Dec 23, 2017

IoT/Embedded Device Hacking Training

Just finished attending the IoT/Embedded Device Hacking 5-day Training (Dec 18~22).

This training course is designed to help people working in the information security industry to learn basic knowledge needed to hack and reverse-engineer embedded system. The training covers embedded device hacking with UART/JTAG, dumping/parsing/extracting/analyzing firmware image, modifying firmware, detecting/analyzing embedded malware, discovering/exploiting vulnerabilities in firmware, and wireless hacking using SDR.

Course Outline:

  • Module 1: Hunting for UART ports
  • Module 2: Hacking Embedded Device with JTAG
  • Module 3: Firmware Acquisition
  • Module 4:  Basics of Reverse Engineering ARM/MIPS Code
  • Module 5:  Embedded Device Vulnerability Assessment
  • Module 6:  Embedded Malware Detection and Analysis
  • Module 7:  Modifying Firmware for Fun and Profit
  • Module 8:  Hacking Wireless Network

Link: IoT / Embedded Device Hacking


Sep 4, 2017

Simplify Security Stages

Many people, even some CISO, have no idea there is a different driving factor for different security generation.

With many years in working in Cybersecurity world, I found that there are different generation of Cybersecurity, just like the gen-X and gen-Y. And these Cybersecurity generation is driven by different factors depends on which stage the company at.

I called this Simplify Security Stage. Here is the different driving factor in different generation/stage. 

  1. Generation 1 - (driving by Network Security)
  2. Generation 2 - (driving by Application Security)
  3. Generation 3 - (driving by Identity, Access and Management)

During the security generation 1, every company is focusing on network security. Thus, a successful Cybersecurity program is largely depends on how the network security performs. 

I started my security career in 1999, there it is when the security generation 1 started for most of the company. At this stage, whenever we talk about security architecture, we are talking about network security.

At around 2005, security generation 2 becomes more popular. Everyone in Cybersecurity starts talking about Application Security, penetration testing, and ethical hacking. 

And at around 2011, web application security is focused by almost everyone including IT personnel. To me, I'm still considering it as stage 2. And at this stage, the driving factor for a successful Cybersecurity team is how your application security works. This is also where the time everyone is talking about SDLC and application security framework. Most of the time, people like to refer to application architecture as security architecture.

Starting from 2016 (actually back in 2008/2009) the cloud-based infrastructure becomes a hot topic for enterprise. Many new terms such as SaaS/PaaS/IaaS or even XaaS describes how the new generation has begin to change how things work. 

IMO, the Identity-Access-and-Management or IAM, will be the key driving factor for a successful Cybersecurity organization in stage 3. 

This is simply because of the cloud infrastructure is far more complicated and accessible comparing to the stage 2. Look at the AWS/Azure/GCP configuration, everything start from IAM. To me, IAM will be used to describe the next security architecture. Thus my prediction for stage 3 security, most attack will be focusing on testing how IAM will perform, like how we focusing on network security and application security in the past.

So, at what stage your company today? Start learning to be the key driving factor for next generation of Cybersecurity.

Feb 7, 2017

WiFi Password


  • Open command prompt and run it as administrator
  • Llist all the Wi-Fi profiles, type this command in CMD “netsh wlan show profile.”
  • Show the password by type the command “netsh wlan show profile [wifi- name] key=clear.”