Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Zigbee Analysis Tools - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Zigbee Analysis Tools

At today's SANS SCADA Conference in Orlando Josh Wright of InGuardians gave a very interesting talk on Zigbee security.  Josh is leading a project to build a framework for Zigbee analysis tools that he calls "Killerbee".  From the project website:

KillerBee is a Python based framework and tool set for exploring and exploiting the security of ZigBee and IEEE 802.15.4 networks. Using KillerBee tools and a compatible IEEE 802.15.4 radio interface, you can eavesdrop on ZigBee networks, replay traffic, attack cryptosystems and much more. Using the KillerBee framework, you can build your own tools, implement ZigBee fuzzing, emulate and attack end-devices, routers and coordinators and much more.

Let us know via our contact page or via the comment link below if you are doing any Zigbee experimentation and what you've learned so far.

Marcus H. Sachs
Director, SANS Internet Storm Center


301 Posts
ISC Handler
Mar 30th 2010

Sign Up for Free or Log In to start participating in the conversation!