BlackHat USA 2015 got recently concluded and we head a bunch of news around how BlackHat brought to light various security vulnerabilities in day-to-day life like ZigBee protocol, Device for stealing keyless cars & ATM card skimmers. However the presenters, who are also ethical hackers, also gave a bunch of tools to help software community to detect & prevent security holes in the hardware & software while the product is ready for release. We have reviewed all the presentations from the conference and give you here a list of Top 10 tools/utilities that helps in security vulnerability detection & prevention.
Top 10 Software to Detect & Prevent Security Vulnerabilities from BlackHat USA Conference
1. Top 10 Software to Detect &
Prevent Security Vulnerabilities
from BlackHat USA Conference
Website: http://www.mobodexter.com Blogs: http://blogs.mobodexter.com
2. Chandramouli Srinivasan(Mouli)
CEO & President
MOBODEXTER INC
Chandramouli is a serial Entrepreneur who has co-founded MoboDexter Group companies & ViewFindAR
that does Information Technology products & services in CAMS domain.
Prior to starting MoboDexter, Mouli worked as a system software development/test engineer/lead and
Manager in product R&D organization in Intel, Hewlett Packard and WIPRO. His experience includes 6
years of software product engineering in product R&D groups as an engineering manager in Intel and HP
handling development and test programs. Specialty includes handling programs which involved recruiting
and building new teams for handling new SW product R&D functions
PMI certified Project Management Professional (PMP) - PMBOK practitioner for the past 3 years and an
Agile SCRUM practitioner for 4 years. I have filed 1 US patent and 2 Research publications in SW/FW
domains and passionate about technical contributions to the projects and programs
Mouli had additional experience of leading large org-wide programs/initiatives on - Quality : Test
transformation, Test Automation, orthogonal defect classification (ODC), Static Code analysis, product defect
prediction models, Closed Loop Quality System (CLQS)
Methodologies: Test driven development; Model based testing methodologies; Retention prediction model;
Competency evaluation model adoptions
Business : Lean sigma, Outsourcing evaluation & strategy, Business optimization using Moore’s product
adoption model, Data center optimization, innovation
3. BlackHat USA 2015 got recently concluded and we head a bunch of
news around how BlackHat brought to light various security
vulnerabilities in day-to-day life like ZigBee protocol, Device for
stealing keyless cars & ATM card skimmers. However the presenters,
presenters, who are also ethical hackers, also gave a bunch of tools to
to help software community to detect & prevent security holes in the
the hardware & software while the product is ready for release. We
release. We have reviewed all the presentations from the conference
conference and give you here a list ofTop 10 tools/utilities that helps in
helps in security vulnerability detection & prevention.
4. Bearded
• Bearded is an open source Security Automation platform. The
platform allows Development, QA, and Security team members to
perform automated web security scans with a set of tools (w3af,
sslyze, nmap, arachni etc.), and re-execute those scans as needed.
• All tools can be executed in the cloud in Docker containers. Bearded
has a default web interface which integrates all core options and
makes it possible to manage large pentests easily. Similar to owtf or
minion, but using Docker containers and scalable for clouds.
5. Chellam
• Chellam is a Wi-Fi IDS/Firewall for Windows. Chellam can detect
Wi-Fi attacks, such as Honeypots, Evil Twins, Mis-association, and
Hosted Network based backdoors etc., against a Windows based client
without the need of custom hardware or drivers.
• The tool also allows you to create Firewall like rule sets for Wi-Fi
networks and create alerts etc. when there is a rule mismatch.
6. CuckooDroid – An Automated Malware
Analysis Framework
• To combat the growing problem of Android malware, we present a
new solution based on the popular open source framework Cuckoo
Sandbox to automate the malware investigation process. This
extension enables the use of Cuckoo’s features to analyze Android
malware and provides new functionality for dynamic and static
analysis.
• This framework is an all in one solution for malware analysis on
Android. It is extensible and modular, allowing the use of new, as well
as existing, tools for custom analysis.
7. Damn Vulnerable iOS App (DVIA)
• Damn Vulnerable iOS App (DVIA) is an iOS application that is damn
vulnerable. The main goal is to provide a platform to mobile security
enthusiasts/professionals or students to test their iOS penetration
testing skills in a legal environment.
• This application covers all the common vulnerabilities found in iOS
applications (following OWASP top 10 mobile risks) and contains
several challenges that the user can try. This application also contains
a section where a user can read various articles on iOS application
security.
8. Mana
• Mana Toolkit is a Wi-Fi rogue access point toolkit whose purpose is
getting as many clients connected, and getting as many credentials
from their connections. It was first presented at Defcon 22 last year
(https://youtu.be/i2-jReLBSVk).
• It started as an attempt to get KARMA attacks working again, but
ended up going much further. This is planned to extended further is
future.
9. ShinoBOT
• ShinoBOT is a RAT simulator to evaluate an organization’s ability to
protect its networks from an advanced targeted attack. It has the basic
RAT functionality.
Execute any command
Upload / Download any file
Take a screenshot
Key logging (new)
• It has also many components to make ShinoBOT powerful and hard
to be detected, which is called ShinoBOT Suite. It contains exploit
(shortcut attack, macro attack, extension spoofing), DGA, crypt,
decoy file, downloader, dropper, icon spoofing, etc. And the C&C
server is provided as a service, so you do not need to prepare a
server.
10. SpeedPhishing Framework (SPF)
• SPF is an open source simple email phishing tool/framework which
can assist penetration testers in quickly deploying phishing exercises
in minimal time. The tool, when provided minimal input (such as just
a domain name), can automatically search for potential targets,
deploy multiple phishing websites, craft and send phishing emails to
the targets, record the results, generate a basic report, among other
more advanced tasks.
• Features include:
Written in Python
Can be run fully Automated
Automated Target Identification
Profiling of Target Company
11. Sqlchop
• This awesome new tool, sqlchop, is a new SQL injection detection
engine, using a pipeline of smart recursive decoding, lexical analysis
and semantic analysis. It can detect SQL injection query with
extremely high accuracy and high recall with 0day SQLi detection
ability, far better than nowadays’ SQL injection detection tools, most
of which based on regex rules.
• We proposed a novel algorithm to achieve both blazing fast speed and
accurate detection ability using SQL syntax analysis.
• This tool will provide a web interface to demonstrate the new engine.
And some CTF-like SQL injection challenges can be executed. Hackers
are welcomed to have a try.
12. TARDIS
• Tripwire Automated Reconnaissance and Deep Inspection System
(TARDIS) is a framework which ties together threat feed data such as
STIX and vulnerability scan data and references log repositories for
indicators of compromise (IoC).
• Threat feeds and log repositories contain mountains of data that can
be difficult to manage. TARDIS pulls relevant data from each and
outputs the filtered data which matters to information security
operation teams.
• During Arsenal, we’ll show live attacks, exploits and detection
mechanisms with TARDIS. Learn how to integrate the tool into your
existing infrastructure and how to add value through additional
threat feed data.
13. YARD Stick One
• Featuring an external antenna connector, transmit and receive
amplification, and plenty of expansion options, YARD Stick One is the
most powerful CC1111 board available.
• Unlike previous devices based on the CC1111 transceiver, it operates
effectively over the entire frequency range of the transceiver IC, and
it is open source hardware.