Black Hat Arsenal EU 2017

On October 1, 2017 @toolswatch announced the tools selected for Black Hat Arsenal Europe 2017.

Most of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories. The tools are arranged according to their tracks. If you like the tool, go to its repository and click Watch to keep updated on the latest commits and pushes.

Some tools will be updated during/after the Arsenal event. Links to the GitHub repositories of those tools will be eventually updated in this article.

Android, iOS and Mobile Hacking

• BadIntent — Integrating Android with Burp
  https://github.com/mateuszk87/BadIntent
  Presenter: Mateusz Khalil (@mateuszk87)
• DirtyTooth for Raspberry Pi (DirtyPi)
  https://github.com/ElevenPaths/DirtyTooth-RaspberryPi
  Presenter: Álvaro Nuñez-Romero
• Objection
  https://github.com/sensepost/objection
  Presenter: Leon Jacobs (@leonjza)

Cryptography

• Thalos — Simple and Secure Approach to Storage in Untrusted Environments
  https://github.com/ecleipteon/Thalos
  Presenter: Luca Maria Castiglione (@ecleipteon)

Data Forensics and Incident Response

• CERTitude — An Open-Source and Agentless Compromise Assessment Tool
  https://github.com/CERT-W/certitude
  Presenters: Jean Marsault (@iansus), Vincent NGUYEN (@nguvin)
• CyBot — Open-Source Threat Intelligence Chat Bot (Revamped)
  https://github.com/CylanceSPEAR/CyBot
  Presenter: Tony Lee
• NG-NetMS & OPTOSS Plus
  https://github.com/opt-oss/NG-NetMS
  Presenter: Taras Matselyukh

Exploitation and Ethical Hacking

• 2FAssassin
  https://github.com/maxwellkoh/2FAssassin
  Presenter: Maxwell Koh
• Exploit Pack
  https://github.com/juansacco/exploitpack
  Presenter: Juan Sacco (@juansacco)
• UAC-A-Mola
  https://github.com/ElevenPaths/uac-a-mola
  Presenters: Pablo González Pérez (@pablogonzalezpe), Santiago Hernández Ramos (@santiagohramos)

Hardware/Embedded

• DYODE, a DIY, Low-Cost Data Diode for ICS
  https://github.com/arnaudsoullie/dyode
  Presenter: Arnaud Soullié (@arnaudsoullie)

Human Factors

• PunyDomainCheck — Phishing Site Investigator
  https://github.com/anilyuk/punydomaincheck
  Presenters: Anil Yuksel , Mert Karatas

Internet of Things

• WHID Injector — How to Bring HID Attacks to the Next Level
  https://github.com/whid-injector/WHID
  Presenter: Luca Bongiorni (@LucaBongiorni)

Malware Defense

• Aktaion v2 — Open Source Machine Learning and Active Defense Tool
  https://github.com/jzadeh/Aktaion
  Presenters: Joseph Zadeh (@JosephZadeh), Rod Soto (@rodsoto)

Network Attacks

• DET (Data Exfiltration Toolkit)
  https://github.com/sensepost/DET
  Presenter: Paul Amar (@PaulWebSec)
• FruityC2
  https://github.com/xtr4nge/FruityC2
  Twitter: @FruityWifi
  Presenter: xtr4nge (@xtr4nge)

Network Defense

• ACE (Automated Collection and Enrichment Platform)
  https://github.com/Invoke-IR/ACE
  Presenters: Jared Atkinson (@jaredcatkinson), Robby Winchester (@robwinchester3)
• Cloud Security Suite — One Stop Tool for AWS Security Audit
  https://github.com/SecurityFTW/cs-suite
  Presenters: Jayesh Chauhan (@jayeshsch)
• WiPi-Hunter — WiFi-Pineapple Activities Detection
  https://github.com/WiPi-Hunter
  Presenters: Besim Altinok (@AltnokBesim), Mustafa Altinkaynak (@m_altinkaynak)

OSINT — Open Source Intelligence

• Datasploit — Automated Open Source Intelligence (OSINT) Tool
  https://github.com/DataSploit/datasploit
  Twitter: @datasploit
  Presenter: Shubham Mittal (@upgoingstar)
• Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
  https://github.com/dradis/dradis-ce
  Twitter: @dradisfw
  Presenter: Daniel Martin (@etdsoft)
• OSINT-SPY
  https://github.com/SharadKumar97/OSINT-SPY
  Twitter: @osint_spy
  Presenter: Sharad Kumar (@sk_security)

Vulnerability Assessment

• OpenSCAP and SCAP Security Guide
  https://github.com/OpenSCAP/openscap
  Presenter: Martin Preisler (@MartinPreisler)
• PowerSAP — Powershell Tool to Assess SAP Security
  https://github.com/airbus-seclab/powersap
  Presenter: Joffrey Czarny

Web AppSec

• ModSecurity 3.0.0
  https://github.com/SpiderLabs/ModSecurity
  Presenters: Felipe Zimmerle (@zimmerle), Victor Hora (@victorhora)
• OWASP ZAP
  https://github.com/zaproxy/zaproxy
  Presenter: Simon Bennetts (@psiinon)
• PyMultiTor
  https://github.com/realgam3/pymultitor
  Presenter: Tomer Zait (@realgam3)
• Reflector — Burp Suite Extension
  https://github.com/elkokc/reflector
  Presenters: Alexander Shvetsov , Egor Dimitrenko (@elk0kc)
• Seccubus
  https://github.com/schubergphilis/Seccubus
  Presenter: Frank Breedijk (@seccubus)
• XSSER — From XSS to RCE 2.75
  https://github.com/Varbaek/xsser
  Presenter: Hans-Michael Varbaek

If you haven’t looked at the selected tools, check the below embed to view the complete details of the tools and its presenters.

Black Hat Arsenal Europe 2017 Lineup

If you liked this article, click 👏 👏 👏 button and share so that other people will see it here on Medium.