Learn
DNS Privacy: DoH and DoT Explained - Encrypting Your Internet's Address Book
Table of Contents The DNS Privacy Problem How Standard DNS Works What DNS Queries Reveal DNS over TLS (DoT) DNS over HTTPS (DoH) DoT vs. DoH: Key Differences Choosing a...
DNS Privacy: DoH and DoT Explained - Encrypting Your Internet's Address Book
Table of Contents The DNS Privacy Problem How Standard DNS Works What DNS Queries Reveal DNS over TLS (DoT) DNS over HTTPS (DoH) DoT vs. DoH: Key Differences Choosing a...
Wireless Device Fingerprinting Explained: How You're Tracked Despite MAC Randomization
Table of Contents Beyond MAC Addresses OUI-Based Identification Probe Request Content Analysis Timing-Based Fingerprints Radio-Frequency Fingerprinting Protocol-Level Fingerprinting Multi-Layer Correlation Techniques Machine Learning Approaches Countermeasures and Their Limits Practical Assessment...
Wireless Device Fingerprinting Explained: How You're Tracked Despite MAC Randomization
Table of Contents Beyond MAC Addresses OUI-Based Identification Probe Request Content Analysis Timing-Based Fingerprints Radio-Frequency Fingerprinting Protocol-Level Fingerprinting Multi-Layer Correlation Techniques Machine Learning Approaches Countermeasures and Their Limits Practical Assessment...
BLE Advertising and Privacy: What Bluetooth Devices Broadcast About You
Table of Contents Always Broadcasting BLE Advertisement Structure What Advertisements Contain Manufacturer-Specific Data as Fingerprints Health Device Data Leaks Beacon Protocols: iBeacon, Eddystone, and AltBeacon Tracking via BLE Advertisements BLE...
BLE Advertising and Privacy: What Bluetooth Devices Broadcast About You
Table of Contents Always Broadcasting BLE Advertisement Structure What Advertisements Contain Manufacturer-Specific Data as Fingerprints Health Device Data Leaks Beacon Protocols: iBeacon, Eddystone, and AltBeacon Tracking via BLE Advertisements BLE...
AirTag Tracking and Anti-Stalking Measures: How Apple's Find My Network Handles Abuse
Table of Contents The Find My Network How AirTags Work Technically The Stalking Problem Anti-Stalking Alert System Tracker Detect for Android The Cross-Platform Tracking Detection Standard Gaps in Current Protections...
AirTag Tracking and Anti-Stalking Measures: How Apple's Find My Network Handles Abuse
Table of Contents The Find My Network How AirTags Work Technically The Stalking Problem Anti-Stalking Alert System Tracker Detect for Android The Cross-Platform Tracking Detection Standard Gaps in Current Protections...
MAC Randomization: What It Does and Doesn't Protect Against
Table of Contents The Promise of MAC Randomization How MAC Randomization Works Implementation Differences Across Platforms Scanning MACs vs. Association MACs Timing Correlation Attacks Fingerprinting Beyond the MAC Address Network-Side...
MAC Randomization: What It Does and Doesn't Protect Against
Table of Contents The Promise of MAC Randomization How MAC Randomization Works Implementation Differences Across Platforms Scanning MACs vs. Association MACs Timing Correlation Attacks Fingerprinting Beyond the MAC Address Network-Side...
How WiFi Probe Requests Track You: What Your Phone Broadcasts to Everyone
Table of Contents Your Phone Is Shouting What Are Probe Requests? What Probe Requests Reveal About You The Preferred Network List Problem Location Tracking via Probe Requests Commercial WiFi Tracking...
How WiFi Probe Requests Track You: What Your Phone Broadcasts to Everyone
Table of Contents Your Phone Is Shouting What Are Probe Requests? What Probe Requests Reveal About You The Preferred Network List Problem Location Tracking via Probe Requests Commercial WiFi Tracking...
Social Engineering for Physical Entry: How Attackers Walk Through the Front Door
Table of Contents Beyond Technical Attacks What Is Pretexting? Common Pretext Scenarios The Psychology of Compliance Reconnaissance Before the Attack Tailgating and Piggybacking Props, Uniforms, and Appearance Technology-Assisted Social Engineering...
Social Engineering for Physical Entry: How Attackers Walk Through the Front Door
Table of Contents Beyond Technical Attacks What Is Pretexting? Common Pretext Scenarios The Psychology of Compliance Reconnaissance Before the Attack Tailgating and Piggybacking Props, Uniforms, and Appearance Technology-Assisted Social Engineering...
