On September 30th, 2017 @toolswatch announced the tools selected for Black Hat Arsenal Europe 2017.
Most of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories.
ANDROID, IOS AND MOBILE HACKING
Objection
https://github.com/sensepost/objection
badintent – integrating android with burp
https://github.com/mateuszk87/BadIntent
DATA FORENSICS AND INCIDENT RESPONSE
cybot – open-source threat intelligence chat bot (revamped)
https://github.com/CylanceSPEAR/CyBot
ng-netms & optoss plus
https://sourceforge.net/projects/ngnms/
EXPLOITATION AND ETHICAL HACKING
dpapi and dpapi-ng – decryption toolkit
https://cqureacademy.com/blog/windows-internals/black-hat
uac-a-mola
https://github.com/ElevenPaths/uac-a-mola
exploit pack
https://github.com/juansacco/exploitpack
2fassassin
https://github.com/maxwellkoh/2FAssassin
HARDWARE/EMBEDDED
dyode – a diy, low-cost data diode for ics
https://github.com/wavestone-cdt/dyode
INTERNET OF THINGS
whid injector – how to bring hid attacks to the next level
https://github.com/whid-injector/WHID
MALWARE DEFENSE
mystique
https://github.com/MinervaLabsResearch/Mystique
aktaion v2 – a machine learning open-source & active defense (orchestration) tool
https://github.com/jzadeh/aktaion2
NETWORK ATTACKS
det (data exfiltration toolkit)
https://github.com/sensepost/DET
FruityC2
https://github.com/xtr4nge/FruityC2
NETWORK DEFENSE
ace (automated collection and enrichment platform)
https://github.com/Invoke-IR/ACE
cloud security suite – one stop tool for aws security audit
https://github.com/SecurityFTW/cs-suite
id2t – the intrusion detection dataset generation toolkit
https://git.tk.informatik.tu-darmstadt.de/SPIN/ID2T-toolkit
wipi-hunter – wifi-pineapple activities detection
https://github.com/WiPi-Hunter
OSINT – OPEN SOURCE INTELLIGENCE
Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
https://github.com/dradis/dradis-ce
datasploit – osint framework
https://github.com/DataSploit/datasploit
osint-spy
https://github.com/SharadKumar97/OSINT-SPY
tinfoleak
http://www.vicenteaguileradiaz.com/tools/
VULNERABILITY ASSESSMENT
openscap and scap security guide
https://github.com/OpenSCAP/scap-security-guide
powersap – powershell tool to assess sap security
https://github.com/airbus-seclab/powersap
seccubus
https://github.com/schubergphilis/Seccubus
WEB APPSEC
modsecurity 3.0.0
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-version-3-RC1
Reflector – burp suite extension
https://github.com/elkokc/reflector
xsser – from xss to rce 2.75
https://github.com/Varbaek/xsser
owasp zap
https://github.com/zaproxy/zaproxy
pymultitor
https://github.com/realgam3/pymultitor
Most of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories.
ANDROID, IOS AND MOBILE HACKING
Objection
https://github.com/sensepost/objection
badintent – integrating android with burp
https://github.com/mateuszk87/BadIntent
DATA FORENSICS AND INCIDENT RESPONSE
cybot – open-source threat intelligence chat bot (revamped)
https://github.com/CylanceSPEAR/CyBot
ng-netms & optoss plus
https://sourceforge.net/projects/ngnms/
EXPLOITATION AND ETHICAL HACKING
dpapi and dpapi-ng – decryption toolkit
https://cqureacademy.com/blog/windows-internals/black-hat
uac-a-mola
https://github.com/ElevenPaths/uac-a-mola
exploit pack
https://github.com/juansacco/exploitpack
2fassassin
https://github.com/maxwellkoh/2FAssassin
HARDWARE/EMBEDDED
dyode – a diy, low-cost data diode for ics
https://github.com/wavestone-cdt/dyode
INTERNET OF THINGS
whid injector – how to bring hid attacks to the next level
https://github.com/whid-injector/WHID
MALWARE DEFENSE
mystique
https://github.com/MinervaLabsResearch/Mystique
aktaion v2 – a machine learning open-source & active defense (orchestration) tool
https://github.com/jzadeh/aktaion2
NETWORK ATTACKS
det (data exfiltration toolkit)
https://github.com/sensepost/DET
FruityC2
https://github.com/xtr4nge/FruityC2
NETWORK DEFENSE
ace (automated collection and enrichment platform)
https://github.com/Invoke-IR/ACE
cloud security suite – one stop tool for aws security audit
https://github.com/SecurityFTW/cs-suite
id2t – the intrusion detection dataset generation toolkit
https://git.tk.informatik.tu-darmstadt.de/SPIN/ID2T-toolkit
wipi-hunter – wifi-pineapple activities detection
https://github.com/WiPi-Hunter
OSINT – OPEN SOURCE INTELLIGENCE
Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
https://github.com/dradis/dradis-ce
datasploit – osint framework
https://github.com/DataSploit/datasploit
osint-spy
https://github.com/SharadKumar97/OSINT-SPY
tinfoleak
http://www.vicenteaguileradiaz.com/tools/
VULNERABILITY ASSESSMENT
openscap and scap security guide
https://github.com/OpenSCAP/scap-security-guide
powersap – powershell tool to assess sap security
https://github.com/airbus-seclab/powersap
seccubus
https://github.com/schubergphilis/Seccubus
WEB APPSEC
modsecurity 3.0.0
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-version-3-RC1
Reflector – burp suite extension
https://github.com/elkokc/reflector
xsser – from xss to rce 2.75
https://github.com/Varbaek/xsser
owasp zap
https://github.com/zaproxy/zaproxy
pymultitor
https://github.com/realgam3/pymultitor
Nhận xét
Đăng nhận xét