Our Blog

Come do Wi-Fi!

Reading time: ~5 min
Wi-Fi is everywhere and having a better understanding of it can fair you well! Over the years we have made...

Pass-the-hash WiFi

Reading time: ~5 min
Thanks to a tweet Dominic responded to, I saw someone mention Passing-the-hash when I think they actually meant relay. The...

PEAP Relay Attacks with wpa_sycophant

Reading time: ~8 min
Back in 2018, I was interested that MSCHAPv2 and NTLMv1 hashes crack using the same algorithms, and wanting to get...

Understanding PEAP In-Depth

Reading time: ~21 min
tl;dr We reported a long standing PEAP bug in all Apple devices that would allow an attacker to force any...

BSides Cape Town Secret Squirrel Challenge Write-Up

Reading time: ~6 min
Last weekend was the BSides Cape Town conference, currently ZA’s only hacker con. It’s a cool little con with big...

Snoopy with Mana

Reading time: ~4 min
In 2011 Glenn and Daniel released Snoopy, a set of tools for tracking and visualising wireless client activity. However, the Snoopy...

Improvements in Rogue AP attacks – MANA 1/2

Reading time: ~9 min
At Defcon 22 we presented several improvements in wifi rogue access point attacks. We entitled the talk “Manna from heaven”...

Commercial Snoopy Launch! [ ShadowLightly ]

Reading time: ~1 min
Hello world! We’ve been busy squireling away on a much requested project – a commercial Snoopy offering. We’ve called it...

Never mind the spies: the security gaps inside your phone

Reading time: ~2 min
For the last year, Glenn and I have been obsessed with our phones; especially with regard to the data being...

Rogue Access Points, a how-to

Reading time: ~12 min
In preparation for our wireless training course at BlackHat Vegas in a few weeks, I spent some time updating the...

Wifi Hacking & WPA/2 PSK traffic decryption

Reading time: ~3 min
When doing wireless assessments, I end up generating a ton of different scripts for various things that I thought it...

Snoopy: A distributed tracking and profiling framework

Reading time: ~17 min
At this year’s 44Con conference (held in London) Daniel and I introduced a project we had been working on for...