Lock Picking Basics: How Pin Tumbler Locks Work and How They Fail
Table of Contents Why Learn About Lock Picking? How Pin Tumbler Locks Work Single Pin Picking (SPP) Raking: The Fast Approach Bump Keys Other Bypass Techniques Security Pins and Anti-Pick...
Lock Picking Basics: How Pin Tumbler Locks Work and How They Fail
Table of Contents Why Learn About Lock Picking? How Pin Tumbler Locks Work Single Pin Picking (SPP) Raking: The Fast Approach Bump Keys Other Bypass Techniques Security Pins and Anti-Pick...
Hardware Implants: An Overview of Supply Chain and Physical Access Attacks
Table of Contents What Are Hardware Implants? Supply Chain Interdiction USB-Based Implants PCIe and Bus-Level Implants Network Equipment Implants Firmware-Level Implants Why Detection Is So Hard Inspection and Detection Methods...
Hardware Implants: An Overview of Supply Chain and Physical Access Attacks
Table of Contents What Are Hardware Implants? Supply Chain Interdiction USB-Based Implants PCIe and Bus-Level Implants Network Equipment Implants Firmware-Level Implants Why Detection Is So Hard Inspection and Detection Methods...
TEMPEST: How Electromagnetic Eavesdropping Works and Why It Still Matters
Table of Contents What Is TEMPEST? Van Eck Phreaking: Watching Your Screen from Next Door How Electromagnetic Emanations Work HDMI and Display Emanations Keyboard Emanations Other Emanation Sources The TEMPEST...
TEMPEST: How Electromagnetic Eavesdropping Works and Why It Still Matters
Table of Contents What Is TEMPEST? Van Eck Phreaking: Watching Your Screen from Next Door How Electromagnetic Emanations Work HDMI and Display Emanations Keyboard Emanations Other Emanation Sources The TEMPEST...
Faraday Cages Explained
Table of Contents What Is a Faraday Cage? The Physics of Electromagnetic Shielding How Faraday Cages Actually Work Shielding Effectiveness RFID and NFC Shielding Forensic Device Isolation DIY Faraday Bags...
Faraday Cages Explained
Table of Contents What Is a Faraday Cage? The Physics of Electromagnetic Shielding How Faraday Cages Actually Work Shielding Effectiveness RFID and NFC Shielding Forensic Device Isolation DIY Faraday Bags...
Tailgating and Piggybacking
Table of Contents What Is Tailgating? Tailgating vs Piggybacking Why It Works: The Psychology Common Scenarios Measuring the Risk Technical Countermeasures Procedural Countermeasures Security Awareness Training Penetration Testing for Tailgating...
Tailgating and Piggybacking
Table of Contents What Is Tailgating? Tailgating vs Piggybacking Why It Works: The Psychology Common Scenarios Measuring the Risk Technical Countermeasures Procedural Countermeasures Security Awareness Training Penetration Testing for Tailgating...
Badge Cloning Explained
Table of Contents What Is Badge Cloning? How Badge Cloning Works LF Badge Cloning: The Easy Target HF Badge Cloning: It Depends Tools of the Trade Long-Range Badge Reading Real-World...
Badge Cloning Explained
Table of Contents What Is Badge Cloning? How Badge Cloning Works LF Badge Cloning: The Easy Target HF Badge Cloning: It Depends Tools of the Trade Long-Range Badge Reading Real-World...
Physical Penetration Testing: An Introduction
Table of Contents What Is Physical Penetration Testing? How It Differs from Digital Penetration Testing Why Physical Pentesting Matters Methodology and Phases Common Techniques Legal Framework and Authorization Rules of...
Physical Penetration Testing: An Introduction
Table of Contents What Is Physical Penetration Testing? How It Differs from Digital Penetration Testing Why Physical Pentesting Matters Methodology and Phases Common Techniques Legal Framework and Authorization Rules of...
Physical Access Control Systems: An Overview
Table of Contents What Is a Physical Access Control System? The Four Layers Credentials: What You Carry Readers: The Interface Controllers: The Decision Makers Management Software Communication Protocols Attack Surfaces...
Physical Access Control Systems: An Overview
Table of Contents What Is a Physical Access Control System? The Four Layers Credentials: What You Carry Readers: The Interface Controllers: The Decision Makers Management Software Communication Protocols Attack Surfaces...
Contactless Payment Security
Table of Contents How Contactless Payments Work The EMV Contactless Protocol Cryptographic Security Tokenization: Mobile Payment Security The Attack Surface Relay Attacks on Payments Transaction Limits and PIN Requirements Real-World...
