blackhat US 2012 arsenal – security testing tools

blackhat US 2012 has sessions when researches can showcase tools, projects and demos.  Here is my super concise summary of the arsenal.  I have tried to highlight if tools are free/opensource.  Also see my summary of the conference.

 Binary visualization, evolution of hex editor ..cantor.dust..
 Collaboration on Metasploit Armitage
 ARP and DNS poisoning ARPwner
 Amazon Web Services AWS Scout
 Python tool for protocol fuzzing backfuzz
 Burp Suite extensions Burp Extensibility Suite
 Bypass CAPTCHA Bypassing Every CAPTCHA provider with clipcaptcha
 Crowd reverse engineering CrowdRE
 Network simulation to study malware FakeNet
 Fuzzing PHP GDFuzz
 Metasploit NTLM relay (open source) Generic Metasploit NTLM Relayer
 Python scriptable pen testing Gsploit
 Python tool exploit HTACCESS HTExploit bypassing htaccess restrictions
 Java email phishing test social engr defenses ice-hole 0.3 (beta)
 Machine learning to security incidents pre-breach Incident Response Analysis Visualization and Threat Clustering through Genomic Analysis
 Sniff iphones and ipads (open source) iSniff GPS
USB human interface devices in pen tests Powershell scripts for offensive security and post exploitation Kautilya and Nishang
 Volatile memory from Linux/Linux based LiME Forensics 1.1
 Add security features to apps post development MAP
 Better host based incident response MIRV
 Web application fireall (open source) ModSecurity Open Source WAF
 OWASP project for training, experimentation OWASP Broken Web Applications Project
Assess OData Oyedata for OData Assessments
 Python tool to explore PDF peepdf
 PHP eval function phpmap
 Incidence response and investigation (free) Redline
 Registry analysis (free?) Registry Decoder
 SAP GUI network traffic SAP Proxy
 iOS apps Semi-Automated iOS Rapid Assessment
 Opensource smartphone pen testing Smartphone Pentesting Framework
 Search engine hacking (Free) Tenacious Diggity – New Google Hacking Diggity Suite Tools
 Vulnerability aggregation and management (open source) ThreadFix
 Web security scanner (open source) Vega
 Manual and automated approach to web app assessment (ruby, open source) WATOBO – Web Application Toolbox
 Attack XMPP connections XMPPloit
 Mobile IPS zCore IPS

blackhat US 2012 – Ultimate security testing conference Buzz

To me security testing is the ultimate testing challenge.  blackhat conferences are the premier conferences on information security.  I have included a concise summary of the Blackhat 2012 US conference, to give you a feel for current security topics.  It’s worth spending a few hours reading the conference schedule – it’s a very interesting read. e.g.,

Here is my summary:

Malware author evasion Rodrigo Branco
CPU instruction vulnerability Rafal Wojtczuk
ARM exploitation (embedded) Stephen Ridley
Beat Google Bouncer Nicholas Percoco
Action Message Format testing Luca Carettoni
Identifying .NET vulnerabilities James Forshaw
Javascript browser blended threats Phil Purviance
Various techniques Dan Kaminsky
Stochastic forensics Jonathan Grier
Detecting unrelated external code Silvio Cesare
Web application firewall Ivan Ristic
Security card game Tadayoshi Kohno
MAC EFI rootkit Loukas K
Android’s DEX file format Timothy Strazzere
Browser Flash sandboxes Paul Sabanal
Mobile Near Field Communication protocol Charlie Miller
Windows kernel vulnerabilities Cesar Cerrudo
Security industry watchgroup Jericho
Microsoft Exchange->devices Peter Hannay
Windows 8 Matt Miller
Windows 8 Metro apps Sung-ting Tsai
Jemalloc Firefox exploitation Patroklos Argyroudis
Polymorphic viruses Mario Vuksan
Oracle index (database) David Litchfield
Malware analysis environment detection Chengyu Song
Iris recognition Javier Galbally
Air traffic control systems Andrei Costin
Google Chrome native client Chris Rohlf
Better Communication=Security acceptance James Philput
HTML5/Websockets Sergey Shekyan
Hardware backdoor Jonathan Brossard
Industrial firmware Ruben Santamarta
Browser EEF Steve Ocepek
Reverse Engineering 3G microcell Mathew Rowley
Embedded systems code using electrical consumption Yann Allain
HTML5 top 10 threats Shreeraj Shah
Intrusion detection complete failure John Flynn
iOS/Appstore vulnerability Justin Engler
iOS kernel memory allocators Stefan Esser
iOS security Dallas De Atley
Legal Robert Clark
Smart Grid Don Weber
Hotel Onity locks Cody Brocious
Javascript botnets analyze villians Chema Alonso
Pin Pads Nils
Attacking PHP apps, e.g., Mediawiki George Argyros
Cellular networks Collin Mulliner
Java vulnerabilities Jeong Wook Oh
Remote smartphone attack/Baseband processor Ralf-Philipp Weinmann
Proactive defense Iftach Ian Amit
Security vision Jeff Moss
Social media/business networks Dan Gunter
SQL Injection exploit routers Zachary Cutlip
SSRF attack SAP/ERP Alexander Polyakov
Hash corruption Ryan Reynolds
 Web exploit toolkits Jason Jones
Kerberos, NTLM, domain hashes Alva Duckwall
Intrusion remediation Jim Aldridge
Dept Homeland Sec. – research, training, hiring opps Mark Weatherford
Internal dev processes rather than external vendor tools David Mortman
 ASLR Fermin J. Serna
IPV6, DNSSEC, new top level domains Alex Stamos
Attacking hardware Valeria Bertacco
Social trust systems Bruce Schneier
Windows gadgets Mickey Shkatov
Web user tracking Gregory Fleischer
Windows Phone 7 Tsukasa Oi
Windows 8 heap Chris Valasek