Blackhat 2017 USA Black Hat Arsenal Tool List 2017-07-24 16:20:11 Read: 547 times Likes(0) Collection Source: medium.com/hack-with-github
Author: Fairy
Portal
[July 23-31] Blackhat & DEFCON, hackers gather in Las Vegas
Blackhat & DEFCON 2017
From July 23 to 31, Beijing time, the most popular top information conference in the security circle, the BlackHat USA (23-28) and the DEFCON (28-31) will be held in Las Vegas, USA.
Every year at this time, tens of thousands of hackers gather in Las Vegas. Don’t think hackers are gamblers; they are all here for the famous “two conferences” in the security circle. It can be said that they have no interest in gambling but are obsessed with “security technology”. The BlackHat USA is recognized as the highest event in the information security industry and is also a stage for hackers to showcase their skills, known as the “Oscars of Hackers”; the DEFCON hacker conference is also known as the “Secret Party of Hackers”, its guests are “high-end and stylish”, with an average of over 7,000 hackers and experts from global security companies and agencies, as well as officials from the U.S. Department of Defense, FBI, NSA, and other government agencies attending this gathering. This article is the list of tools from the 2017 BlackHat USA Arsenal. Android and iOS mobile security
Android Tamer
https://github.com/AndroidTamer
Twitter: @AndroidTamer
Host: Anant Shrivastava (@anantshri)
BadIntent – Integrating Android with Burp
https://github.com/mateuszk87/BadIntent
Host: Mateusz Khalil (@mateuszk87)
DiffDroid
https://github.com/antojoseph/diff-droid
Host: Anto Joseph (@antojosep007)
Kwetza
https://github.com/sensepost/kwetza
Host: Chris Le Roy (@brompwnie)
Needle
https://github.com/mwrlabs/needle
Twitter: @mwrneedle
Host: Marco Lancini (@lancinimarco)
NoPE Proxy (Non-HTTP Proxy Extension)
https://github.com/summitt/Burp-Non-HTTP-Extension
Host: Josh H.S. (@null0perat0r)
Code Audit
Puma Scan
https://github.com/pumasecurity/puma-scan
Twitter: @puma_scan
Host: Aaron Cure (@curea)
Tintorera: Smart Energy Code Audit Engine
https://github.com/vulnex/Tintorera
Host: Simon Roses Femerling (@simonroses)
Cryptography
Hashview
https://github.com/hashview/hashview
Host: Casey Cammilleri (@CaseyCammilleri), Hans Lakhan (@jarsnah12)
Gibber Sense
https://github.com/smxlabs/gibbersense
Host: Ajit Hatti (@ajithatti)
Data Forensics and Incident Response
Answering When/Where/Who is my Insider – UserLine
https://github.com/THIBER-ORG/userline
Host: Chema Garcia (@sch3m4)
DefPloreX: Machine Learning Toolkit for Large-scale eCrime Forensics
https://github.com/trendmicro/defplorex
Host: Federico Maggi (@phretor), Marco Balduzzi (@embyte), Lion Gu, Ryan Flores, Vincenzo Ciancaglini
HoneyPi
https://github.com/mattymcfatty/HoneyPi
Host: Matt South (@mattymcfatty)
PcapDB: Optimized Full Network Packet Capture Fast and Efficient Retrieval
https://github.com/dirtbags/pcapdb
Host: Paul Ferrell (@pflarr), Shannon Steinfadt
SCOT (Sandia Cyber Omni Tracker) Threat Intelligence and Incident Response Management System
https://github.com/sandialabs/scot
Host: Nick Georgieff, Todd Bruner (@toddbruner)
Security Monkey
https://github.com/Netflix/security_monkey
Host: Mike Grima (@mikegrima), Patrick Kelley (@MonkeySecurity)
ThreatResponse: Open Source Toolkit for Automated Incident Response in AWS
https://github.com/ThreatResponse
Host: Andrew Krug (@andrewkrug)
