8 Bad Ass Tools Coming Out Of Black Hat
iSpeech
Amid the parties, the deal making and the overall catching up between security compatriots at the annual Black Hat pow wow in Las Vegas every year, there's a body of seriously good work that comes out of the show. Beyond the big vulnerability revelations, some of the most lasting contributions to ongoing security research and protection work comes in the form of new open source tools released by presenters at the show. This year's show will be no different. Researchers are pulling out all the stops yet again, using Black Hat as a platform to explain, release and/or promote a ton of great tools for pen testers and security operations experts. Here are some of the highlights.
Infection Monkey
Presenting Researchers: Ofri Ziv of GuardiCore
Website: www.infectionmonkey.com
Inspired by Netflix's Chaos Monkey project, Infection Monkey is a data center pentest tool designed to spin up infected virtual machines within random parts of the data center to test for potential blind spots in the overall network security chain and help teams bolster their data center security resilience.
Project Delta
Presenting Researchers: Changhoon Yoon & Seungsoo Lee of KAIST School of Computing in South Korea
Website: https://github.com/OpenNetworkingFoundation/delta
Project Delta is an open source project that's being sponsored by the Open Networking Foundation’s security group to help penetration testers probe SDN security. It includes a framework to validate security features of OpenFlow-based switch and controller implementations, along with a specialized fuzzing module to find unknown security flaws in SDNs.
Ablation
Presenting Researchers: Paul Mehta of Cylance
Meant as an augmentation of static analysis, Ablation has been designed to extract information from processes as they execute. It is meant to simplify the process of reverse engineering, helping researchers compare samples based on code executed rather than just comparing data.
Keystone Engine
Presenting Researchers: Nguyen Anh Quynh
Website: https://www.keystone-engine.org
This open source assembler framework just saw its first stable release this week. Its project organizer will be running through its paces in front of the crowd at Black Hat, introducing its architectural features and the new types of reverse engineering tools already built on top of it designed to help researchers more easily pick apart software.
AVLeak
Presenting Researchers: Alexei Bulazel, independent researcher
Refined by Bulazel as a part of his masters' thesis project at RPI, AVLeak is a tool designed to help researchers easily extract artifacts of emulation from commercial antivirus emulators. This can be then turned around to allow an AVLeak user to detect the presence of those emulators on a machine, making it easier to refine evasive malware to avoid being detected by that AV software. He's been on the conference circuit this year explaining the breakthroughs made with his platform and will continue that with demos at Black Hat.
[adsense size='1']
Swizzler
Presenting Researchers: Vincent Tan of Vantage Point Security
Mobile security researcher Vincent Tan has picked up the ball and run with Swizzler, a long-running mobile application assessment tool that hadn't been in active development for a while and was plagued with instability issues. He rebuilt it from the ground up to support all the functions a pen tester would need to analyze mobile applications.
DPTrace
Presenting Researchers: Rodrigo Rubira Branco & Rohit Mothe of Intel
The presenters will demo and release as open source this semi-automated crash analysis framework which provides researchers, at the moment of a crash, the mapping of the input areas that influence the crash situation and, from the crash on, an analysis of the potential capabilities for achieving code execution.
BLE MITM Proxy
Presenting Researchers: Slawomir Jasek of SecuRing
Website: https://github.com/conorpp/btproxy
IoT hackers will be able to add another tool to their arsenal with the release of this BLE MITM proxy, an open-source tool ready made to load up on a Raspberry Pi to help probe Bluetooth Low Energy devices through exploitation, reverse engineering and debugging.
Image Source: Adobe Stock
Gloss