Pwnie Express Releases Next Generation of Groundbreaking Pwn Pad

Vulnerability Intelligence and Penetration Testing Tablet is Faster, Lighter and Easier to Use than Ever

December 18, 2013

Pwnie Express today announced the release of the latest version of its lauded Pwn Pad, a tablet that provides IT professionals unprecedented mobility and ease of use in assessing wired and wireless networks.

The leader in vulnerability intelligence and penetration testing devices, the latest Pwn Pad, the Pwn Pad 2014, is faster, thinner, lighter, sharper and easier to use than ever. The ideal choice for pentester’s who are on the road or conducting a company or agency walk through, the new version of the Pwn Pad with its 7” tablet screen offers a streamlined ‘one-click’ software update process, making it to easy update.

“We are thrilled to announce the latest version of the Pwn Pad,” said Dave Porcello, Pwnie Express CTO and founder. “Using the popular Nexus 7 tablet from Google, the Pwn Pad 2014 offers a custom Android front-end with one-touch pentesting applications as well as a custom Kali Linux back-end with a comprehensive pentesting suite.”

Pwn Pad Core Features Include:

  • Custom Android front-end with one-touch pentesting applications, including Evil AP, Strings Watch, Full-Packet Capture, Bluetooth Scan, & SSL Strip
  • Custom Kali Linux back-end with comprehensive pentesting suite, including Metasploit, SET, Kismet, Aircrack-NG, SSLstrip, Ettercap-NG, Bluelog, Wifite, Reaver, MDK3, & FreeRADIUS-WPE
  • Simple web-based administration and in-product updates with “Pwnie UI”
  • 6 different covert channels to tunnel through application-aware firewalls & IPS
  • High performance CPU/GPU, large HD display, powerful battery (up to 9 hours active use)
  • External high-gain Bluetooth supporting packet injection (up to 1000′)
  • External USB-Ethernet adapter for wired network pentesting

Pwnie Express provides cost effective, rapid deployment products comprised of innovative sensors available in a variety of form factors that deliver previously unattainable intelligence that makes it incredibly easy to evaluate risk in remote and distributed environments. More than a 1000 enterprises across verticals including retail, finance, health, and manufacturing as well as service providers and government organizations rely on Pwnie Express to know who and what is accessing their networks.

About Pwnie Express
Pwnie Express is the leading provider of innovative sensors that assess network and wireless security risks in remote locations. Over 1000 enterprises and government organizations worldwide rely on Pwnie Express’s products to conduct drop-box penetration testing and receive unprecedented insight into their distributed network infrastructure. Pwnie Express’s smart devices leverage open source tools and platforms. The award-winning products are backed by the expertise of Pwnie Labs, the company’s security research arm.

[Press Release]

Hacker Academy Contest: How to Train a Pwnie

We’ve teamed up with the good folks over at the Hacker Academy to co-sponsor a contest that will award a Pwn Pad, a subscription to The Hacker Academy and your own design printed on THA’s next t-shirt!

You can register on their contest page: How to Train a Pwnie Contest.

Here’s how to enter:

How to Enter the T-Shirt Contest:

Come up with something creative and catchy. Create something that demonstrates COMPLETE PWNAGE. Slogans, images, funny photos, hand-drawn pictures all are fair game.

Submit your entry. Use the form below. The “Entry” field is where you put your masterpiece (submit images as links created through imgur.com).

Twiddle your thumbs. Sit and wait for the finalists to be announced and winners to be decided. follow the contest on Twitter with the #TrainYourPwnie hash tag and look for important updates and news via our blog at blog.hackeracademy.com and http://store.pwnieexpress.com/blogs/pwnie.

Deadlines. Entries will be accepted until December 27, finalists announced January 6, with winner announced January 20.

How Voting Works:

You pick the winner!

As the entries are submitted, they’ll be published on the contest page.

The fine folks at the Hacker Academy and Pwnie Express will decide on the top 5 entries and the voting will open. Finalists will be lettered A-E and votes are submitted via a form on our site.

Are you ready? Great! Click here to register for the contest.

