as NAP identification, vendor lookup, extended logging and more.

In conjunction with this presentation, the source for this project will be released along with distribution packages for easy installation.

Sunday, January 6, 2013

My Defcon 2012 audio and slides

If you are interested in Defcon 2012 content on Scapy and Ubertooth... My Defcon 2012 audio and slides can be found here .