Danijel Grah

Security Consultant Viris (SI)

BIOGRAPHY

Danijel Grah has a Bachelor degree in Computer Science at the University of Ljubljana, Slovenia.
He is a Security Consultant at Viris for some time and is involved in penetration testing, security reviews, programming, consulting and research. He has deep understanding into threats, vulnerabilities and trends.

He likes to practice Information Security in everyday life. Danijel is devoted to his work, open minded, enjoys new challenges and he never stops studying.

ELK stack for Hackers

Visualizing Wi-Fi traffic is today more or less limited to console windows and analyzing different logs from aircrack-ng toolset. There are some commercial tools, but if we want to stay in open source area we need to find better solution. So ELK stack was used to gather, hold, index and visualize data. For input modified version of airodump tool was used. With this some amazing dashboards can be created and some interesting data can be correlated and some deep digging can be made for Wi-Fi packets.

When doing penetration tests we often run into big number of different data. One of those fields are also Wi-Fi networks. When doing Wi-Fi analysis we are mostly focused on using aircrack-ng or Kismet toolset. This means, that we are generally limited to terminal windows and text outputs. This kind of data is hard to visualize and since humans can easily analyze data when there is good visual representation, there is place to do some research in this area.
To get data into ELK stack is another thing. Current tools don’t provide any JSON output to logging component of and ELK stack. So we tried different things to get JSON output, but best solution was to just change source code and recompile airodump tool. With this we created right input for Elasticsearch.

Visualization with Kibana from gathered data can be quickly done and doesn’t required any programming skills. With this quick interesting dashboards can be created and very good visibility can be achieved.
We could visualize following data:
• Number of open and protected Wi-Fi networks
• Number of clients connected to different Wifi networks/stations
• Number of clients on stations in time
• Clients that broadcast send most beacons over Wi-Fi
• Manufacturer information about clients and stations.

Are you the next cyber security superstar?

If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.

Other speakers joining this year

Costel Maxim

Security QA Lead Intel's Open Source Technology Center (RO)

Cosmin Anghel

Incident Manager UTI-CERT

Georgia Weidman

Founder and CEO Bulb Security and Shevirah (USA)

SPEAKER INTERVIEW AVAILABLE

Ready for this year's presentations?

By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.

0
SPEAKERS
0
COUNTRIES
0
ATTENDEES
0
HACKING
COMPETITIONS
0
COMPANIES

Sponsors & Partners

They help us make this conference possible.

POWERED BY

As an infrastructure operator, technology integrator and IT&C services provider, Orange Business Services supports businesses and public entities in their digital transformation. Collect, transport, protect, store and process and analyze: they orchestrate every phase of the data journey, for your business to create even more value.

WWW.ORANGE.RO

PLATINUM PARTNERS

Ixia provides testing, visibility, security solutions, network testing tools and virtual network security solutions to strengthen applications across physical and virtual networks.

WWW.IXIACOM.COM

Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

WWW.SECUREWORKS.COM

GOLD PARTNERS
SILVER PARTNERS
GAMING PARTNERS
VIP & SPEAKER LOUNGE PARTNER
BRONZE PARTNERS
COMMUNITY & MEDIA PARTNERS