Danijel Grah
Security Consultant Viris (SI)
BIOGRAPHY
Danijel Grah has a Bachelor degree in Computer Science at the University of Ljubljana, Slovenia.
He is a Security Consultant at Viris for some time and is involved in penetration testing, security reviews, programming, consulting and research. He has deep understanding into threats, vulnerabilities and trends.
He likes to practice Information Security in everyday life. Danijel is devoted to his work, open minded, enjoys new challenges and he never stops studying.
ELK stack for Hackers
Visualizing Wi-Fi traffic is today more or less limited to console windows and analyzing different logs from aircrack-ng toolset. There are some commercial tools, but if we want to stay in open source area we need to find better solution. So ELK stack was used to gather, hold, index and visualize data. For input modified version of airodump tool was used. With this some amazing dashboards can be created and some interesting data can be correlated and some deep digging can be made for Wi-Fi packets.
When doing penetration tests we often run into big number of different data. One of those fields are also Wi-Fi networks. When doing Wi-Fi analysis we are mostly focused on using aircrack-ng or Kismet toolset. This means, that we are generally limited to terminal windows and text outputs. This kind of data is hard to visualize and since humans can easily analyze data when there is good visual representation, there is place to do some research in this area.
To get data into ELK stack is another thing. Current tools don’t provide any JSON output to logging component of and ELK stack. So we tried different things to get JSON output, but best solution was to just change source code and recompile airodump tool. With this we created right input for Elasticsearch.
Visualization with Kibana from gathered data can be quickly done and doesn’t required any programming skills. With this quick interesting dashboards can be created and very good visibility can be achieved.
We could visualize following data:
• Number of open and protected Wi-Fi networks
• Number of clients connected to different Wifi networks/stations
• Number of clients on stations in time
• Clients that broadcast send most beacons over Wi-Fi
• Manufacturer information about clients and stations.
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Mohamed Bedewi
Senior Security Researcher and Penetration Tester (UAE)
Andrey Lovyannikov
Co-Founder AVULN Security Industries & Embedded Systems Reverse Engineering Expert (RU)
Cosmin Anghel
Incident Manager UTI-CERT
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Romania is part of the Orange Group, one of the largest global telecommunications operators that connects hundreds of millions of customers worldwide. With over 11 million local customers and an annual turnover exceeding 1.5 billion euros, Orange Romania connects 1 in 2 Romanians and offers an extensive range of communication solutions for both individual and corporate customers, from basic connectivity services to complete mobile, fixed internet, TV packages, and complex IT&C solutions through Orange Business.
Orange Romania is the number 1 operator in terms of network performance, and also holds nine consecutive Top Employer certifications, which confirm that Orange Romania, in addition to the remarkable products and services it offers, pays special attention to its employees and working environment. In the past 3 years Orange has launched two 5G Labs in Bucharest and Iasi, that aim to support researchers, startups and companies to test their 5G solutions in advance.
In addition, Orange is a long-term supporter of the startup ecosystem through the Orange Fab accelerator program designed to support entrepreneurs in the development of innovative products and their distribution locally and internationally.