[RERELEASE] How to find vulnerabilites

In this susceptible edition of the Exploring Information Security podcast, Samy Kamkar joins me to discuss how to find vulnerabilities. This is a RERELEASE EPISODE.

Samy (@samykamkar) shouldn't need too much of an introduction to most people. He's been in the news for hacking garage doors, credit cards, cars, and much much more. Samy likes to hack things and has a knack for finding vulnerabilities in everything from locked machines to wireless doorbells. His site has the full list of vulnerabilities as well as videos and press appearances. Which made him the perfect guess for talking about how to find vulnerabilities.

In this episode we discuss:

  • What got him started in looking for vulnerabilities

  • What is a vulnerability

  • What skills are necessary for finding vulnerabilities

  • How he decides his next project

  • The steps to finding vulnerabilities

  • What he does when he discovers a vulnerability

  • How long the process takes

How to hack a satellite

Summary:

Tim Fowler is an offensive security person at Black Hills Information Security who also happens to be a space nerd thanks to Paul Coggin. I was sitting at the table with Tim at BSides Nashville when Paul planted the seed of satellite hack. Fast forward several hundred hours later and Tim has put together a lot of content on the topic including training for 2024.

He makes a compelling case for why we should care about security in space. Mainly, that it’s the next frontier. After spending over an hour talking to him I completely agree. It’s a path that we’re destined to head and a lot of the big companies are already moving that way. This is also a heavily unexplored space for people looking to get into an emerging field this is it.

Episode Highlights:

  • The history of space and the objects up there

  • Why we should care about security in space

  • The issues with satellite security

  • How to hack a satellite

  • How to secure objects in space

Guest Information:

Tim Fowler, Offensive Security Analyst and Space Nerd at Black Hills Information Security

Resources and Mentions:

Cybersecurity for Space by Jacob G. Oakley

Open Source global network of satellite ground-stations

https://satnogs.org/

Hack-a-sat CTF

https://hackasat.com/

https://github.com/cromulencellc/hackasat-finals-2023

https://github.com/cromulencellc/hackasat-qualifier-2023-techpapers

https://github.com/cromulencellc/hackasat-qualifier-2023

https://github.com/cromulencellc/hackasat-finals-2022

https://github.com/cromulencellc/hackasat-qualifier-2022

Aerospace Village

https://www.aerospacevillage.org/


Open Source Satellite Program

https://www.opensourcesatellite.org/


OpenSatKit

https://github.com/OpenSatKit/OpenSatKit

Nasa Operational Simulation for Small Satellites  - NOS3

https://www.nasa.gov/nasa-operational-simulation-for-small-satellites/

https://github.com/nasa/nos3

AMSAT CubeSatSim

https://github.com/alanbjohnston/CubeSatSim/tree/master

SPARTA - SPACE ATTACK RESEARCH AND TACTIC ANALYSIS (MITRE ATTACK for space)

https://aerospace.org/sparta

SpaceSHIELD - European Space Agency

https://spaceshield.esa.int/

Ethically Hacking Space (eHs) 

https://www.linkedin.com/company/h4ck32n4u75/about/

Black Hat DC 2009 - Adam Laurie - Satellite Hacking for Fun and Profit

https://www.youtube.com/watch?v=PyXZX63etog

Training Class

https://www.antisyphontraining.com/event/introduction-to-cybersecurity-in-space-systems/

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


How to hack iOS - Part 2

In this fruity episode of the Exploring Information Security podcast, Wes Widner joins me to discuss how to hack iOS.

Wes (@kai5263499) is a cloud engineer, who loves to dig into Apple product security. Last year (and on a previous episode) he discuss how Macs get malware. He's back again this year to discuss how to hack iOS. He will be speaking at BSides Hunstville February 3, 2018. If you have a chance to go, be sure to check out his talk. Also, check out is OSX security awesome list on GitHub. It's a really useful set of links on This dude is really smart.

In this episode we discuss:

  • Are we talking NSA level hacking?

  • What tools are available for hacking iOS

  • What resources are available for hacking iOS

More resources:

How to hack iOS - Part 1

In this fruity episode of the Exploring Information Security podcast, Wes Widner joins me to discuss how to hack iOS.

Wes (@kai5263499) is a cloud engineer, who loves to dig into Apple product security. Last year (and on a previous episode) he discuss how Macs get malware. He's back again this year to discuss how to hack iOS. He will be speaking at BSides Hunstville February 3, 2018. If you have a chance to go, be sure to check out his talk. Also, check out is OSX security awesome list on GitHub. It's a really useful set of links on This dude is really smart.

In this episode we discuss:

  • What is his talk about?

  • What's the difference between application and device hacking

  • What skills are needed to hack iOS

  • How Apple works with law enforcement

More resources:

How to hack a car

In this speedy episode of the Exploring Information Security podcast, Brandon Wilson joins me to discuss his adventures in hacking a car.

Brandon (@brandonlwilson) spoke at BSides Knoxville in 2017. I had the pleasure to be in attendance for his talk. The talk was technical and very interesting. Brandon talked about how he tried to take his old 90s car and fix it himself. The was a malfunction in the anti-theft system that kept the car from running. He decided to go deeper. Unfortunately, he was unable to fix his car. He did, however, learn a lot from the experience.

In this episode we discuss:

  • How Brandon got into car hacking?
  • What resources were available for hacking a car?
  • How long did the project take?
  • What tools are available for hacking a car?

What is hardware hacking?

In this bulb edition of the Exploring Information Security podcast, Price McDonald Director of Colafire Labs joins me to discuss hardware hacking.

Price (@pricemcdonald) recently gave a hardware hacking talk at BSides Indy. Which I had the pleasure to attend. I was fascinated by the content he provided for the talk and decided to have him on. Hardware hacking is not something we see too much, but it is out there. It's used in physical penetration tests and for other learning opportunities. Listening to Price you can tell he has a strong interest in the topic.

In this episode we discuss:

  • What is hardware hacking?
  • What hardware can be hacked?
  • Where hardware hacking applies?
  • How to get started in hardware hacking

Resources:

How to find vulnerabilites

In this susceptible edition of the Exploring Information Security podcast, Samy Kamkar joins me to discuss how to find vulnerabilities.

Samy (@samykamkar) shouldn't need too much of an introduction to most people. He's been in the news for hacking garage doors, credit cards, cars, and much much more. Samy likes to hack things and has a knack for finding vulnerabilities in everything from locked machines to wireless doorbells. His site has the full list of vulnerabilities as well as videos and press appearances. Which made him the perfect guess for talking about how to find vulnerabilities.

In this episode we discuss:

  • What got him started in looking for vulnerabilities

  • What is a vulnerability

  • What skills are necessary for finding vulnerabilities

  • How he decides his next project

  • The steps to finding vulnerabilities

  • What he does when he discovers a vulnerability

  • How long the process takes