An annual East coast hacker convention hell-bent on offering an interesting and new atmosphere for demonstrating technology exploitation, inventive software & hardware solutions, as well as open discussion of critical information security issues.

Summer Of Code
TSG is taking part in Google's Summer of Code mentor program, working with students to advance the state of art of information security.

A wireless lan encryption key recovery tool. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.

A PoC bluetooth war-driving utility. Bluesniff provides a GUI for finding discoverable and hidden bluetooth devices. See the DefCon 11 presentation on Bluetooth wardriving for more info. You can download the latest bluesniff release here.

Airsnarf is a simple rogue wireless access point setup utility designed to demonstrate how a rogue AP can steal usernames and passwords from public wireless hotspots. Airsnarf was developed and released to demonstrate an inherent vulnerability of public 802.11b hotspots. snarfing usernames and passwords by confusing users with DNS and HTTP redirects from a competing AP.

A portable Host Integrity Monitoring System with support for centralized management.
The Virtual Private Networks mailing list is designed for the spread of information about all sorts of VPNs. It's occupied by vendors, consultants, and lots of interested users.

tinfoil hat
It started as a secure, single floppy, bootable Linux distribution for storing PGP keys and then encrypting, signing and wiping files. At some point it became an exercise in over-engineering.

When the Shmoo are bored, and their systems aren't hacking the universe, a box or two is devoted to creating nifty password lookup tables, which anyone can download free of charge. Because knowing all passwords is cooler than trying to crack one.

Capture the Capture the Flag
RootFu! is a contest run at DefCon each year. The best and brightest from the underground spend 3 days trying to break into servers on the local DefCon network. Capture the Capture the Flag is a project by The Shmoo Group to sniff and log all the data on the RootFu! network.

Frelay is an open source continuation of the Freedom project, produced by the wonderful people at Zero-Knowledge Systems. It is not supported by ZKS. For more information, join the mailing list, browser the source tree, or check out the code from CVS.

Braces is a Bluetooth-based location tracking utility. It uses a sensor script (currently written for LInux) to report discoverable devices to a server and then map the devices on a webpage.