AVCS2: Attitude and Heading Reference System (GY-88 10-DOF) module

The GY-88 packages 3 popular sensors (technically more than 3, but I will cover that later) in a single convenient PCB. Each sensor measures a specific type of spacial data. The module contains a 6-axis accelerometer, a magnometer, and a barometer. All the sensors you need to create a Attitude and Heading Reference System (AHRS). In this post I will go over each sensor in more detail. I will also cover how it can be used to inform an Autonomous Vehicle Control System aimed at multi-rotor flight control.

AVCS1: Sonic Range Finder (HC-SR04) discussion

Th HC-SR04 sonic range finding modules are a popular choice for projects which require sensing the distance to some object. I recently ordered a bunch of them to keep on hand, but I wanted to add one to the Infrared Light Goggle project I built previously. This addition will allow me to add the approximate distance to the HUD.

DynoDrone: A Pythonic way to model Quadcopter builds

I have always been a fan of mechanical builds. When I was a teenager I was fascinated with cars. Building them, breaking them down, and especially tuning them. One program I remember fondly from these early days of tuner glory is "Desktop Dyno", a system for modeling engine performance without expensive hardware. In this post I will discuss how I used Python to create a "Desktop Dyno" for flight systems called DynoDrone.

Functional Obfuscation in python

As a researcher, I have always enjoyed exploring the technology and methodology of Reverse Engineering. One area which fascinated me specifically were the attempts by various systems to try and resist reversing. Companies and criminals both use these methods in their efforts to protect their intellectual property and dissuade would-be attackers. In this post I will describe a few methods for protecting Python code from analysis which I think more developers should be aware of.

Renaming interfaces in Ubuntu 16.04

If you have built any recent Linux servers (particularly Ubuntu) you may have noticed a drastic change in default interface names. This spurred me to want to organize my interfaces better and more clearly. This post will describe how to rename your interfaces, but more importantly why you should! Along the way I will describe how to build a network bridge inside of the Security Onion using IPTables.

ITIL Framework Foundations Course

 

A few months ago, I approached the awesome team at Cybrary about teaching my first Massively Open Online Course (MOOC). I chose Cybrary because it is an online library dedicated to the Cyber Security industry. It is mostly free, with optional paid content to help improve skills, get certifications, find career advice, and much more. After an initial round of discussing what content I would like to cover and what they needed, we settled on the ITIL Foundations Course.

Situational Awareness and System Triage Assistant

There are several points in the Incident Management Life Cycle where it is import to build a thorough understanding of the state of the system. In this post I will discuss a tool which I use during both attack and defense which automates most of the Situational Awareness and System Triage work one might want across Windows, Linux, Mac, and FreeBSD.

Python Turtles and Trees

Recently I have been studying the phenomenon of self-similarity in naturally occurring networks. Self-Similarity has implications for biology, geography, and many other sciences. However the concepts that underpin them are relatively simple. In this post I will cover how one can explore this interesting topic, and model it inside Python. By the end we will have an algorithm fully capable of letting a turtle construct a tree-like structure

Building a Network Communication map with Scapy and NetworkX

In my previous posts, I have described using NetworkX to simulate the topography of a network. I have also discussed using Scapy for various packet capture and crafting tasks. In this post I am going to tie these concepts together to generate a network communication map, which is suitable for analysis using SciKit-Learn.

Scapy part 3: Analyzing custom packets

In the last two sections I covered how Scapy can be used as a general tool for packet analysis, and also how it can be used to craft custom protocols to meet your own needs. In this third and final installment I will discuss how to use scapy to analyze packets again, this time with an eye towards processing custom protocol layers.

Simulating Network Infections with Python and NetworkX

One thing I have enjoyed studying most in my research is the spread of malicious data (be it a program or a piece of intentional misinformation) through a network. One practical reason for this fascination is that it plays a key role in both offensive and defensive security. Offensively, understanding the key nodes in a network allow you to figure out a path inside a network. As a defender, you can use it as another tool to help decide where to allocate your all-to-limited resources for maximum effect.

Infrared Light Goggles: Raspberry Pi Project

Infrared Cameras are used in a wide variety of applications from Security to Scientific Study. Unlike traditional cameras, which perceive light similar to the human eye, an Infrared Light camera can 'see' light which is not visible to the human eye. I will use this feature to illuminate a darkened room without disturbing anyone else by building a completely self-contained set of Infrared Light Goggles.

Analyzing Music: Music21 introduction and basics

This week, I have taken a break from Security Research, as I often like to do before I present at a conference, and focused myself on another area I love to explore. Music. I love music. Playing it, listening to it, recording and editing. It is all great fun. Recently though, I have wanted to push beyond my very basic understanding of music, and begin to understand 'why' certain concepts work, when and how they were introduced, etc. To do this I turn my attention back to Music Theory and an analysis framework from MIT called Music21.

Resources For RFID talk

These links are the main resources consulted during the development of my Presentation "MiFare Lady: Teaching an old RFID new tricks". They will be useful for anyone looking to get into the world of RFID Desig, Analysis and threats. Link topics include Mifare Specific manuals, discussions on Cryptography, Discussions on RFID security, and discussions about Physically Unclonable Functions (PUFs). I am looking forward to presenting this at the BSides Tampa 2018 event on 02/17.

Encryption for MiFare Classic 1k cards

Today I want to talk about analyzing an RFID system for use in IoT projects. I recently submitted a talk to BSides Tampa 2018 which covers the research I have done on this topic.