Make your Tastic, Fan-Tastic

Here at InGuardians, we are huge fans of the Tastic HiD card long-range reader. Designed and implemented by Bishop Fox, this long-range RFID reader allows us to silently and stealthily acquire sensitive data from things like employee badges, and has become a huge component of our physical penetration testing and…

Radio Communication Analysis using RfCat

Original Post Author: Don C. Weber [Twitter: @cutaway]Original Date Published: 15 Oct 2013 Many people think RfCat is a very cool concept. The thought of monitoring and interacting with sub-gigahertz radio is very sexy. Hell, it IS sexy. Then people get an IM-ME, a CC1111EMK, or a ToorCon 14 badge…

The Ultimate Arduino GPS Clock (UAGC) – Part 1

Original Post Author: Tom Liston [Twitter: @tliston]Original Date Published: 11 June 2013 Doing a Google search for "arduino GPS clock" turns up more than a few other projects that use the time information found within the NMEA data provided by a GPS signal to display the current time and date.…

Somebody Is Securing Samsung Wireless Network Extenders

Original Post Author: Don C. Weber [Twitter: @cutaway]Original Date Published: 03 June 2013 Black Hat USA 2013 will include a presentation by Tom Ritter and Doug DePerry titled: "I Can Hear You Now: Traffic Interception and Remote Mobile Phone Cloning with a Compromised CDMA Femtocell." This should be a very…

What Was The Name Of That Storm?

Original Post Author: Don C. Weber [Twitter: @cutaway]Original Date Published: 25 April 2013 Mike Poor (@Mike_Poor) noticed Stephen Northcutt's blog post about phone spear-phishing. This reminded him of an email that I sent to the Senior Security Analysts here at InGuardians back in December 2012. For those of you not…

Memory Acquisition from FBGA Components

Original Post Author: Don C. Weber [Twitter: @cutaway] Original Date Published: 08 April 2013 Accessing memory from embedded devices can be accomplished multiple ways. The easiest methods include using debugging ports or tapping the exposed pins of a Thin small-outline packages (TSOP) memory component. One of the more challenging memory…

Penetration Testing Considerations

Original Post Author: Don C. Weber [Twitter: @cutaway] Original Date Published: 28 March 2013 John Sawyer pointed me to a blog post Getting the most out of your pentesting by Wendy Nather of 451 Security. I would like to provide a little bit more context in the hopes that it…

Welcome to InGuardians Labs Blog!

Original Post Author: Chris Sanders [Twitter: @chrissanders88] Original Date Published: 22 February 2013 All of us at InGuardians are really excited to welcome you to the first post on our InGuardians Labs blog. In addition to consulting, InGuardians prides itself on being one of the leading information security research firms,…