chunky boy so one of the coolest things
about being a tic toc creator with a
relatively large audience is that often
you guys will reach out to me through
twitter and tick tock in order to ask me
questions and the question that i get
most often of all is as a cyber security
professional what sort of gear do i
carry with me
on a daily basis so let's take a look at
my edc starting with the things in my
pockets
now the first thing that we have is
going to be a knife i will often rotate
between this tiger chinese switchblade
and this spyderco knife to be honest i
like the spyderco more but this takes up
less space in my pocket and because it's
the same pocket that i have my phone in
i often go with a tiger now my phone
which isn't in the video because it's
what this is being filmed on
is a oneplus 7t pro mclaren edition
which i firmly believe
is one of the sexiest phones ever made
after that i have my wallet including
this awesome
hp lovecraft coin that my girlfriend got
me that says yes and no on one side and
the other
and then after that we also have my
multi-tool which is the leatherman wave
i actually bought this on the
recommendation of adam savage as it's
the multi-tool that he carries
and i have to be honest this is the best
multi-tool that has ever been
manufactured
especially because of this screwdriver
bit
it is phillips head on one side and
standard on the other and i love it
because and i don't understand how this
works
the phillips side will fit literally any
screw i think it's because it's actually
uh kind of rectangular shaped and it's
not as wide
as it is tall but it fits every screw i
love it and i use it on a daily basis uh
all the time in the data center
now moving forward from that we have my
pair of bluetooth headphones
i used to carry uh airpods so this is
the case
from the gen 2 airpods then i had the
earpods pro
i didn't like those as much so i
switched back to these and now i
lost these so unfortunately i'm not
carrying that anymore
but i have recently bought the oneplus
buds as they are cheaper and seem to be
around the same quality
so moving forward i'll be carrying those
now on to the watch that i have
i have a pretty large collection of
watches that i rotate between but
currently i have been switching back and
forth between the invicta speedway
chronograph which is an homage to the
rolex daytona
and this uh smartwatch which is i
believe uh the
moto 360 i think um i actually don't
remember
it is running a custom uh linux image
though which i like the memory of having
linux
run on my watch but it's a very good
smart watch and i put this leather band
and it normally comes with the metal
this one i don't carry in my pockets all
the time but it is on me most of the
time and it is the canon ae1
35 millimeter slr i love this camera
i've been getting back into film
photography recently so i've been trying
to bring this with me everywhere i go
this is the black and stainless edition
and it has a 50 millimeter 1.4 lens on
there
as far as the film that i use i do
rotate through a couple of stalks but
the one that i use most often
is the classic portrait 400 because you
just can't beat the warm colors
plus it overexposes really well and last
but not least we have the ray-ban club
masters which is my favorite pair of
sunglasses
now as for the bulk of my edc that's
where we come to the backpack and much
like a purse i have this with me pretty
much
everywhere i go i cannot think of a time
within the last couple of years
where i left the house without this
backpack uh and
that's pretty much it i carry it with me
all of the time what we're going to do
is we're going to kind of go through it
pocket by pocket starting at the front
this front pocket doesn't have anything
in it because it's broken uh and i'm too
lazy to fix it first of all the backpack
is made by a company called ogio i don't
have the specific model but there will
be a link to it
on amazon in the comments down below or
in the description of the video rather
now in this first pocket i have a couple
of basic things the first of which is
what i call the doomsday database
this is actually a four terabyte solid
state drive in a little enclosure
that is basically a backup of all of my
favorite music movies and tv shows as
well as common resources that i use
like various tools that i could get to
without having to have internet
as well as a bunch of different iso
images for different os's
um now moving on we also have
uh my old oneplus phone this is a rooted
oneplus 6t
uh that is actually not broken i thought
this one is broken
uh with the original carbon case on it i
keep this as kind of like a pocket
server because it has a self-contained
battery it does mobile hotspotting
and because it's rooted i can run pretty
much any linux tools that i need to run
on here and
it's basically a pocket server moving on
from there
we have this awesome little i believe it
is called the
where is it ts 100 soldering iron now
this thing is dope it's a very compact
soldering iron
that is either run off of a wall plug
like this or
uh there's another adapter that you can
get where you can actually run this off
