Hardware & Making
julien.moinard@opale-security.com
A complete toolbox for IoT security
December 28, 2015
8:30 PM – 9:30 PM Add to calendar
8:30 PM – 9:30 PM Add to calendar
Hall 6
It is clear that something is needed to help the security community to evaluate, audit and control the security level of hardware products.
Hardsploit is a complete tool box (hardware & software), a framework which aims to:
- Facilitate the audit of electronic systems for industry 'security' workers (consultants, auditors, pentesters, product designers, etc.)
- Increase the level of security (and trust !) of new products designed by the industry
Hardsploit is an all-in-one hardware pentesting tool with software and electronic aspects. It's a technical and modular platform (using FPGA) to perform security tests by using electronic communication bus.
The main hardware security audit functions are:
- Sniffer
- Interact
- Dump
Hardsploit's modules will let users intercept, replay and / or send data via each type of electronic bus used by the target. The level of interaction that pentesters will have depends on the targeted bus features.
Hardsploit's modules also enable you to analyze electronic bus (serial and parallel types) like JTAG, SPI, I2C's, parallel addresses and more will come !
We also provide a graphical interface to manage your components and their commands. A wiring helper module is available too. It will help you connect easily your target to Hardsploit.
Our ambition is to provide a tool equivalent to those offered by the company Qualys or the Metasploit Framework but in the domain of embedded systems/electronics.
Additional information
| Type | lecture |
|---|---|
| Language | English |
More sessions
| 12/27/15 |
News about the rad1o half a year later – cool stuff that happened, and why you need an SDR.
|
| 12/27/15 |
Yosys (Yosys Open Synthesis Suite) is an Open Source Verilog synthesis and verification tool. Project IceStorm aims at reverse engineering and documenting the bit-stream format of Lattice iCE40 FPGAs and providing simple tools for analyzing and creating bit-stream files, including a tool that converts iCE40 bit-stream files into behavioral Verilog. Currently the bitstream format for iCE40 HX1K and HX8K is fully documented and supported by the tools. Arachne-PNR is an Open Source place&route tool ...
|
| 12/27/15 |
The Amiga was one of the most powerful and wide srpead computers in the late 80's. This talk explains its hardware design and programming.
|
| 12/27/15 |
CubeSat are small standardized satellites typically flown as secondary and containerized payloads piggybacking on the launches of larger satellites. Their low entrance cost have been a revolution in opening access to space for a broad range of institutions. In this talk the basics of CubeSat standards, technology and development are going to be presented. The goal is to proliferate the knowledge of what it takes to successfully build, launch and operate a CubeSat within and beyond the hacker ...
|
| 12/27/15 |
In this talk Matthew Borgatti, Lead Scientist at Super-Releaser, will take you through the process of turning a puddle of goo into a working soft robot. He will take you through the different mechanisms that can be created, simple processes for fabricating soft robots, and methods for joining elements together into sophisticated assemblies.
|
| 12/28/15 |
There are two lines of research in the world about decreasing poverty in low-income communities: (1) to create solutions and share them with people living in low-income areas or (2) build the capacity of people from low-income areas to create their own solutions. Maker Spaces to BoP have showed great results to the strategy two. The lecture has the goal to expose all the experience we have learnt in the last three years to project, implement and manage a Maker Space in a favela in São Paulo - ...
|
| 12/28/15 |
This talk is a brief recap into EEG / BCI for hackers, makers, researchers, and artists. It will give an overview of current consumer devices and their flaws, and subquently present fully open-source, high-quality hardware and software. Finally implications for the future of modern society are outlined, especially how commercial EEG consumer devices or services may be exploited by corporations to cloudsource market research, or spy on health conditions, brain states or even leak private ...
|
