ProtonMail on Mr. Robot - ProtonMail Blog

Mr. Robot’s Toolbox

1. DeepSound

DeepSound is a steganography tool and audio converter that hides secret data into audio files.

▻http://jpinsoft.net/DeepSound

2. ProtonMail
Web-based, privacy-oriented e-mail with end-to-end encryption hosted in Switzerland. All the messages are encrypted in the user’s web browser before it reaches the ProtonMail servers. ProtonMail doesn’t hold the password and can never decrypt user messages. It works with two passwords, a user password and a mailbox password.

►https://protonmail.ch

More details about the security used:

▻https://protonmail.ch/pages/security-details.html

3. Raspberry Pi

►https://www.raspberrypi.org

4. Tastic RFID Thief

The Tastic RFID Thief is a silent, long-range RFID reader that can steal the proximity badge information from an unsuspecting employee as they physically walk near this concealed device. Specifically, it is targeting 125KHz, low frequency RFID badge systems used for physical security.
▻http://www.bishopfox.com/resources/tools/rfid-hacking/attack-tools

5. RSA SecurID
For 2FA (Two-Factor Authentication).

▻http://www.emc.com/security/rsa-securid/index.htm

6. Kali Linux
A Debian-based version of Linux that’s specifically built for penetration testing and security auditing.

▻https://www.kali.org

7. John the Ripper
A password cracker tool use to detect weak Unix passwords.

▻http://www.openwall.com/john

8. Metasploit and Meterpreter
A penetration testing tool.
(Penetration testing is the process of identifying security gaps in your IT infrastructure by mimicking an attacker. Think about it as quality assurance for your IT security.)

▻http://www.rapid7.com/products/metasploit/index.jsp

Meterpreter is a payload (tool) for Metasploit. It uses in-memory DLL injection stagers and is extended over the network at runtime.

▻https://www.offensive-security.com/metasploit-unleashed/about-meterpreter

9. Social-Engineer Toolkit

TrustedSec’s Social-Engineer Toolkit is an open-source pen testing framework designed specifically for simulating social engineering attacks, such as phishing, spear phishing, credential harvesting, and more
▻https://www.trustedsec.com/social-engineer-toolkit

10. FlexiSPY

A tool that lets you monitor other people’s device activities with an online portal. FlexiSPY doesn’t recover past data, but can show you anything still stored on their phone’s memory or SIM card,
▻http://www.flexispy.com

The WIRED article in which these tools are mentioned:
(warning, if you still have to see it, it contains spoilers about the technology used and in what episode & what for)

▻http://www.wired.com/2015/08/peek-inside-mr-robots-toolbox

WIRED Security writer Kim Zetter called it “the best hacking show yet.”

#security
#privacy
#hacking