[Mobile App security Demo]

5 hours ago, icarus255 said:

To be completely honest with you, I have never used any of the hak5 WiFi gear. I have the BB (which I love) and received my packet squirrel  yesterday. You have to keep in mind that these are just automated tools and frameworks designed to help pen-testers and enthusiasts learn about IT security. You can carry out the same wifi attacks with your laptop and two wireless adapters that the pineapple can .

I don't work in IT but I work for a large organisation and I still recommend just showing a video demo of your exploits rather than doing anything live. Wifi signals are hard to control unless you know what you're doing and if you've never used the tools before.... anyway I said my warnings and disclaimers.

Once you have users on a network (regardless of whether it's open or protected) where you can control and manipulate traffic, a malicious user can carry out a wide variety of attacks starting from simple traffic captures, enrcyption downgrades, DNS spoofing, and packet injection. The goal in most cases is to either capture login credentials and/or distribute malware. These attacks are much harder to carry out in real life though because web developers, browser vendors, and AV products will use their own defences to protect their users against these attacks.

There are many tools out there that will help you with your educational requirements. Evil Portal and Wifi Phisher are just some examples and can get you started on your journey.

https://github.com/wifiphisher/wifiphisher

https://github.com/frozenjava/EvilPortalNano

https://github.com/kbeflo/evilportals

I haven't used these tools before so I can't tell you how to use them but I'm sure there have been some discussions on the forums and the google ?

Good luck, amigo.

Thanks for the info above. Live demos yes are the trickiest things to do in Security but we find now that audiences prefer live as it seems more genuine. Even recently we done a live hack where things did go wrong and our team recovered during it and the audience actually loved it because things did go wrong and they seen it was genuine then rather than a video. 

[Mobile App security Demo]

2 hours ago, Bigbiz said:

Everyone has there own idea of what a computer hacker does and should be able to do. No single hacker is the same all unique. Same goes with the tools used. Lots of different ones out there. Do what you feel is right.

Thanks Bigbiz. Yes everyone to their own. I never used the hak5 gear so was just looking for ideas on it as it might be useful and easy to setup. 

[Mobile App security Demo]

PS: I never used any of the hak5 gear so was just wondering about ideas. Otherwise I will just do a Android Metasploit demo anyway. 

[Mobile App security Demo]

Thanks Icarus255 ?

 

I should have said my Live Demo Would be on a private network that is setup for test purposes. The devices again connected to this would be test devices and none of the audience will be able to connect to our network. 

 

Thanks again 

[Mobile App security Demo]

Hi All,

new to the forum so was looking for some advice and help. I am looking at purchasing the hak5 Essentials Field kit (really because it looks cool) for a demo at a stand that I have to give on Mobile App Security in my workplace. I know the Field kit isn't exactly linked to anything related to Mobile App Security but I was thinking on just giving a demo on "the dangers connecting to Public Wifis". The audience passing through aren't in any distinct working group within cybersecurity so they sometimes just like to see something simple and related to Cybersecurity that would shock them in their everyday lives. 

 

I was just wondering if anyone has any other ideas that I could demo on using the kit, that lets say was exactly related to Mobile App security or Mobile security as I will have various android and iOS devices sitting on the stand.

 

Sorry for all the long reading above.

 

thanks,

Paul