Physical Lock Security Workshop

I will be conducting Physical Lock Security Workshop at NullCon 2016, Goa

Workshop Details:

Physical Lock Security Workshop

Abstract

The locks used around us today are mass produces and widely exploitable. Right from your simple office drawer to your home’s main door, majority of locks are vulnerable to simple exploitation techniques. The strong looking hard metal locks can have soft roots for hacker undertaking. This workshop is going to help you learn types of locks like wafer locks, pin-tumbler locks and dimple locks and a way to open some of them without having an actual key by your disposal.


Speaker Bio
Amey Gat
Twitter: @ameygat

Working as Threat Researcher by Day ;-) Into information Security field from more than 10 years. Moderator and Core Team member of hackers group www.Garage4Hackers.com , one of the leet hacker groups of India. Hardware and Electronics enthusiastic works, with AVR and other embedded devices as hobby. Started first Lock Picking Workshop in India at NullCon 2015, Done embedded hardware workshop in NullCon, Creator of first Nullcon Hardware Badge in 2014, Multiple time speaker at NullCon. Likes to research on hardware vectors interfacing with current infrastructures of computer networks.

About NullCon
Nullcon was founded in 2010 with the idea of providing an integrated platform for exchanging information on the latest attack vectors, zero day vulnerabilities and unknown threats. Our motto - "The neXt security thing!" drives the objective of the conference i.e. to discuss and showcase the future of information security and the next-generation of offensive and defensive security technology.

Click HERE for Our Official Speaker page on

NullCon.net Book your nullcon Tickets Here

Pathetic efforts by driving schools to increase their income.

Driving schools want training made compulsory

 The first thought might come to our mind that driving schools are doing good duty to the citizens by actually trying to train the drivers. But if you check the current conditions RTO Offices we can easily see that this is just a pathetic effort to increase the income of the driving schools and the agents at RTO.  Instead of suggesting the RTO personals should make serious exams for the drivers to get driving license they are suggesting compulsory training. So what will happen is that they would get some more money for training and pay some more bribe to RTO officials and people would get driving license without that training also.
        Why some one not suggesting more tough exams should be there at RTO before handing out the licenses.  The answer is simple because that will hamper illegal income of the RTO people as well as the agents who are in the RTO offices. If exams are tough people cant easily give money and get driving licenses. So we the public should raise voice against this kind of non-sense going on.
        There should be some feedback system at RTO which affects the inspectors who give driving license. No one checks the quality of the exams and the driving test which are going on in RTO. If the person given license is involved in to accident/law breaking some negative marks should be given to the officer giving him license. After some threshold the officer should be asked why large number of people he gave license are not aware of the road laws and are being involved in the accidents/ law breaking.

Mexico Vs Brasil ... #Ochoa

What game the Mexican team played. They denied Brasil of any goals and also made some good conter attacks. Even after following team Brasil I couldn't deny Mexican great game. The goal keeper Ochoa was just ow-some today. It was Ochoa's day today in this match. Every thing went good for him. :-)
 I am beginning to doubt Brasil team capabilities as Croatia also played great against them.

Null Hardware Badge 101 (Desi Jugaad)

Hi Friends,

I am giving talk in NullCon 2014, Goa about Null Hardware Badge 101.

We have created the first Hardware Badge for NullCon.

Checkout http://nullcon.net/website/goa-14/speakers/amey-and-umesh.php for talk details.

I will be posting more techincal details and information about the Atmega8 Badge and its working here afterwards.

Thanks

:-)

Talk @ Nullcon

I am giving talk at Nullcon 2012 (Hackers and Security Conference - www.nullcon.net)

Microcontroller has got my attention in these some days and I am trying to work micro-controller for various projects.

Here is abstract of my talk that would be in NullCon 2012

--- Teensy for Fun and Jugaad ---

Lots of people might have already came across the Teensy USB development board.

If not then Teensy is usb development board which contains microcontroller from the ATMEGA family. This development board has built in USB connectivity to interface with PC.

It is currently famous for its ability to act as USB Keybord and Mouse and send commands as per preprogrammed in its microcontroller. Talks are being given in security conferences worldwide (like defcon / blackhat) demonstrating how Teensy can be programmed and used as attack vector in Penetration Testing.

But opposite to the trend this paper will NOT show teensy as attack vector. But it will show using Teensy as Interfacing circuit. This talk will present an idea to Control PC Applications as well as control mouse through TV Remote Control.

This talk will demonstrate IR Receiver Circuit with Teensy and will give brief idea about some other interfacing possible using the Teensy Development board. The circuit itself is very simple. Talk will also show how this circuit can be used with most of the TV remote just by changing small code in the program

Giving Training at NullCon

Well I am giving Talk at NullCon in the Desi Jugad (Indian Hack) Section.
I would also be giving training under the Hardware village section
Here are some details of the training program

Event Name: Teensy Village

About the village:

Teensy village is basically to get idea about the Teensy (Microcontroller Development Board) and stuff that can be done with Teensy. This village would be tending more towards the hardware side as well as interfacing. Basic electronics knowledge would be a great help while starting this village. Never fear if you have very less electronics knowledge depending upon the overall public we can take little bit basic electronics knowledge also. We will keep hands on approach to give information about Teensy.

On day 1 we will learn about Basics of Teensy and IDE setup on Day 2 we will have advance course in Teensy about interfacing it with electronics components, electronics input and output, Use Teensy to send Keyboard and Mouse events to PC.

Who Should Attend:

Day 1: People who are New to Teensy, New to Microcontrollers or People who want to attend Day 2, As in day one we will take basics as well as setup Development Environment for Teensy also.

Day 2: People who want to learn more than software programming of teensy, hardware interfacing, more fun modules which can be interfaced.

Village Content:

Day 1: Basics of Teensy

- What is Teensy

- Details of Teensy Development Board

- Teensy Loader and HID Listen (Debug purpose)

- Using Teensyduino : Addon for Arduino IDE

- Basic Programs with Teensyduino

Day 2: Advanced Teensy

- Using Teensy as USB serial device

- Interfacing basic electronic components with Teensy

- Working with electronic input / output in Teensy

- Using Teensy to send Keyboard and Mouse events to PC

Where is the Spark in Students ?

Recently visited a college and had chance to give a guest lecture regarding ethical hacking to the Masters Degree Students.

I didnt wanted the lecture to be just one way communication. So asked some questions regarding the networking. But sadly no student had correct understanding of basics of network communication. They didnt answered simple questions like explanation of the TCPIP 3 Way Handshake.

Well I told them importance of the basic knowledge. I was taken aback when the students didnt came across the basic questions like how does things happen in the background when we type a URL e.g. www.yahoo.com in browser and till the yahoo.com page is displayed in the browser. There was a silver line to the cloud but, After lecture was finished students asked me to explain what what steps are there when we type URL in browser. I explained that to them. But I felt bad nobody had that spark. I dont know if it is because of the students mindset or how they are being taught. If student dont have this kind of basic knowledge and mindset to know how things worked it is a sad thing.

When I asked what type of projects are they doing , are they trying to take any requirements from a real life scenario and then built projects on them it was not there.

I think it is very much important to do atleast one good and technically strong project in the college days. But normally students just try to get old project reports and make little bit change in database fields and submit the project. But when student go on to give job interview none of these project will help them. Thats why I think at-least one different , strong project should be done. Well if I am seeing a resume of a fresher what are the things which will attract me most ?

It is the projects done by him and any certifications done by him.

Sadly students are only interested to just complete some project for the sake of it. Which is not good in the long term for the student.

Something should be done to change students mindset. I am going to discuss this offline further with others if anything could be done in this regard.