As hackers, we have been exploiting the inherent trust by Operating System on Human Interface Devices for some time now. Teensy is a USB Micro-controller; a device which can act as a Human Interface Device when connected to a computer and is able to do the job pre-programmed in it. Many interesting things have been done using Teensy as a keyboard. We have mostly seen shells, many types of them. It is time we start looking at Teensy as a pentesting device capable of doing much more than popping shells. Introducing Kautilya, a toolkit which can be used to perform various pre-exploitation and post-exploitation activities. Kautilya aims on easing the use of attack vectors which traditionally require human intervention but can be automated using Teensy. Kautilya contains some nice customizable payloads which may be used for enumeration, info gathering, disabling countermeasures, keylogging and using Operating System against itself for much more. The talk will be full of live demonstrations.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.