a common drone battery
unfortunately i don't have one of those
with me but in a pinch it's very easy
for soldering
for different hardware hacking or
building purposes as well as normally i
have some tinned solder
in my pack however i don't have that
with me at the moment because i've
recently run out
and i think that's all for this pack yep
all right now moving down
into the next compartment uh i have
right off the bat a multi-colored pen
uh your standard bic model and then also
a
standard black whiteboard marker i
actually have this because i have found
anywhere there is a window there's a
whiteboard and it's really good to be
able to plan out different things and
whether you're in a coffee shop or an
airport or an office building it's nice
to be able to pop a whiteboard next to
you
in addition to that i have this anker
powercore qualcomm
quick charge 3.0 battery this thing is
definitely starting to see its age but
it does have quite the capacity on it
i'm trying to remember exactly how much
it has
yep that is completely faded off the
bottom there will also be a link to this
on amazon but it's a fantastic battery
and it's very meaty
and then below that i have my pocket
journal including this
awesome bullet pen that my girlfriend
got me for my 22nd birthday
uh i absolutely love the way that it
looks and it has a quick release there
a little rifle on it to match the bag
this is just something where i can you
know plot out notes
or figure out quick problems things like
that always good to have a notebook
now moving on from there i believe that
is all
for this bag yep oh yeah these are some
accessories for the
oscilloscope you'll see down below
moving on
i'm actually going to come back to this
compartment since that's the main one in
this top pouch here which i believe is
intended to actually be a sunglass pouch
i have two things this is a expandable
ethernet cable i can't tell you how many
times i've needed a quick ethernet cable
whether it's to run a lan tap or just
jack into a network
and this thing has saved my ass about a
million times one thing that i would
change if i were buying this gear now
is that because this is flat and it's
not shielded twisted pair
sometimes if i am using this in the
vicinity of my sdr
i will see some electromagnetic
interference from it
so if you can find one of these that's
in a shielded twisted pair version i
would recommend going with that
even if it is a little bit bigger now
moving on from there i have the logitech
mx master mouse
i am firmly of the belief that this is
the best mouse that has or will ever be
made
uh i have very large hands and this
mouse just fits my hand perfectly
it has both uh a multi-scroll wheel here
meaning that when it's turned on
you have clicks if you scroll slow
or it moves into this kind of linear
actuation where oh come on is it dead
there you go so you'll notice no more
clicks if you scroll fast it'll continue
to scroll so getting through a long web
page
is very easy it also has side scroll
forward and back buttons and the buttons
on it are very tactile and clicky
big big like all right and
i believe last but not least regarding
the main pouch oh yeah i do have here
um these buckles come off the side
and then down in here i have
an ipad pro i'm not specifically sure
which
model this is i don't keep too up to
date on the apple products but it is
got the bluetooth apple pencil it works
kind of well as a mobile whiteboard and
there's a couple applications i do like
for it but to be honest
i don't really use it that much and it's
the one thing in my kit that i could
probably forget and not really miss
um but this is one of my absolute
favorite tools in my bag it is the hon
tech pocket oscilloscope
coupled with all of its various leads
this tool is quite literally invaluable
to me
i use it pretty much every day and it
really really helps to solve different
problems
it is a completely self-contained
battery-powered oscilloscope
that can hook up to this probe here and
basically
if you don't know what an oscilloscope
is you can attach this to different
leads in an electrical circuit or device
and you can look at the fluctuations in
power as a function of time
to look at the logic that that circuit
might be performing it is not a logic
analyzer
but does provide a lot of interesting
information about electrical circuits
and also
it doubles as a multimeter so i can put
it into this mode attach the black and
red leads here
into one of these different ports and
then i can measure different voltages
currents resistance things like that
when you're working with hardware
electronics this thing is literally a
lifesaver
and it was a fantastic christmas present
from my parents
moving on last but not least except for
the main pouch
is my laptop my laptop is a
dell uh 15-inch xps i do
love this laptop uh it's got the kind of
carbon fiber
here very clicky keyboard and currently
the laptop
is running uh with a triple boot of
ubuntu 20.04
uh parrot os which is actually i've been
using as opposed to kali linux because i
prefer its
tool set and it's a little bit nicer
looking than cali is
and also we have windows 10.
