Here are 8 absolute badass hacking tools which were demoed in this year’s Black Hat Conference
If you are into security and hacking you probably know all about Black Hat Conference. Black Hat is a computer security conference that brings together a variety of people interested in information security. Representatives of government agencies and corporations attend, along with hackers. The conferences take place regularly in Las Vegas, Barcelona, Amsterdam, Abu Dhabi and, occasionally, Tokyo.
This year’s Black Hat is being held in Las Vegas and like every year this year also brought out big vulnerability revelations. Hackers and security researchers are pulling out all the stops yet again, using Black Hat as a platform to explain, release and/or promote a ton of great tools for pen testers and security operations experts. Here are some of the highlights and tools that are being or will be demoed during the course of the conference which will end on 4th August.
Here are some of the absolute wacky tools demonstrated or will be demonstrated by security researchers and hackers .
Infection Monkey
Website: www.infectionmonkey.com Presented by Ofri Ziv of GuardiCore
Inspired by Netflix’s Chaos Monkey project, Infection Monkey is a data center pentest tool designed to spin up infected virtual machines within random parts of the data center to test for potential blind spots in the overall network security chain and help teams bolster their data center security resilience.
Project Delta
Website: https://github.com/OpenNetworkingFoundation/delta Presented by Changhoon Yoon & Seungsoo Lee of KAIST School of Computing in South Korea
Project Delta is an open source project that’s being sponsored by the Open Networking Foundation’s security group to help penetration testers probe SDN security. It includes a framework to validate security features of OpenFlow-based switch and controller implementations, along with a specialized fuzzing module to find unknown security flaws in SDNs.
Ablation
Presented by Paul Mehta of Cylance
Abalation is meant as an augmentation of static analysis. It has been designed by Mehta to extract information from processes as they execute. It is meant to simplify the process of reverse engineering, helping researchers compare samples based on code executed rather than just comparing data.
Keystone Engine
Website: https://www.keystone-engine.org Presented by Nguyen Anh Quynh
This open source assembler framework just saw its first stable release this week. Its project organizer will be running through its paces in front of the crowd at Black Hat, introducing its architectural features and the new types of reverse engineering tools already built on top of it designed to help researchers more easily pick apart software.
AVLeak
Presented by Alexei Bulazel, independent researcher
Refined by Bulazel as a part of his masters’ thesis project at RPI, AVLeak is a tool designed to help researchers easily extract artifacts of emulation from commercial antivirus emulators. This can be then turned around to allow an AVLeak user to detect the presence of those emulators on a machine, making it easier to refine evasive malware to avoid being detected by that AV software. He’s been on the conference circuit this year explaining the breakthroughs made with his platform and will continue with that demos at Black Hat.
Swizzler
Presented by Vincent Tan of Vantage Point Security
Mobile security researcher Vincent Tan has picked up to complete Swizzler, a long-running mobile application assessment tool that hadn’t been in active development for a while and was plagued with instability issues. He rebuilt it from the ground up to support all the functions a pen tester would need to analyze mobile applications.
DPTrace
Presented by Rodrigo Rubira Branco & Rohit Mothe from Intel Security
The presenters will demo and release as open source this semi-automated crash analysis framework which provides researchers, at the moment of a crash, the mapping of the input areas that influence the crash situation and, from the crash on, an analysis of the potential capabilities for achieving code execution.
BLE MITM Proxy
Website: https://github.com/conorpp/btproxy Presented by Slawomir Jasek of SecuRing
BLE MITM Proxy tool is for IoT hackers. BLE MITM proxy is an open-source tool ready made to load up on a Raspberry Pi to help probe Bluetooth Low Energy devices through exploitation, reverse engineering and debugging.
Source : Dark Reading.
alert(“XXS”)