Industry Innovators: Analysis & testing

By Peter Stephenson

OK, so there is a bit of a hacker flavor here. Pwnie (pronounced “Pony”) Express comes from the hacker term “pwn,” which means to own or control. It came from a common typo when “own” got typed as “pwn” due to the p and the o being adjacent on the keyboard. Add the pun of substituting Pwnie Express for Pony Express and the insider joke is complete. But, make no mistake. Pwnie Express is no joke, and while, like any vulnerability assessment tool, its products could be co-opted and abused by a criminal hacker, their purpose is very serious.

(Original Article)

Pwnie Express Adds New Board Member

Scott Chasin, CEO and Founder of ProtectWise and former CTO of McAfee, to Join Board

December 02, 2014

Pwnie Express today announced that Scott Chasin, founder and chief executive officer of privately held ProtectWise, Inc. and former chief technology officer of McAfee, was appointed to the company’s board of directors.

“Scott has extraordinary technology and business expertise, and we are delighted that he has joined Pwnie Express’s board of directors,” said Paul Paget, CEO of Pwnie Express, a leading provider of penetration testing and network vulnerability assessment solutions.

Chasin currently serves as CEO of ProtectWise, Inc., a privately held company located in Denver, Colorado, whose products are being designed to make the next major leap in enterprise network security.

Prior to this, Chasin served as CTO of McAfee’s Content and Cloud Business Unit, helping transform McAfee into a leader in content and cloud security solutions.

Previously, Chasin founded and served as CTO of MX Logic, Inc, which was acquired by McAfee. He also founded and served as CTO of USA.NET, which was acquired by Perimeter eSecurity, and founded and moderated Bugtraq, which was acquired by Symantec Corp.
“Scott brings a wealth of experience, from C-level executives to security practitioners, as well as the insights that come from running successful large global security companies and fast-emerging startups. He will be a great addition to our board,” said Paget.

“I am honored to join Pwnie’s board and work with this exceptional team,” Chasin said. “Pwnie Express has taken penetration testing and network vulnerability assessment to the next level and I look forward to sharing my experiences and contributing to the future direction and growth of this cutting edge technology company.”

Chasin has served on a number of enterprise boards, including Anti-Phishing Working Group (APWG) and the Messaging Anti-Abuse Working Group (MAAWG).

Pwnie Express provides cost effective, rapid deployment security assessment products comprised of innovative sensors that make it incredibly easy to evaluate risk in remote and distributed environments. More than a 1000 enterprises across verticals including retail, finance, health, and manufacturing as well as service providers and government organizations rely on Pwnie Express to know who and what is accessing their networks.

About Pwnie Express
Pwnie Express is the leading provider of innovative sensors that assess network security risks in remote locations. Thousands of enterprises and government organizations worldwide rely on Pwnie Express’s products to conduct drop-box penetration testing and provide unprecedented insight into their distributed network infrastructure. Pwnie Express’s smart devices leverage open source tools and platforms. The award-winning products are backed by the expertise of Pwnie Labs, the company’s security research arm.

[Press Release]

European Parliament Gets PWNED

By Rene Millman

On Monday the 25th of November a memo was released to the  European Parliament Free Software User group mailing list announcing that they were going to be disabling the public wireless network. This is in response to a man-in-the-middle style attack which successfully intercepted traffic between cell-phones and the unencrypted wireless.

UK Tech Blog IT Pro did a writeup of the attack in which they suggest that the attack occurred when “hackers set up an “evil twin” wireless router near the building in Strasbourg and had stolen the usernames and passwords of 14 people at the European Parliament.”

As more employees bring their own devices into the workplace, businesses face the challenge of enforcing corporate security policies on consumer devices that are not solely controlled by the IT department,” said Jason Hart, vice president of cloud solutions at security firm SafeNet. “Most employees now store a wide range of both personal and business information on their mobile devices, so this lack of control exposes businesses to serious security vulnerabilities in the form of data breaches and unauthorised access.

This sounds strikingly similar to the “Evil AP” tool offered on Pwnie Express’ Pwn Pad line of products.
In the Evil AP attack the Pwn Pad tablet identifies networks which are being requested by other devices in its area. It accepts the requests for connection and acts to route their traffic through to the Internet allowing for redirection to malicious services or, as in the case of the European Parliament, interception of transmitted data and credentials. Devices with insecure wireless configurations are easily identifiable using this technique.