now this main compartment in my backpack
houses these four packs each of which
contain the gear that i use most often
as well as my laptop charger
we're gonna save this one for last
because this is by far the coolest one
as it contains all of my hacking gadgets
but first let's take a look at these
three starting here
this is a box that contains my wh 1000
mx3 sony bluetooth headphones
these were a wonderful birthday gift
from my girlfriend much like the pen
these are hands down the best bluetooth
headphones i have ever seen
you can run in-line aux with them which
is very nice they charge through usbc
insanely quickly i think you get like uh
i believe you get five hours of
listening time
off just 10 minutes of charging their
nfc tap to pair
they fold the sound quality is amazing
on them they're very comfortable and i
also think
that they are relatively stylish so i
like them a lot
plus active noise cancellation which is
good enough that i actually have worn
these in the data center before
and they've cut a lot of the noise out
for me so if you are looking for a good
pair of bluetooth headphones i cannot
recommend these ones
highly enough we'll tuck those away
now next up is my ifixit kit this is
kind of my
get into anything bag it has all the
tools that i need to disassemble pretty
much any electronic device including
plastic pry bars suction cups for screen
removal and esd
wrist thing so i can ground myself and
not statically shock a system
you can actually buy this there will be
links to all the items that i show here
down in the
description of the video but there is
one change which i have made to this bag
which is the addition of a set of
surgical stainless steel hemostats
uh i found these do come in handy for a
number of things whether it be weighting
something down or clamping off a hose
they definitely help so that is their
intended purpose
and that is it for the ifixit kit pretty
standard
these are very common amongst
technicians and a great way to get into
things because that
multi-driver pouch does have all of the
security torque so it makes it very easy
to get into electrical devices
and this is my bag o lock picks
uh i have not really all of my lock
picking gear in here but everything that
i could feasibly need
uh relatively quickly um come on
guys not cooperating with me there we go
all right in here i have a set
of tubular lock picks these things are
awesome uh
for like those tube style cabinet lock
picks or sometimes you see them on tool
chests and stuff
uh you basically just uh barrel the lead
like this
run them up against a flat surface you
can adjust the tension with the bands
and then you pretty much just push them
into the lock and twist
and then they will snap it open makes
picking two blocks very easy
and is quite beneficial i have all the
tools for those in there
moving forward from that i do have a
southerford lock pick or sorry southern
lock pick
as well as a couple of couple of bump
keys that i keep on the outside here for
common schlage locks
uh and kwikset as well uh pretty
standard assortment of tools here i do
have one heavy bit handle
with an allen key that i can throw
multiple different lead multiple
different picks in
they'll take any of the standard
southern style picks gives me a little
bit more weight i like it and then
in this pouch here i have some green
o-rings that go on the bump keys to
automatically reset them
and that overall is actually a nice
quality of life feature for the bump
keys
now if i'm not feeling particularly
lock picky today or i happen to be more
inebriated than normal defcon
that's why i have this pick gun uh you
can buy these for pretty much nothing on
ebay
amazon or alibaba and the basic idea of
this is is that you put a
pick lead in here and you push this
handle and it goes
and it just slaps the keys up and you
just do that with a tension wrench until
the lock turns it doesn't work on
everything but when it works it is
insanely easy
and can save you a lot of time though it
isn't the most discreet method because
it does make
a hell of a lot of noise and last but
not least let us move on to the hack
five bag
this is uh definitely the one thing in
the pack that i would be the most
devastated if i lost
i originally got this bag at my first
defcon defcon 24 where i bought some of
the gear in this bag and i've spent the
better part of the last four years
shoving more gear into it so uh starting
at the most outward level here
i do have a little defcon notebook that
i got at defcon 27 that has some paper
in it
uh to be honest i keep forgetting this
is in here so i've never actually used
it but it's kind of another notebook if
i need it
then moving down into the first level we
begin to see
all of the hacking goodies that are in
here so starting with this pouch
i have a micro usb cable here as well as
a usb to usbc cable that is for the
anker
multi-usb hub as well as an ethernet
adapter because unfortunately i don't
have a full-size ethernet on my laptop
i also have 128 gig sandisk usb here
for general usb things this hot wheels
car
which is actually my good luck charm
gift from my parents there's a whole
story with that but we won't bore you
with it
uh this is an anchor usb-c to usb-a
adapter i do have full-size usb-a ports
but for a period of time i was carrying
the macbook pro which was all usbc
i'm so glad i don't have that laptop
anymore in here
i also have a series of four boot disks
these come in handy all the time
the p is for parrot os the w is for he
who shall not be named
