At today's SANS SCADA Conference in Orlando Josh Wright of InGuardians gave a very interesting talk on Zigbee security. Josh is leading a project to build a framework for Zigbee analysis tools that he calls "Killerbee". From the project website:
KillerBee is a Python based framework and tool set for exploring and exploiting the security of ZigBee and IEEE 802.15.4 networks. Using KillerBee tools and a compatible IEEE 802.15.4 radio interface, you can eavesdrop on ZigBee networks, replay traffic, attack cryptosystems and much more. Using the KillerBee framework, you can build your own tools, implement ZigBee fuzzing, emulate and attack end-devices, routers and coordinators and much more.
Let us know via our contact page or via the comment link below if you are doing any Zigbee experimentation and what you've learned so far.
Marcus H. Sachs
Mar 30th 2010
1 decade ago