Archive: 2018-05

We at CERT are very proud of our collaboration with ACM to create the journal ACM Digital Threats: Research and Practice. One of the goals of the journal is to facilitate the communication between researchers and practitioners in the field of Cybersecurity. We have two columns to aid us in achieving this goal.

A few years ago, I announced the release of CERT Tapioca for MITM Analysis. This virtual machine was created for the purpose of analyzing Android applications to find apps that don't validate SSL certificates. Since the original release of Tapioca, we have received a request to make it easier to use and add some additional features.

The new version of CERT Tapioca improves on the original in multiple ways in that it offers the following:

  • is installable on multiple Linux distributions.
  • contains a GUI.
  • includes the ability to utilize a HOSTAP-compatible WiFi adapter for providing wireless connectivity.
  • can save results from multiple targets tested.
  • can search network traffic for specified strings.

With this blog post I will describe a few use cases of CERT Tapioca.