|22 Aug||Monday||09:00-17:00 SGT/GMT +8||8 Hours|
|23 Aug||Tuesday||09:00-17:00 SGT/GMT +8||8 Hours|
|24 Aug||Wednesday||09:00-17:00 SGT/GMT +8||8 Hours|
In order to detect potential vulnerabilities in RF, penetration testing should be conducted. Penetration testing tests the “air” on the exterior and interior of a facility, analysing the various frequencies being used by RF equipment. It involves determining where each frequency is coming from, and then assessing whether it is vulnerable to hackers.
Introduction toolkits to develop Software-Defined Radio tools like GNU Radio and other alternatives such as Pothos, Redhawk SDR, or MATLAB and Simulink.
During this day we will mainly focus on GNU Radio by introducing the toolkit, the flowgraph concepts, the components, and how to use the different blocks in practice to build several tools
Starting day 2, attendees will have the opportunity to see and exploit vulnerabilities in several RF devices and discover the security features and ways to circumvent them.We will see in practice how to attack physical intrusions systems such as alarms, intercoms and access control systems that use RF technologies such as sub-GHz, cellular, and RFID. Attendees will have the opportunity to learn techniques that could be used in Red Team contexts and get our feedback from our previous tests.
Focusing on attacking custom RF devices but also devices used in industrial systems using technologies such as the LoRa, Power-Line Communications, ZigBee, and how to manage to do testbeds many current technologies. We will also introduce devices that could act like unexpected implants and ways to analyse them. Then we will finish with an introduction to hardware hacking that could be complementary to RF hacking by talking about survival and practical reflexes, as well as methods to interface with hardware.
Himanshu Mehta is currently working as the Head of Cyber Threat Intelligence at Hive Pro and is very passionate about Cyber Security and Threat Intelligence. He is the board member of the EC-Council’s Licensed Penetration Tester group and involved in several bug bounty & Capture the Flag programs around the globe. He has been invited as Chief Guest for several security events and presented his research at multiple international security conferences like RSAC USA, ICS Singapore, Hack In Paris, HITB (Amsterdam, Dubai, Abu Dhabi), SecurityFest (Sweden), InfoSecurity (London), Offzone (Moscow), NanoSec (Malaysia), DSCI, National Cyber Security Conference, Best of the world Conference & Hakon. He previously worked as a Senior Security Researcher at Darkmatter and led a global team of security intelligence at Symantec, which gave very good insight and increased his thirst into cyber-security that helped him eventually to emerge as a creative lead
Vikash Chaudhary is a Pillar of the Indian Ethical Hackers community and is responsible for a whole new generation of rising ethical hackers, a lot of whom successfully contribute to platforms like HackerOne & Bugcrowd. He’s looking to expand his mentorship for the new generation to come in this field i.e. Cyber Security, which he thinks could be a great resource to help grow the security talent pool worldwide.
He is also the author of multiple security courses:
1. “Offensive Approach to Hunt Bugs” A manual Hands-on Bug Bounty Course.
2. “Offensive Bug Bounty – Hunter 2.0”
3. “SDR Exploitation” Hands-On Penetration testing up in the air.
Recently, his name was enlisted in the “Top 100 Security Researcher of Microsoft” and his rank is 51 among top 100 security researchers around the globe.