top of page
Catalyst Lab Biohacking Village

Catalyst Lab

MED TEAM VS RED TEAM:

ADVERSARIAL MEDICAL DEVICE TESTING 101 WORKSHOP

Workshop by v3ga

DATE:

TIME:

LOCATION:

Thursday, August 8th, 2024

0900 -1300 PDT

Springhill Suites - Desert Inn Room

2989 Paradise Road

Las Vegas, NV 89109

Workshop Preparation

In preparation for the course, it is recommended to have a Kali Linux (or other comparable) attack system that has Metasploit installed (latest version). We will be using the Metasploit CLI, not the GUI. Also, if you have any FlipperZero/BashBunny/Malduino devices, it is recommended to bring them as we will be using them in the course ;). Please also have the Havoc C2 framework added to your Kali Linux system as we will be using this within the course. We will be using python3 within the course as well as the python 3 library boofuzz (pip3 install boofuzz).

It is also recommended to have a Windows (x64) system with Visual Studio for exploit coding we will be doing in latter portions of the course. It may be possible to complete the workshop without the Windows system; however, it is a heavy recommendation. If you cannot get a Windows VM, do not fret, we will work around this :)

This course is an entry into what is a large world of Adversarial Medical Device testing. While we aim to cover a large amount of topics, the threat landscape is vast - you will see :) . Bring your ingenuity and open minds to learn what exists within this web of connected medical devices.

Software

Virtualization

MED TEAM VS RED TEAM:

ADVERSARIAL MEDICAL DEVICE TESTING 101 WORKSHOP

Workshop by v3ga

Pre-Registration:

CLOSED

Connected medical device and medical device security assessments utilize a varying and wide range of practices, from reverse engineering to hardware exploitation. If you have ever been curious about how to get started, this is the class for you.

 

We will be covering how to get started in Adversarial Device testing, tooling, tactics and certain bypasses to restrictions you may encounter during testing these devices. Use the tactics learned to exploit devices within the Device Lab!

 

Topics:

    • Attacks against medical protocols like HL7 and DICOM.

    • Effective use of tools such as Bash Bunny, Flipper Zero and PCI Screamer against target systems.

    • Kiosk Breakouts

    • System / Antivirus / Applocker bypasses against Windows Systems

    • Linux Library Hijacking and exploitation

    • Post exploitation methodology and reverse engineering tactics to locate vulnerabilities such as static encryption keys and hardcoded passwords

The Catalyst Lab is dedicated to not just repairing what’s broken, but to innovating and enhancing our raw abilities, specific skills, and overall health and well-being. We are committed to ushering in a new era where we elevate both our world and ourselves to new heights of excellence.

​

Who We Are

At The Catalyst Lab, we bring together thought leaders, hacktivists, citizen scientists, and manufacturers from the biomedical industry to collaborate on cutting-edge solutions. Our efforts are focused on addressing the healthcare challenges that emerge within the Biohacking Village and beyond.

​

What We Do

We offer an interactive platform where you can engage with experts from the medical device, citizen science, and cybersecurity communities. Through comprehensive training, hands-on workshops, and innovative solutions design, we cover the full spectrum of the biomedical device and security ecosystem.

bottom of page