Praeda to PraedaSploit: The embedded device data Harvesting tool for the masses - Deral Heiland “Percent_X” OISF 2014 (Hacking Illustrated Series InfoSec Tutorial Videos)
Praeda to PraedaSploit: The embedded device data Harvesting tool for the masses - Deral Heiland “Percent_X”
Bio
Deral Heiland CISSP, GWAPT, serves as a Senior Security Consultant for Rapid7 where he is responsible for security assessments, and consulting for corporations and government agencies. Deral is also founder of Ohio Information Security Forum a not for profit organization that focuses on information security training and education. Deral is also the creator of the open source tool “Praeda” an data harvesting tool used to extract critical information from embedded devices. Deral has also presented at numerous national and international security conferences including BlackHat, ShmooCon, Defcon, Derbycon, Hacker Halted, Securitybyte India and Hackcon Norway. Deral has been interviewed by and quoted by several media outlets and publications including Bloomberg UTV, MIT Technical Review, MSNBC, Threatpost and SC Magazine.
Abstract
In this presentation I will discuss several of the most effective Multifunction printer attack vectors and how they can be leveraged by attackers to compromise critical systems. I will also be discussing the automation of these attack vectors. Including the the current open source automated data harvesting tool Praeda. We will also discuss the current project to migrate all exploit and data discovery modules it into Metasploit, and the planed future development of Praedasploit, for the automation of system fingerprinting and integration into Metasploit.
Back to OISF 2014 video list
Printable version of this article