Subscribe

Five top security experimentation tools

Staff Writer
By Staff Writer, ITWeb
Johannesburg, 21 May 2015
Great Scott Gadgets founder Michael Ossmann says security experts need to consider a wide range of security adversaries.
Great Scott Gadgets founder Michael Ossmann says security experts need to consider a wide range of security adversaries.

Security practitioners need to consider a wide range of security foes, including those that may have National Security Agency (NSA) capabilities.

This is according to Great Scott Gadget founder Michael Ossmann, who says this is where the NSA Playset comes in.

Ossmann is a wireless communication security researcher in search of tools that can be used by experts and practitioners for hardware and communication security. He will address next week's ITWeb Security Summit 2015.

The NSA Playset is essentially an effort to promote the understanding that nation-state tools can be implemented and deployed by anyone. "We can build similar tools ourselves, learn about practical weaknesses of our systems, and have fun in the process," says Ossmann.

These are Ossmann's top five open source hardware tools currently available:

1. ChipWhisperer-Lite: This is the first low-cost platform specifically designed to make it easy to experiment with side channel attacks.

2. HackRF One: Software-defined radio (SDR) is the most powerful technique for experimentation with wireless communication security. HackRF One is a portable SDR peripheral that supports the widest range of applications in a small, low-cost package.

3. GoodFET: The hardware hacker's first tool supports an array of Joint Test Action Group and serial debugging functions. You can use it to reverse-engineer or re-program an array of off-the-shelf equipment, and variants such as the FaceDancer support testing of USB and other communication interfaces.

ITWeb Security Summit 2015

This annual infosec event from ITWeb is a 'must-attend' for every IT and security professional and senior manager with business and information management responsibilities. Click here to register.

4. Ubertooth One: Every wireless security practitioner needs a way to detect operating Bluetooth devices, and Ubertooth One is the best tool for the job. Additionally, it can be used for an increasing number of classic Bluetooth and Bluetooth low-energy reverse-engineering and development functions.

5. Beaglebone Black: At first glance it may appear to be just another single board Linux computer, but the Beaglebone Black is a versatile platform usable for USBProxy and other software tools for security testing.

Share