windows then i also have cali os
there and last but not least ubuntu
20.04 i make sure to update all of these
images as frequently as possible
so they are always up to date and with
the latest security
benefits i've got a couple of misc
adapters here
that just adapt between various types of
usb
devices which can can come in handy to
be honest i don't use them that much but
i have thrown them in there
and then i do have four antennas in here
for the wi-fi pineapple that you will
see in the rear of this pack
we'll set those aside so we can put them
on and last but not least i do have a
graphite lead pencil
these are really nice an architect
artist friend of mine
gave this to me and it does come in
handy it's the pacific arc
uh h1305 great pencil
though generally i prefer pens now
starting over here for the gear this is
where it really starts to get
interesting
first things first is the hack five bash
bunny you're gonna notice the theme here
a lot of these are hack five
kit they just sell amazing tools and
every time they come out with one i
basically have to get it because they
really expand my capabilities
the bash money is essentially a fully
compatible linux computer that can run
any type of bash script as well as
emulate a bunch of devices when plugged
into usb
and all of the things you're going to
see here well basically all of the hack
5 gear
can hook up to cloud c2 and i'll explain
that in the end
moving on we have the hack 5 key croc
this is actually
a hardware keylogger and it is
incredibly capable
unlike normal keyloggers where you plug
them in line between a keyboard and a
computer and then they just write one
massive file to an sd card
that you have to come back and manually
get this can do
a ton of smart recording as well as
impersonating an hid
which is a human interface device in
order to inject keystrokes and things
like that so basically when i plug this
into a computer
with a keyboard on the other end it will
pretend to be the keyboard
it will record all keystrokes from that
keyboard log specific ones that match
regex patterns do a ton of smart stuff
and
using cloud c2 i can even inject
keystrokes wirelessly through here
so long as it is connected to the
internet next up
we have the proxmark v3 easy as well as
a couple
of uh rfid enabled cards here this is
really really useful for taking
rfid access cards like you see in a lot
of tech businesses
cloning them onto different cards like
this and it allows me to get through
different uh bypass
restriction systems or access controlled
systems so that's very useful though
unfortunately it doesn't see too much
use uh here we have two of what i will
argue are probably the most famous of
the hack five gadgets these are the
infamous
usb rubber duckies they look like a
generic usb that you could get from
pretty much anywhere
for example it is very common sorry newt
for companies to give out like for
example staples easy tech uses little
usbs like this
but the usb rubber ducky is indeed more
than it appears to be
because if we take a look under the hood
here and i did make a video on this on
my tik tok channel but if we pry the
casing
open you can see that tis not a usb tis
actually
a micro sd card enabled human interface
device controller
which means that you can write scripts
on here in a language called duckyscript
drop a bunch of these into a parking lot
like mr robot and then somebody will
come by
be fatal fatally curious plug this into
their workstation and it'll run whatever
exploit you have
currently on it by basically being able
to do anything that you could do where
you sitting in front of the keyboard
moving on from there we have the land
turtle i love this thing a great way of
getting shells it
is basically a usb ethernet adapter that
can sit in line and do a bunch of
man-in-the-middle attacks very useful
piece of kit
this here is the hack five packet
squirrel another new addition to my pack
it is actually a usb-c powered lan tap
so you can plug this in line
between an ethernet cable on either side
and then you can intercept packets on it
without actually interrupting the
traffic flow or modify packets on the
fly using wireshark
and a couple of different scripts so a
good example of how you might use
something like this is if you are able
to find a security camera
that has an ethernet connection for
sharing its video and it is unencrypted
i can put this in the middle of that
ethernet line and grab whatever video or
pictures it is sharing over the network
directly from here
save them to a device and then just bail
out when it's done um
this is the hack five shark jack it is
an awesome little piece of kit
it essentially runs a series of
automated nmap payloads whenever it's
plugged into an rj45 jack
and it is battery powered so it doesn't
need poe you can select between its
different modes here and it is of course
powered by usbc
because hack5 understands that usbc is
the future
um i've got a couple of other misc
things in here different adapters
another rfid token and a bunch of sd
cards but
we can skip past all of that since
that's not really interesting
and moving to the back of the pack we
see some more of the goodies
starting here this is actually a
raspberry pi zero w
in a case it's always convenient to have
a little computer like this on you a lot
of the times i will have it run linux
but it's perfect as another pocket
server if i don't have the android phone
on me
and you can leave one of these on a
client location and do a lot of damage
with it
next up is the hack five screen crab
