Brad Dixon hacks computers, devices, and IoT things. He also writes tools that hack. He works at Carve Systems performing device and software security assesments.
Recent Posts
- 2019-08-09 Hack USB with USBQ
- 2018-04-27 Manipulating APIs for Security Test Automation
- 2018-04-03 Should GNSS be a threat vector in your threat model?
- 2017-09-20 Proxying WBXML Services
- 2016-08-06 pin2pwn: How to root an embedded Linux device with a sewing needle
- 2015-10-30 IoT Hacking: Peeking in IPSEC tunnels with Wireshark
Projects and Tools
- USBQ Toolkit: Python-based programming framework for monitoring and modifying USB communications.
- edope.bike: Hacking bike technology.
- Restrike: Restrike is a framework for modeling and performing security testing of REST APIs. Unpublished but in active use at Carve Systems.
- Autopsy: Android device analysis framework that would suck the software out of the device and build an analysis database which can be used to find security misconfigurations and test the device for known vulnerabilities.
- CDPS: Markdown-based document system. Write Markdown and get beautiful customer-facing reports. Used for every project deliverable at Carve Systems.
Speaking
- DEF CON 27 (2019): Cheating in eSports: How to Cheat at Virtual Cycling Using USB Hacks
- DEF CON 24 (2016): pin2pwn: How to root an embedded Linux device with a sewing needle (post)