SCHUTZWERK GmbH

19

Mar

2020

A tool for automated generation and configuration of test environments in Microsoft Azure

AzureGenerat0r

Hands-on practice is an efficient way for penetration testers to gain in-depth knowledge of a certain skill or technology. Providing hands-on practice requires setting up an environment for test and training purposes. Setting up a test environment manually can be time-consuming and very frustrating. This is caused by long installation processes and configuration procedures. Besides that, setting up big test environments can be expensive due to the necessary infrastructure or computational power.

Combining Safety and Security Threat Modeling to Improve Automotive Penetration Testing

Threat Modeling with TMTe4PT

From a traditional point of view, vehicles used to be closed systems in which components communicated between each other over a central vehicle bus and no connection to remote systems was possible. However, this has drastically changed during the last years with increasing connectivity and autonomy of today’s vehicles. While car manufacturers have a long experience in dealing with safety problems, dealing with security risks raised by this development is a relatively new domain for them.

A security analysis toolkit for proprietary car protocols

Canalyzat0r

While car manufacturers steadily refine and advance vehicle systems, requirements of the underlying networks increase even further. Striving for smart cars, a fast-growing amount of components are interconnected within a single car. This results in specialized and often proprietary car protocols built based on standardized technology. Most of these protocols are based on bus protocols: All network nodes within such a bus network are connected using a single shared data link.

Blog

#toolrelease