The size of the Black Hat Convention is increasing

Source: Internet
Author: User
Keywords Cloud computing open source Black Hat Convention Dradis ice-hole maltrieve taintless voyeur


"Editor's note" The Black Hat Convention's scale is increasing year in, this is the world's smartest brain together, will wipe out what kind of lightning Flint, this year's Black Hat Congress attracted nearly million people to participate in, these technical men are very consistent with the "Matrix" in the "Keanu" image standards, eyes deep, stand upright, poor speech, It is said that there are many FBI site recruitment, in short, attracted the global vision. This article has counted the cool 10 tools of this Conference, and it is worth to be happy that most of them are open source.



The hacking tools shown at the 2014 Black Hat Convention can help penetration testers discover weaknesses in VoIP communications, conduct phishing attacks to support end-user security awareness training or better secure Amazon Network service instances. Most of the tools in the 2014 Black Hat American newsletter or Arsenal tool display are open source, and red-guest implementations from solution vendors, consultants and security providers make their work safer.






These tools expose software vulnerabilities, configuration flaws, or software manufacturers may not find defects. Here are 10 tools worth trying at all stages.



Maltrieve for malware analysis



Security researchers use the Maltrieve tool to collect malicious software on the server. With this open source tool, malware analysts can get the latest fresh samples by analyzing the URL list and known managed addresses.



Kyle Maxwell, one of VeriSign's threat intelligence analysts and an important contributor to the Maltrieve project, showed Maltrieve in the Black Hat Arsenal demo area. This tool counts malware's URL blacklist, supports cuckoo sandbox to detonate and analyzes samples, and supports vxcage to manage malware sample libraries.



Snoopy for tracking



Snoopy is a tracking and analysis framework that can be installed on Raspberrypi or other low-cost hardware to collect information about passers-by by connecting WiFi or Bluetooth.




Dradis for Pen Test management



Penetration testers can perform security assessments using Dradis management Nessus, Qualys, and other vulnerability scanning tools. Dradis can be used to track project progress, build reports based on multiple sources, and save reporting time. Dradis also uses standard problem descriptions and recommendations to expedite the reporting process.



Daniel Martin has shown the tool on Black Hat Arsenal, and Daniel Martin is a researcher and creator of the UK Open source software framework. Martin said the Dradis was introduced in 2007 and was the main upgrade in 2014. This upgrade includes a new web interface and Web interface and code base overhaul to improve performance and reliability.



Rickmote Controller for Chromecast



Your neighbour can easily occupy Google Chromecast,dan Petro said. Dan Petro, a security analyst at Bisho Fox, showed the Rickmote controller in Black Hat Arsenal, an attack that automatically hijacked streaming video near Chromecast devices.



Petro has built a controller that uses Wi-Fi to identify and play video of Chromecast devices via Raspberrypi. Rickmote kills the original Wi-Fi connection, and uses Chromecast's unsafe configuration settings mode to trigger the tool's connection. It was first shown on the Toorcon in Santiago in 2013.



Taintless for prepaid SQL attacks



SQL attack is a common attack method, which uses malicious SQL instructions to discard the backend support database content, and then attacks network applications. Taintless is used to study automatic SQL attacks designed to improve a new way of detecting and organizing attacks. Taintless Analysis Network Application Search may be the point of attack error.



Abbas Naderi Afooshteh, a researcher from Iran, showed the tool in black Hat Arsenal and unveiled a new system called Joza, which automates the search and prevention of SQL intrusion attacks.



Voyeur for threat intelligence.



Voyeur can be used to analyze the threat of grooming the Active Directory service. Voyeur generates a report that connects end users and Computers, enterprise network groups, enterprise network devices, Voyeur enables event responders to analyze information as a security incident investigation.



Juan Garrido is a security advisor to the Innotec system, and the Innotec system is a management service provider. Juan Garrido The Open Source tool on black hat arsenal. This tool does not require the administration of certificates to be executed, and the results can be exported as CVS files or formatted as Excel extension tables.



Ice-hole for phishing Training



Ice-hole for system Management, penetration testers and security analysts can implement and manage e-mail phishing identification test projects. Ice-hole can be used to perform attacks and provide feedback and training for users.



Darren Manners is a senior security engineer for Richmond, and Richmond is a syscom technology company based on a solution provider. Darren Manners developed the Fishing training tool and displayed the function of the tool on the black Hat arsenal. Manners is also a developer of Spheres of influence, Spheres of influence is an IP address that maps geographic locations and organizes data to connections to identify potential threats.



Viproy for VoIP Security



The penetration tester can identify the defects of multimedia communication through Viproy. Viproy supports Cisco, Microsoft link and other mainstream suppliers.



Fatih Ozavci shows the tool. Fatih Ozavci is a senior advisor to the Denver based security consulting firm. Viproy automatically discovers VoIP devices, identifies the detection control speed dial, carries out unauthorized calls and discovers information aggregation attacks. The toolkit adds support for IP telephony, which uses the Cisco skinny Protocol. Viproy has 10 modules that perform various functions to identify defects, including electronic spoofing, brute force attacks, and billing bypasses.



Zitmo NoM for mobile end Zeus attack prevention



Zitmo nom identifies mobile-side malware through SMS transmissions that do not contain antivirus programs. Zitnom aims to identify ZITMO,ZITMO is the mobile end of the Zeus bank malware, which attacks the victim's account. Zitmo's target is Android device users, but it is also on the BlackBerry, Windows Mobile and Symbian platforms. ZITMO forwards the received SMS information to a command and control server and attempts to query for dual-factor authentication and security code to attack account information.



David Schwartzberg, Mobiliron's senior security engineer, showed how ZITMO nom uniforms Zitmo. Zitmo nom is still in the prototype phase, and Schwartzberg wants to extend performance by attracting participants to build functions. The plan is to open up the functionality when it is complete.



Nimbostratus



Nimbostratus is designed to automate the process of leveraging Amazon infrastructure. Andres Riancho, an application security expert who led the development and maintenance of the network application Security scanning Project W3AF, developed the tool and presented it in a black hat presentation.



Riancho from the network application flaw, finally control the Amazon virtual instance, access to the MySQL database may contain sensitive data. Riancho says the tool can be used to deal with AWS or any cloud hosting service. In Riancho's show, nimbostratus used to discard the EC2 Power profile certificate, exposing the use of Amazon SQS clues. Used to store information between servers, increasing the ability to execute code.



Original link: Black Hat 2014:10 cool Hacking Tools to Check out (Compile/Chai Renjun Zebian/wei)



Free Subscription "CSDN cloud Computing (left) and csdn large data (right)" micro-letter public number, real-time grasp of first-hand cloud news, to understand the latest big data progress!



CSDN publishes related cloud computing information, such as virtualization, Docker, OpenStack, Cloudstack, and data centers, sharing Hadoop, Spark, Nosql/newsql, HBase, Impala, memory calculations, stream computing, Machine learning and intelligent algorithms and other related large data views, providing cloud computing and large data technology, platform, practice and industry information services.





Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.