another really cool piece of kit from
hack five
the screen crab basically sits in line
for an hdmi connection
so you would plug the input of hdmi in
here
and the output of the hdmi in here and
it would look normal to the person using
the computer but this little device
would take that hdmi signal and make it
available through the internet
to me so that i can drop one of these on
a client site go home and then using
cloud c2 which is their cloud platform
i will be able to essentially look at
this video feed take pictures and videos
whenever i want
and there's a lot of interesting
applications for this though as of yet
i haven't had a way to deploy this on a
client site so we'll see what happens
with that
moving forward we have two different
wi-fi pineapples this one here is the
wi-fi pineapple nano uh this is the one
i most often
will use with uh my android phones in
fact oftentimes i will use this
along with the oneplus 6t that i guys
showed that i showed you guys earlier
in order to control it through there so
this is a good mobile setup or if i'm
trying to do some more serious wi-fi
interception
that is where the wi-fi pineapple tetra
comes in
this is the first hack five gear i ever
bought was the tetra in this pack
and it was so graciously signed by
darren kitchen and snubs of hack five
fame
if you're into the hacking scene and you
don't know who they are please reassess
your life and go check them out because
they are definitely the coolest channel
in cyber security on youtube
um you get these crazy antennas on here
a lot of you guys might have seen this
uh in an episode of silicon valley where
they used the wi-fi pineapples to
force people to sign up for their app
and they had to chase them around the
convention center
but tis a real thing not just hollywood
glory and it's a very cool device that
does
uh it's what they call a rogue ap so
basically
you can force devices to connect to this
as opposed to a normal network
pass the internet through so it looks
normal to the client and then you can
interfere with a bunch of packets on it
but it's a good
source of wi-fi auditing unfortunately
as time has gone on and https and better
internet encryptions have popped up
it has limited the use of it but i do
still carry it because every once in a
while you find a really good use case
for it
um i have the cable for that and lastly
i think this is the last thing in the
pack that i have to show
you guys is one of my favorite tools uh
this is the hack
rf one which is in my opinion
the best sdr tool that you can buy i
have uh some of the rtl sdr dongles that
you can buy for 20
and they're great but all they can do is
reception this device here
can do both reception and broadcast on a
very wide array of signals i think up to
like
i wanna say like six gigahertz i'll put
the actual thing on screen now
uh but this has a myriad of very useful
exploits that you can perform with it
uh just to give you an example of one if
you look up
the public fcc information about a
wireless key fob like for example
this that you use to open a car you can
actually record the opening signal
with this tool jam it so that it doesn't
go to the car and then later
replay that attack so that you are able
to essentially unlock the car
without the keys as well as opening
garage doors or interfering with any
number of radio signals
i particularly like this device because
in my opinion
the radio frequency is at least
currently one of the least
secure layers in any sort of
infrastructure
you can't really see it so a lot of
people don't think about protecting it
but there have been certain
implementations over the last couple of
years
that have made it slightly more secure
but overall there's still a lot of
vulnerability there so if you don't have
an sdr
i highly recommend that you pick one up
well that is pretty much
everything in my pack as you can see it
is almost an entire counter's worth
cat not but standing but that is the
gear that i carry with me every day is
it overkill
yeah it's overkill and do i use all of
it every day no i don't but
i like carrying it with me because you
never know when you're going to need it
and whether i bring it with me to a
client gig or just in daily use i often
find uses for these tools
that they were never designed for that i
just find genuinely useful
for example if you combine the key crock
with the screen crab
what you basically have is a hardware
equivalent to teamviewer
that's a lot more secure so overall
i like carrying stuff last thing that i
didn't explain however is the hack5
cloud c2
the c2 stands for command and conquer it
is hack five's solution
uh essentially for controlling all of
the iot devices that they offer
wirelessly so basically i have mine set
up running on a server in the cloud
all of my devices have config files
where they will connect to it
automatically and from there i can
administrate them get loot from them and
control them in any way that i want
uh including you know being able to do a
remote key injection through the key
croc
or look at the photos from the screen
crab or control the land turtle or the
wi-fi pineapples
all from afar so i don't even have to
actually be on site
but that's pretty much everything i hope
you guys found it interesting
seeing what i carry on a daily basis and
i'd love to know what you carry so
please feel free to make a video
reaction to this or let me know in the
comments what sort of things you think i
should add or take away from the pack
thank you very much
oh you're good you're very good