No announcement yet.


  • Filter
  • Time
  • Show
Clear All
new posts

  • EAPHammer

    Friday from 12:00 – 13:50 in Sunset 1 at Planet Hollywood
    Audience: Offensive security professionals, security analysts and network administrators, executive leadership, end-users Gabriel Ryan

    EAPHammer is a toolkit for performing targeted rogue access point attacks against enterprise wireless infrastructure. It is designed to be used in full scope wireless assessments and red team engagements. As such, focus has been placed on providing an easy-to-use interface that can be leveraged to execute powerful wireless attacks with minimal manual configuration.

    This summer will mark the third anniversary of EAPHammer since it was released at DEF CON Demo Labs and BlackHat Arsenal in 2017. It's also the most exciting and complete version of the tool yet, with the addition of a number of features that were requested directly by users at Demo Labs in 2018.

    EAPHammer now supports most of the bleeding edge attacks that have been discovered by the wireless community over the past few years, including:

    - WPA3 Transition Mode and Security Group Downgrade Attacks
    - Reflection and Invalid Curve attacks against EAP-pwd
    - GTC-Downgrade, Fixed Challenge, and EAP Relay attacks against WPA/2-EAP
    - PMKID attacks against WPA/2-PSK networks
    - Known Beacons Attack and Legacy SSL Support
    - External Certificate Handling and Import

    Perhaps most excitingly, we've also included some never-before-seen attacks against Opportunistic Wireless Encryption (OWE), which is better known as "Enhanced Open".

    Gabriel Ryan
    Gabriel Ryan is an offensive security R&D and consultant at SpecterOps. He is the author of EAPHammer, a toolkit for performing targeted rogue access point attacks against enterprise wireless networks. Gabriel has presented at DEF CON, DerbyCon, Hackfest, and several Security BSides conferences on topics ranging from infrastructure security to access control protocols and red team tradecraft. His professional interests include wireless security, systems internals, low-level programming, and infrastructure automation.