Skip to content →

Category: Wireless


The is the first of a two part series about our attempts to make rogue AP attacks against 802.11n and 802.11ac networks a bit easier. Up until this point, we haven’t really seen any serious attempts to provide out-of-the-box support for rogue AP attacks against 802.11ac and 802.11n. Considering that most modern wireless networks use these versions of the 802.11 standard, we decided to find out why and attempt to do something about the problem ourselves.

Leave a Comment

DEF CON 25: The Black Art Of Wireless Post-Exploitation – Bypassing Port-Based Access Controls Using Indirect Wireless Pivots

At DEF CON 25 and Hackfest 0x9 I introduced a novel attack that can be used to bypass port-based access controls in WPA2-EAP networks.

Leave a Comment

DEF CON 24 (Wireless Village): Slaying Rogue Access Points With Python And Cheap Hardware

This blog post will cover the development of sentrygun, from the algorithms used to detect rogue APs to the design patterns used to leverage those algorithms by network administrators.

Leave a Comment