Teensy programming for everyone



Teensy programming for everyone

Trainer: Nikhil Mittal
Nikhil Mittal is a hacker, info sec researcher and enthusiast. His area of interest includes penetration testing, attack research, defense strategies and post exploitation research. He has many years of experience in Penetration Testing of many Government Organizations of India and other global corporate giants.

He specializes in assessing security risks at secure environments which require novel attack vectors and “out of the box” approach. He has worked extensively on using HID in Penetration Tests and is creator of Kautilya, a toolkit which makes it easy to use Teensy in penetration tests. In his free time, Nikhil likes to scan full IP ranges of countries for specific vulnerabilities, writes some silly Metasploit scripts and does some vulnerability research. He has spoken at Clubhack’10, Hackfest’11, Clubhack’11, Black Hat Abu Dhabi’11, Troopers’12 and Black Hat Europe’12
 

 

Description:
Getting into systems is getting harder by day using traditional methods. As a penetration tester or a security administrator you should know what methods an attacker may use to compromise a system. The emphasis of this training will be on using Teensy which is a Human Interface Device. It is an Arduino board based device which can be programmed and used as a keyboard and mouse. Details about Kautilya will be discussed which is a toolkit developed by the trainer which eases the use of Teensy in Penetration Tests. The participants will learn about programming Teensy as per their need using Arduino and also to customize Kautilya. There will be lots of attack vectors, discussions, hands on and fun. Participants should be able to program their own devices after the training.
 

Course Content:

  • Introduction to Teensy
  • Basics of Arduino Development Environment (ADE)
  • Installing and configuring ADE to use with Teensy
  • Understanding the basics of programming using ADE
  • Writing Hello World
  • Basic usage and programming of Teensy
  • Introduction to Kautilya
  • Demonstration of Payloads in Kautilya
  • Program and perform attacks on a Windows machine
  • Program and perform advanced attacks on a Windows machine
  • Program and perform attacks on Linux Machin
  • Program and perform advanced Attacks on Linux Machines
  • Program and perform attacks on OS X Machines/li>
  • Program and perform advanced attacks on OS X Machines/li>
  • Understanding structure of and automation using Kautilya
  • Understanding Integration of payloads in Kautilya

    •  

     
    Prerequisites:
  • Basic understanding of any programming and/or scripting language could be helpful but not mandatory.
    •
  • An open mind
    •
     

    Course Requirements:

  • System with at least 2GB of RAM
  • Ability to run virtual machines/operating systems
    •
  • A Teensy++ 2.0 device
    •

    Participants will get:

  • Understanding how a Human Interface Device could be used to compromise systems
  • Understanding of Teensy as an attack vector
  • Realize that an Operating System can be used against itself and built-in tools and commands could be very useful during penetration tests
  • Realize that inherent trust for Human Interface Devices by Operating Systems could be dangerous
  • Learning how above can be implemented using Kautilya
  • Learning how payloads in Kautilya can be customized as per requirements for targeted usage during penetration tests
  • Writing their own code and payloads for usage in Penetration Tests
    •
  • Every attendee will receive a free Teensy++ board with USB Cable
    •


     
    Course Length & Location:
    Dates: September 25 & 26, 2012
    Meeting Time: 9:00 AM – 5:00 PM
    DeVos Place (Room TBA) 303 Monroe Ave. Grand Rapids, MI 49503
     

    Registration:

    Price $1,500, Includes GA ticket for GrrCON & Free Teensy++ board with USB Cable      
     
    Registration is OPEN