PlugBot is a hardware bot. It's a covert penetration testing device designed for use during physical penetration tests. PlugBot is a tiny computer that looks like a power adapter; this small size allows it to go physically undetected all the while powerful enough to scan, collect and deliver test results externally.
How do you use it?
Gain access to the target location (conference room?), plug the PlugBot in the nearest wall outlet and walk out. The PlugBot is configured to make an external connection (Wi-fi or Ethernet) to a specified IP address to receive instructions. Central Command allows the penetration tester to invoke scripts and applications. Output as a result of testing is encrypted and securely transmitted to the Drop Zone where data is imported into Central Command for analysis by the pen tester.
Note that it has a squid logo.
Posted on December 24, 2010 at 1:14 PM • 45 Comments