Hacking News b

Published on July 31st, 2016 | 1,940 views Post Views

8 Bad Ass Tools Coming Out Of Black Hat

Amid the parties, the deal making and the overall catching up between security compatriots at the annual Black Hat pow wow in Las Vegas every year, there’s a body of seriously good work that comes out of the show. Beyond the big vulnerability revelations, some of the most lasting contributions to ongoing security research and protection work comes in the form of new open source tools released by presenters at the show. This year’s show will be no different. Researchers are pulling out all the stops yet again, using Black Hat as a platform to explain, release and/or promote a ton of great tools for pen testers and security operations experts. Here are some of the highlights.

Infection Monkey

Presenting Researchers: Ofri Ziv of GuardiCore
Website: www.infectionmonkey.com

Inspired by Netflix’s Chaos Monkey project, Infection Monkey is a data center pentest tool designed to spin up infected virtual machines within random parts of the data center to test for potential blind spots in the overall network security chain and help teams bolster their data center security resilience.

Project Delta

Presenting Researchers: Changhoon Yoon & Seungsoo Lee of KAIST School of Computing in South Korea
Website: https://github.com/OpenNetworkingFoundation/delta

Project Delta is an open source project that’s being sponsored by the Open Networking Foundation’s security group to help penetration testers probe SDN security. It includes a framework to validate security features of OpenFlow-based switch and controller implementations, along with a specialized fuzzing module to find unknown security flaws in SDNs.

Ablation

Presenting Researchers: Paul Mehta of Cylance

Meant as an augmentation of static analysis, Ablation has been designed to extract information from processes as they execute. It is meant to simplify the process of reverse engineering, helping researchers compare samples based on code executed rather than just comparing data.

Keystone Engine

Presenting Researchers: Nguyen Anh Quynh
Website: http://www.keystone-engine.org

This open source assembler framework just saw its first stable release this week. Its project organizer will be running through its paces in front of the crowd at Black Hat, introducing its architectural features and the new types of reverse engineering tools already built on top of it designed to help researchers more easily pick apart software.

AVLeak

Presenting Researchers: Alexei Bulazel, independent researcher

Refined by Bulazel as a part of his masters’ thesis project at RPI, AVLeak is a tool designed to help researchers easily extract artifacts of emulation from commercial antivirus emulators. This can be then turned around to allow an AVLeak user to detect the presence of those emulators on a machine, making it easier to refine evasive malware to avoid being detected by that AV software. He’s been on the conference circuit this year explaining the breakthroughs made with his platform and will continue that with demos at Black Hat.

▼Advertisements

Swizzler

Presenting Researchers: Vincent Tan of Vantage Point Security

Mobile security researcher Vincent Tan has picked up the ball and run with Swizzler, a long-running mobile application assessment tool that hadn’t been in active development for a while and was plagued with instability issues. He rebuilt it from the ground up to support all the functions a pen tester would need to analyze mobile applications.

DPTrace

Presenting Researchers: Rodrigo Rubira Branco & Rohit Mothe of Intel

The presenters will demo and release as open source this semi-automated crash analysis framework which provides researchers, at the moment of a crash, the mapping of the input areas that influence the crash situation and, from the crash on, an analysis of the potential capabilities for achieving code execution.

BLE MITM Proxy

Presenting Researchers: Slawomir Jasek of SecuRing
Website: https://github.com/conorpp/btproxy

IoT hackers will be able to add another tool to their arsenal with the release of this BLE MITM proxy, an open-source tool ready made to load up on a Raspberry Pi to help probe Bluetooth Low Energy devices through exploitation, reverse engineering and debugging.

Image Source: Adobe Stock

 

Share on Facebook0Share on Google+2Tweet about this on TwitterShare on Reddit0Email this to someonePrint this pageShare on StumbleUpon0Digg thisPin on Pinterest0Share on LinkedIn25











Leave a Reply

Your email address will not be published. Required fields are marked *

Back to Top ↑

Read more:
Microsoft yanks Docs.com search after complaints of exposed sensitive files

Microsoft has quietly removed a feature on its document sharing site Docs.com that allowed anyone to search through millions of...

Close