7 Cool Cyberattack and Audit Tools to be Highlighted at Black Hat Europe
Platforms, open source tools, and other toolkits for penetration testers and other security practitioners will be showcased at this week's virtual event.
November 12, 2020
Black Hat Europe will showcase a number of new and evolving tools that can help penetration testers, red teams, and even blue teams up their game in identifying weaknesses in their people, processes, and technology. The following are seven cyberattack and audit tools to check out at this week's event (virtually, of course), Dec. 7 to 10.
Agile and DevSecOps teams need threat modeling tools that can evolve with the constant changes wrought on the software code base through continuous development practices. Threagile is an agile threat modeling toolkit that aspires to offer these teams a threat-model-as-code type of platform to perform threat modeling in an agile declarative fashion. It offers a risk evaluation that can be altered in step with the software, shifting gears via a simple-to-maintain YAML file that can be modified as information about data assets, technical assets, communication links, and trust boundaries are changed. Threagile can be run via command line or as a REST server.
Many of the big data exposures in recent years have come by way of credentials and secrets that are stored insecurely in cloud-based development environments. Git Wild Hunt is a new tool designed for penetration testers and security pros to scour their GitHub repositories for dozens of credentials that could put their infrastructure at risk. This includes over 30 flavors of different authentication tokens, API keys, and stored secrets.
Initially developed by academic researchers to devise novel SIP-based distributed denial-of-service (DDoS) attacks, Mr.SIP has progressed into a fully functional SIP-based penetration testing tool ideal for probing weaknesses in voice-over-IP (VoIP) infrastructure. At the most basic level, it can enumerate VoIP components and services within a network topology, providing basic visibility information on vendor, brand, and version, along with vulnerabilities and configuration errors. It can also probe those weaknesses by manipulating call information, lobbing DoS attacks, breaking user passwords, and testing the server system through the use of irregular messages.
As Elasticsearch grows in importance within enterprise environments, attackers are increasingly turning their sights to this nonrelational database platform, which thus far has proved to be a soft target with many an insecurely deployed instance. Strafer is designed to help security researchers and pen testers detect infections on Elasticsearch instances, including ransomware, botnet infections, Internet-facing information exposures, and infected indices.
Typosquatting has long been a tactic of cybercriminals for perpetrating phishing and other impersonation scams. The widescale adoption of cloud platforms like Office 365 has made it easier than ever to spin up bogus domains for a variety of attack scenarios. O365Squatting makes it easier to identify risky domains in O365 infrastructure in order to detect attack domains before phishing campaigns begin. The tool creates a list of typosquatted domains based on the domain provided by the user, checking all domains against 0365 infrastructure that doesn't appear on a DNS request.
AttackForge is a pen-test management and collaboration platform that provides the tools and workflows that can help everyday penetration testers manage the entire process of testing and reporting, from start to finish. The platform is free to use, with an enterprise support version. It includes an issue library with 1,300 different issues that can be imported and customized for reports, as well as provide API functionality to import vulnerabilities from popular testing tools.
The presentation of Cotopaxi at Black Hat Europe isn't a first look for the security community -- it was already presented at Black Hat USA and at DEFCON -- but the toolkit continues to evolve with frequent updates. Led by the security team at Samsung, this open source project provides a slew of different testing tools for probing the Internet of Things (IoT), industrial IoT, and machine-to-machine protocols. The idea is to extend the reach of pen testers who have been limited by typical tools, like nmap, that don't support a full slate of IoT protocols.
The presentation of Cotopaxi at Black Hat Europe isn't a first look for the security community -- it was already presented at Black Hat USA and at DEFCON -- but the toolkit continues to evolve with frequent updates. Led by the security team at Samsung, this open source project provides a slew of different testing tools for probing the Internet of Things (IoT), industrial IoT, and machine-to-machine protocols. The idea is to extend the reach of pen testers who have been limited by typical tools, like nmap, that don't support a full slate of IoT protocols.
Black Hat Europe will showcase a number of new and evolving tools that can help penetration testers, red teams, and even blue teams up their game in identifying weaknesses in their people, processes, and technology. The following are seven cyberattack and audit tools to check out at this week's event (virtually, of course), Dec. 7 to 10.
Read more about:
Black Hat NewsAbout the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024