Contactless Payment Security
Table of Contents How Contactless Payments Work The EMV Contactless Protocol Cryptographic Security Tokenization: Mobile Payment Security The Attack Surface Relay Attacks on Payments Transaction Limits and PIN Requirements Real-World...
NFC Relay Attacks
Table of Contents What Is a Relay Attack? How NFC Relay Attacks Work Technical Deep Dive Relay Attacks on Contactless Payments Relay Attacks on Access Control Demonstrated Attacks and Research...
NFC Relay Attacks
Table of Contents What Is a Relay Attack? How NFC Relay Attacks Work Technical Deep Dive Relay Attacks on Contactless Payments Relay Attacks on Access Control Demonstrated Attacks and Research...
What Is NFC?
Table of Contents NFC Basics How NFC Works at the Physical Layer The Three Operating Modes NFC Standards and Tag Types Mobile NFC: Android and iOS NFC vs RFID: What...
What Is NFC?
Table of Contents NFC Basics How NFC Works at the Physical Layer The Three Operating Modes NFC Standards and Tag Types Mobile NFC: Android and iOS NFC vs RFID: What...
MIFARE Classic Vulnerabilities
Table of Contents What Is MIFARE Classic? The CRYPTO1 Cipher How CRYPTO1 Was Broken The Nested Authentication Attack The Hardnested Attack The Darkside Attack Real-World Impact Countermeasures and Migration Tools...
MIFARE Classic Vulnerabilities
Table of Contents What Is MIFARE Classic? The CRYPTO1 Cipher How CRYPTO1 Was Broken The Nested Authentication Attack The Hardnested Attack The Darkside Attack Real-World Impact Countermeasures and Migration Tools...
HF vs LF RFID: What Is the Difference?
Table of Contents What Is RFID, Briefly? Low-Frequency RFID (125kHz) High-Frequency RFID (13.56MHz) Side-by-Side Comparison Security Differences Access Control: Where Each Fits Dual-Frequency Systems Choosing Between HF and LF Conclusion...
HF vs LF RFID: What Is the Difference?
Table of Contents What Is RFID, Briefly? Low-Frequency RFID (125kHz) High-Frequency RFID (13.56MHz) Side-by-Side Comparison Security Differences Access Control: Where Each Fits Dual-Frequency Systems Choosing Between HF and LF Conclusion...
What Is RFID?
Table of Contents What Is RFID? How RFID Works Passive vs Active Tags Frequency Bands RFID in Access Control RFID in Passports and IDs RFID in Supply Chains NFC: A...
What Is RFID?
Table of Contents What Is RFID? How RFID Works Passive vs Active Tags Frequency Bands RFID in Access Control RFID in Passports and IDs RFID in Supply Chains NFC: A...
Kismet vs Wireshark: When to Use Each
Table of Contents Two Tools, Different Jobs What Is Kismet? What Is Wireshark? Key Differences Where Kismet Excels Where Wireshark Excels Capture vs Analysis Wireless Monitoring Workflows Using Kismet and...
Kismet vs Wireshark: When to Use Each
Table of Contents Two Tools, Different Jobs What Is Kismet? What Is Wireshark? Key Differences Where Kismet Excels Where Wireshark Excels Capture vs Analysis Wireless Monitoring Workflows Using Kismet and...
Building a Rogue AP Lab
Table of Contents Why Build a Rogue AP Lab? Lab Architecture Overview Hardware Requirements Network Isolation Setting Up the Legitimate AP Building the Evil Twin Creating a Captive Portal Traffic...
Building a Rogue AP Lab
Table of Contents Why Build a Rogue AP Lab? Lab Architecture Overview Hardware Requirements Network Isolation Setting Up the Legitimate AP Building the Evil Twin Creating a Captive Portal Traffic...
hostapd-wpe: Rogue Enterprise AP Testing
Table of Contents Enterprise WiFi Authentication What Is hostapd-wpe? How 802.1X Authentication Works The Vulnerability How hostapd-wpe Works Setting Up hostapd-wpe Capturing Credentials Cracking the Captured Hashes Beyond PEAP/MSCHAPv2 Defending...
hostapd-wpe: Rogue Enterprise AP Testing
Table of Contents Enterprise WiFi Authentication What Is hostapd-wpe? How 802.1X Authentication Works The Vulnerability How hostapd-wpe Works Setting Up hostapd-wpe Capturing Credentials Cracking the Captured Hashes Beyond PEAP/MSCHAPv2 Defending...