Black Hat Arsenal EU 2017
On October 1, 2017 @toolswatch announced the tools selected for Black Hat Arsenal Europe 2017.
Most of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories. The tools are arranged according to their tracks. If you like the tool, go to its repository and click Watch to keep updated on the latest commits and pushes.
Some tools will be updated during/after the Arsenal event. Links to the GitHub repositories of those tools will be eventually updated in this article.
Android, iOS and Mobile Hacking
- BadIntent — Integrating Android with Burp
https://github.com/mateuszk87/BadIntent
Presenter: Mateusz Khalil (@mateuszk87) - DirtyTooth for Raspberry Pi (DirtyPi)
https://github.com/ElevenPaths/DirtyTooth-RaspberryPi
Presenter: Álvaro Nuñez-Romero - Objection
https://github.com/sensepost/objection
Presenter: Leon Jacobs (@leonjza)
Cryptography
- Thalos — Simple and Secure Approach to Storage in Untrusted Environments
https://github.com/ecleipteon/Thalos
Presenter: Luca Maria Castiglione (@ecleipteon)
Data Forensics and Incident Response
- CERTitude — An Open-Source and Agentless Compromise Assessment Tool
https://github.com/CERT-W/certitude
Presenters: Jean Marsault (@iansus), Vincent NGUYEN (@nguvin) - CyBot — Open-Source Threat Intelligence Chat Bot (Revamped)
https://github.com/CylanceSPEAR/CyBot
Presenter: Tony Lee - NG-NetMS & OPTOSS Plus
https://github.com/opt-oss/NG-NetMS
Presenter: Taras Matselyukh
Exploitation and Ethical Hacking
- 2FAssassin
https://github.com/maxwellkoh/2FAssassin
Presenter: Maxwell Koh - Exploit Pack
https://github.com/juansacco/exploitpack
Presenter: Juan Sacco (@juansacco) - UAC-A-Mola
https://github.com/ElevenPaths/uac-a-mola
Presenters: Pablo González Pérez (@pablogonzalezpe), Santiago Hernández Ramos (@santiagohramos)
Hardware/Embedded
- DYODE, a DIY, Low-Cost Data Diode for ICS
https://github.com/arnaudsoullie/dyode
Presenter: Arnaud Soullié (@arnaudsoullie)
Human Factors
- PunyDomainCheck — Phishing Site Investigator
https://github.com/anilyuk/punydomaincheck
Presenters: Anil Yuksel , Mert Karatas
Internet of Things
- WHID Injector — How to Bring HID Attacks to the Next Level
https://github.com/whid-injector/WHID
Presenter: Luca Bongiorni (@LucaBongiorni)
Malware Defense
- Aktaion v2 — Open Source Machine Learning and Active Defense Tool
https://github.com/jzadeh/Aktaion
Presenters: Joseph Zadeh (@JosephZadeh), Rod Soto (@rodsoto)
Network Attacks
- DET (Data Exfiltration Toolkit)
https://github.com/sensepost/DET
Presenter: Paul Amar (@PaulWebSec) - FruityC2
https://github.com/xtr4nge/FruityC2
Twitter: @FruityWifi
Presenter: xtr4nge (@xtr4nge)
Network Defense
- ACE (Automated Collection and Enrichment Platform)
https://github.com/Invoke-IR/ACE
Presenters: Jared Atkinson (@jaredcatkinson), Robby Winchester (@robwinchester3) - Cloud Security Suite — One Stop Tool for AWS Security Audit
https://github.com/SecurityFTW/cs-suite
Presenters: Jayesh Chauhan (@jayeshsch) - WiPi-Hunter — WiFi-Pineapple Activities Detection
https://github.com/WiPi-Hunter
Presenters: Besim Altinok (@AltnokBesim), Mustafa Altinkaynak (@m_altinkaynak)
OSINT — Open Source Intelligence
- Datasploit — Automated Open Source Intelligence (OSINT) Tool
https://github.com/DataSploit/datasploit
Twitter: @datasploit
Presenter: Shubham Mittal (@upgoingstar) - Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
https://github.com/dradis/dradis-ce
Twitter: @dradisfw
Presenter: Daniel Martin (@etdsoft) - OSINT-SPY
https://github.com/SharadKumar97/OSINT-SPY
Twitter: @osint_spy
Presenter: Sharad Kumar (@sk_security)
Vulnerability Assessment
- OpenSCAP and SCAP Security Guide
https://github.com/OpenSCAP/openscap
Presenter: Martin Preisler (@MartinPreisler) - PowerSAP — Powershell Tool to Assess SAP Security
https://github.com/airbus-seclab/powersap
Presenter: Joffrey Czarny
Web AppSec
- ModSecurity 3.0.0
https://github.com/SpiderLabs/ModSecurity
Presenters: Felipe Zimmerle (@zimmerle), Victor Hora (@victorhora) - OWASP ZAP
https://github.com/zaproxy/zaproxy
Presenter: Simon Bennetts (@psiinon) - PyMultiTor
https://github.com/realgam3/pymultitor
Presenter: Tomer Zait (@realgam3) - Reflector — Burp Suite Extension
https://github.com/elkokc/reflector
Presenters: Alexander Shvetsov , Egor Dimitrenko (@elk0kc) - Seccubus
https://github.com/schubergphilis/Seccubus
Presenter: Frank Breedijk (@seccubus) - XSSER — From XSS to RCE 2.75
https://github.com/Varbaek/xsser
Presenter: Hans-Michael Varbaek
If you haven’t looked at the selected tools, check the below embed to view the complete details of the tools and its presenters.
If you liked this article, click 👏 👏 👏 button and share so that other people will see it here on Medium.