Volatile Memory Analysis at Scale – High-performance Forensic Platform for Windows x64 Systems
https://github.com/ShaneK2/inVtero.net
Host: Shane Macaulay (@ktwo_K2)
Yalda – Automatic Batch Intelligent Collection
https://github.com/gitaziabari/Yalda
Host: Gita Ziabari (@gitaziabri)
Exploitation and Ethical Hacking
AVET – Antivirus Bypass Tool
https://github.com/govolution/avet
Host: Daniel Sauder (@DanielX4v3r)
Building C2 Environments with Warhorse
https://github.com/war-horse/warhorse
Host: Ralph May (@ralphte1)
Cumulus – Cloud Exploitation Toolkit
https://github.com/godinezj/metasploit-framework/tree/cumulus
Host: Javier Godinez (@isomorphix)
GDB Enhancements (GEF)
https://github.com/hugsy/gef
Host: Chris Alladoum (@_hugsy_)
Leviathan Framework
https://github.com/leviathan-framework/leviathan
Host: Ozge Barbaros (@ozgebarbaros), Utku Sen (@utku1337)
MailSniper
https://github.com/dafthack/MailSniper
Host: Beau Bullock (@dafthack)
Rattler
https://github.com/sensepost/rattler
Host: Chris Le Roy (@brompwnie)
Seth
https://github.com/SySS-Research/Seth
Host: Adrian Vollmer (@AdrianVollmer)
Hardware, Embedded
ChipWhisperer
https://github.com/newaetech/chipwhisperer
Host: Colin O’Flynn (@colinoflynn)
DYODE: A DIY, Low-cost Data Diode for Industrial Control Systems
https://github.com/arnaudsoullie/dyode
Host: Arnaud Soullié (@arnaudsoullie), Ary Kokos ()
FTW: WAF Testing Framework
https://github.com/fastly/ftw
Host: Chaim Sanders, Zack Allen (@teachemtechy)
The Bicho: Advanced Car Backdoor Generator
https://github.com/UnaPibaGeek/CBM
Host: Claudio Caracciolo (@holesec), Sheila Ayelen Berta (@UnaPibaGeek)
Social Engineering
IsThisLegit
https://github.com/duo-labs/isthislegit
Host: Jordan Wright (@jw_sec), Mikhail Davidov (@sirus)
IoT
Hacker Mode
https://github.com/xssninja/Alexa-Hacker-Mode
Host: David Cross (@10rdV4d3r)
Universal Radio Hacker: Investigate Wireless Protocols Like a Boss
https://github.com/jopohl/urh
Host: Johannes Pohl (@jopohl)
Malware Defense
Open Source Machine Learning and Proactive Defense Tools
https://github.com/jzadeh/Aktaion
Host: Joseph Zadeh (@JosephZadeh), Rod Soto (@rodsoto)
Cuckoodroid
https://github.com/idanr1986/cuckoo-droid
Host: Idan Revivo (@idanr86)
Cuckoo Sandbox
https://github.com/cuckoosandbox/cuckoo
Twitter: @cuckoosandbox
Host: Jurriaan Bremer (@skier_t)
LimaCharlie
https://github.com/refractionPOINT/limacharlie
Twitter: @rp_limacharlie
Host: Maxime Lamothe-Brassard (@_maximelb)
Malboxes
https://github.com/GoSecure/malboxes
Host: Olivier Bilodeau (@obilodeau)
Malware Attacks
Empty-Nest: New Payload Generator
https://github.com/empty-nest/emptynest
Host: James Cook (@_jbcook), Tom Steele (@_tomsteele)
Network Attacks
BloodHound 1.3
https://github.com/BloodHoundAD/BloodHound
Host: Andy Robbins (@_wald0), Rohan Vazarkar (@CptJesus), Will Schroeder (@harmj0y)
CrackMapExec v4
https://github.com/byt3bl33d3r/CrackMapExec
Host: Marcello Salvati (@byt3bl33d3r)
DELTA: SDN Security Assessment Framework
https://github.com/OpenNetworkingFoundation/DELTA
Host: Jinwoo Kim, Seungsoo Lee, Seungwon Shin
eaphammer
https://github.com/s0lst1c3/eaphammer
Host: Gabriel Ryan (@s0lst1c3)
GoFetch
https://github.com/GoFetchAD/GoFetch
Host: Tal Maor (@talthemaor)
gr-lora: LoRa PHY Open Source SDR Implementation
https://github.com/BastilleResearch/gr-lora
Host: Matt Knight (@embeddedsec)
Yasuo
https://github.com/0xsauby/yasuo
Host: Saurabh Harit (@0xsauby)
Network Defense
Assimilator
