Skip to content

Commit 1bed44a

Browse files
Cr0wTomCr0wTom
committed
Talks and Tools Update
Addition of two automotive security talks and one new tool. Talks: - TR22: UDS Fuzzing and the Path to Game Over - CCC - Horror Stories From the Automotive Industry Tool: Caring Caribou Next
1 parent 474a367 commit 1bed44a

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

README.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -98,6 +98,8 @@ These lists are related to a specific protocol that you will find in the world o
9898
- [TR19: Automotive Penetration Testing with Scapy](https://www.youtube.com/watch?v=7D7uNqPWrXw) - Overview on how Scapy can be used for automotive penetration testing at Troopers Conference 2019.
9999
- [Analysis and Defense of Automotive Networks](https://www.youtube.com/watch?v=a1huGwMjjd4) - Overview of CAN, security, and potential intrusion detection approaches at BSides Knoxville 2020
100100
- [Remote Exploitation of Honda Cars](https://www.youtube.com/watch?v=y4Uzm-CTa0I&ab_channel=CarHackingVillage) - The Honda Connect app used by Honda City 5th generation used weak security mechanisms in its APIs for access control which would allow a malicious user to perform actions like starting the car, locking/unlocking car etc. remotely by interacting with it's Telematics Control Unit (TCU)
101+
- [TR22: UDS Fuzzing and the Path to Game Over](https://www.youtube.com/watch?v=c_DqxHmH7kc) - UDS diagnostics protocol fuzzing methodology, presented as a result of numerous penetration testing projects in the automotive industry, with real world exploitation PoCs, presented during Troopers Conference 2022.
102+
- [CCC - Horror Stories From the Automotive Industry](https://www.youtube.com/watch?v=rAA-agcNeeg) - Horrifying examples of common vulnerabilities in the automotive industry, result of more than 100 penetration tests targeting Tier 1 suppliers and OEMs, with ultimate goal to raise awareness on the current state of automotive security. Additionally, PoC of automated week seed randomness exploitation in automotive components, by using a battery isolator in heavy-duty vehicles and the UDS protocol, for complete compromise of a target. Presented in Chaos Communication Camp, DeepSec 2023 and Troopers Conference 23.
101103

102104
## Books
103105

@@ -324,6 +326,7 @@ Libraries and tools that don't fall under the larger class of applications above
324326
- [canmatrix](https://github.com/ebroecker/canmatrix) Python module to work with CAN matrix files
325327
- [canopen](https://canopen.readthedocs.io/en/latest/) Python module to communicate with CANopen devices
326328
- [cantools](https://github.com/eerimoq/cantools) Python module to decode and encode CAN messages using a DBC file
329+
- [Caring Caribou Next](https://github.com/Cr0wTom/caringcaribounext) - Upgraded and optimized version of the original Caring Caribou project.
327330

328331

329332
### Go

0 commit comments

Comments
 (0)