Chigula - a framework for Wi-Fi Intrusion Detection and Forensics

Presented at DEF CON 23 (2015), Aug. 8, 2015, noon (60 minutes)

Most of Wi-Fi Intrusion Detection & Forensics is done today using million dollar products or spending hours applying filters in Wireshark :) Chigula aims to solve this by providing a comprehensive, extensible and scriptable framework for Wi-Fi intrusion detection and forensics. A non-exhaustive list of attacks which will be detected using this framework include: Attack tool detection - Aireplay-NG, Airbase-NG, Mdk3 etc. Honeypot, Evil Twin and Multipot attacks Rogue devices Vulnerable clients based on Probed SSIDs Hosted network based backdoors MAC spoofing Deauthentication attacks Disassociation attacks Channel Jamming attacks using duration field Vivek Ramachandran discovered the Caffe Latte attack, broke WEP Cloaking and publicly demonstrated enterprise Wi-Fi backdoors. He is the author of "Backtrack 5: Wireless Penetration Testing" which has sold over 13,000+ copies worldwide. He is the founder of SecurityTube.net and runs SecurityTube Training & Pentester Academy which has trained professionals from 90 countries. He has spoken/trained at DEF CON, Blackhat USA/Europe/Abu Dhabi, Brucon, Hacktivity etc. conferences.

Presenters:

  • Vivek Ramachandran - Founder, SecurityTube.net and Pentester Academy
    Vivek Ramachandran discovered the Caffe Latte attack, broke WEP Cloaking and publicly demonstrated enterprise Wi-Fi backdoors. He is the author of "Backtrack 5: Wireless Penetration Testing" which has sold over 13,000+ copies worldwide. He is the founder of SecurityTube.net and runs SecurityTube Training & Pentester Academy which has trained professionals from 90 countries. He has spoken/trained at DEF CON, Blackhat USA/Europe/Abu Dhabi, Brucon, Hacktivity etc. conferences. Twitter: @securitytube Facebook: https://www.facebook.com/pagesectube

Links:

Similar Presentations: