Our Blog

PEAP Relay Attacks with wpa_sycophant

Reading time: ~8 min
Back in 2018, I was interested that MSCHAPv2 and NTLMv1 hashes crack using the same algorithms, and wanting to get...

Understanding PEAP In-Depth

Reading time: ~21 min
tl;dr We reported a long standing PEAP bug in all Apple devices that would allow an attacker to force any...

Handling Randomised MAC Addresses in MANA

Reading time: ~3 min
mana development has been chugging along nicely. However, the OffSec crew politely asked us to move mana to proper releases...

Too Easy – Adding Root CA’s to iOS Devices

Reading time: ~8 min
With the recent buzz around the iMessage crypto bug from the John’s Hopkins team, several people pointed out that you...

Improvements in Rogue AP attacks – MANA 1/2

Reading time: ~9 min
At Defcon 22 we presented several improvements in wifi rogue access point attacks. We entitled the talk “Manna from heaven”...