Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants

Recently, we assessed two point-of-sale (POS) systems for clients in different industries – Retail and Restaurants. POS systems are the latest and greatest hacking target taking place around the nation. In the last couple of years, we’ve read a lot about big organizations being hacked and credit card information stolen. In these instances, terminals from the … More Point-of-Sale System Security Analysis : How hackers gain access to POS systems in retail and restaurants

Proxmark 3 Cheat Sheet and RFID Thief Instructions

Found some awesome write-ups from Alex Dib regarding building your own RFID cloner and a useful Proxmark3 cheat sheet, and wanted to share! Proxmark3 Cheat Sheet Great cheat sheet for those using the Proxmark3 software. https://scund00r.com/all/rfid/2018/06/05/proxmark-cheatsheet.html   RFID Thief v2.0 Very detailed write-up for building your own long-range RFID cloner. https://scund00r.com/all/rfid/tutorial/2018/07/12/rfid-theif-v2.html    

Internet Enumeration and Discovery – Know Your Network Footprint

One of a company’s most important responsibilities is to know its network footprint. Many large corporations are compartmentalized, and different groups have different responsibilities that rarely overlap. It’s not uncommon for a company to have multiple class-C IP address ranges, along with third-party hosted websites, and not really realize they exist within the organization’s assets. … More Internet Enumeration and Discovery – Know Your Network Footprint

Who’s Slide Is It Anyway

Here are some presentations that I made for “Who’s Slide Is It Anyway”, “Slideshow Karaoke”, “Slideshow Roulette”, or whatever else you want to call it. They are pretty random, and a fun play on popular topics and buzzwords within the #InfoSec community. They are meant to be fun and technically inaccurate on purpose, and in … More Who’s Slide Is It Anyway

Make an Incomplete Nmap .xml File Usable Again

Make an Incomplete Nmap Scan .xml File Usable for Rawr and Other Applications That Accept .csv File-types This is a very non-technical how-to for newcomers who have found themselves in a situation where for some reason or another, their Nmap scan wasn’t able to complete. This can be a problem when you were planning on feeding … More Make an Incomplete Nmap .xml File Usable Again

Proxmark3 Resources

Resource to flash the Proxmark3 from the standard HF mode, to LF mode: https://legacysecuritygroup.com/index.php/projects/categories/9-rfid/7-proxmark-3-emulating-hid-tags-in-standalone-mode WINDOWS Download the github proxmark3 standalone LF emulator Master by Corey Harding —https://github.com/exploitagency/github-proxmark3-standalone-lf-emulator Run Easy Flash Utility for Windows .bat This tool is handy for reflashing your Proxmark3 for whatever you need it for Reference: https://www.youtube.com/watch?v=06DgTuJcMQ8 Plug in your Proxmark3 and … More Proxmark3 Resources