The little phone that could ch-ch-chroot. presented at BSidesLondon 2019

by Mathew Whitter-jones,

Summary : Security testing or penetration testing has been a career path that many are beginning to take. Penetration testing is the umbrella term for many different types of engagements, ranging from web, infrastructure and social engineering. With the growing risk of sabotage and/or corporate espionage it has been seen that many organisations are beginning to develop a tactical capability. In doing so, the term ’Red Team’ has been coined to market such engagements. Red Teaming is the method of having almost free reign towards a target to stress test the full capability of the organisation. However, Red Teaming can be an expensive and resource intensive task. This talk discusses the cost and toolkit required to carry out Red Teaming. As well as the research and development towards making a covert disposable phone to help aide Red Teamer’s with the reconnaissance phase of a test without drawing attention to themselves within a day to day task.