https://github.com/videlanicolas/assimilator
Host: Nicolas Videla (@jsusvidela)
Noddos
https://github.com/noddos/noddos
Host: Steven Hessing
SITCH: Distributed GSM Reverse Monitoring
https://github.com/sitch-io/sensor
Twitter: @sitch_io
Host: Ash Wilson (@ashmastaflash)
Sweet Security
https://github.com/TravisFSmith/SweetSecurity
Host: Travis Smith (@MrTrav)
OSINT – Open Source Intelligence
Datasploit: Automated OSINT Tool
https://github.com/DataSploit/datasploit
Twitter: @datasploit
Host: Shubham Mittal (@upgoingstar)
Dradis: Helping Security Teams Spend More Time Testing and Less Time Reporting for 10 Years
https://github.com/dradis/dradis-ce
Twitter: @dradisfw
Host: Daniel Martin (@etdsoft)
OSRFramework: Open Source Research Framework
https://github.com/i3visio/osrframework
Host: Félix Brezo Fernández (@febrezo), Yaiza Rubio Viuela (@yrubiosec)
Reverse Engineering
BinGrep
https://github.com/m4b/bingrep
Host: Hiroki Hada
FLARE VM
https://github.com/fireeye/flare-vm
Host: Peter Kacherginsky (@_iphelix)
Vulnerability Assessment
Aardvark and Repokid
https://github.com/Netflix-Skunkworks/aardvark
https://github.com/Netflix/repokid
Host: Patrick Kelley (@MonkeySecurity), Travis McPeak (@travismcpeak)
BugBot – A Kubernetes-based Scalable Automation Testing Slackbot
https://github.com/anshumanbh/kubebot
Host: Anshuman Bhartiya (@anshuman_bh)
Can Check IBM i (AS/400) Machines Hack/400 and IBMiScanner Tools
https://github.com/hackthelegacy/hack400tool
Host: Bart Kulach (@bartholozz)
PowerSAP: Powershell Tool for Evaluating SAP Security
https://github.com/airbus-seclab/powersap
Host: Joffrey Czarny (@Sn0rkY)
SERPICO
https://github.com/SerpicoProject/Serpico
Twitter: @SerpicoProject
Host: Peter Arzamendi (@thebokojan), Will Vandevanter (@0xRST)
SimpleRisk
https://github.com/simplerisk/code
Twitter: @simpleriskfree
Host: Josh Sokol (@joshsokol)
Web Security
BurpSmartBuster: A Smart Way to Find Hidden Treasures
https://github.com/pathetiq/BurpSmartBuster
Host: Patrick Mathieu (@pathetiq)
CSP Auditor
https://github.com/GoSecure/csp-auditor
Host: Philippe Arteau (@h3xstream)
Easily Exploit Timing Attacks in Web Applications with the ‘timing_attack’ Gem
https://github.com/ffleming/timing_attack
Host: Forrest Fleming (@ffleming)
Fuzzapi – A Tool for Fuzzing REST APIs
https://github.com/lalithr95/fuzzapi
Twitter: @Fuzzapi0x00
Host: Abhijeth Dugginapeddi (@abhijeth), Lalith Rallabhandi (@lalithr95), Srinivas Rao (@srini0x00)
Offensive Web Testing Framework (OWASP OWTF)
https://github.com/owtf/owtf
Twitter: @owtfp
Host: Viyat Bhalodia (@viyat)
PyMultiTor
https://github.com/realgam3/pymultitor
Host: Tomer Zait (@realgam3)
ThreadFix Web Application Attack Surface Analysis Tool
https://github.com/denimgroup/threadfix
Twitter: @ThreadFix
Host: Dan Cornell (@danielcornell)
WaToBo: Web Application Toolbox
https://github.com/siberas/watobo
Host: Andreas Schmidt (@_znow)
WSSiP: WebSocket Operation Proxy
https://github.com/nccgroup/wssip
Host: Samantha Chalker (@itsisatis)
Portal
[July 23-31] Blackhat & DEFCON, hackers gather in Las Vegas This article is translated by Security Guest, please indicate “translated from Security Guest” and include a link. Original link: https://medium.com/hack-with-github/black-hat-arsenal-usa-2017-3fb5bd9b5cf2
This article contains cybersecurity-related terms: cybersecurity engineer, network information security, cybersecurity technology, cybersecurity knowledge