8 Free Tools to Be Showcased at Black Hat and DEF CON
Expect a full slate of enterprise-class open source tools to take the spotlight when security researchers share their bounties with the community at large.
July 31, 2019
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt464f1a52312ff2fa/64f0d44f57224c7a38ce5f39/01.jpeg?width=700&auto=webp&quality=80&disable=upscale)
Image Source:Adobe Stock (@kasto)
PivotSuite
Red Team Network Pivoting Toolkit
The almighty network pivot — taking one small foothold on a network asset and moving laterally to compromise other machines and escalate privileges along the way — is a mainstay of modern attack techniques. PivotSuite was developed to provide penetration testers a toolkit for looking for areas in networks open to pivots. This standalone utility can be used as a server or a client and will be put through its paces by creator Manish Gupta at Black Hat Arsenal and DEFCON Demo Labs.
Image Source: Adobe Stock (santypan)
Trash Taxi
Superuser Discovery and Cleanup
Unrestricted administrator access is the bane of security control schemes in any large enterprise. In the real world, it's difficult to completely eradicate superuser accounts because there are plenty of legitimate reasons for operators and developers — and automated systems — to be granted these privileges to keep the IT cogs running. Nevertheless, edge cases and temporary access often extend into configuration drift. This is why Patrick Cable and the team at Threat Stack will be releasing Trash Taxi at Black Hat Arsenal, "to help us understand why people use 'sudo -i' and also clean up hosts that have had arbitrary commands run on them."
Image Source: Adobe Stock (chalabala)
RedHunt OS
Adversary Emulation and Threat Hunting Simulator
Security summer camp tools are for defenders, too. Case in point: RedHunt OS, an open source platform from RedHunt Labs that emulates adversaries and advanced logging and monitoring setups to help blue teams practice threat hunting in realistic situations. The OS also arms both blue and red teams with open source intelligence (OSINT) and threat intelligence tools. With a year of development underway, its creators will demo v2 of the platform at Black Hat Arsenal.
Image Source: Adobe Stock (Tomasz Zajda)
OWASP Amass
Asset Discovery and Attack Surface Network Mapping
Utilizing a combination of OSINT, network reconnaissance, graph databases, and information sharing to give both red and blue teams visibility into assets, OWASP Amass is a maturing open source tool for network mapping of attack surfaces and performing external asset discovery. It has been around for a couple of years now, but two of the key leaders in the Amass project will bring greater attention to it at DEF CON Demo Labs with an in-depth tour of its features and a presentation of tips and tricks about how to effectively use the tool.
Image Source: Adobe Stock (motortion)
Kube-Hunter
Kubernetes Pen Test Platform
The container orchestration tool Kubernetes is becoming an increasingly crucial part of enterprise architectures. As such, it is also introducing a lot of added risk due to insecure configurations and vulnerabilities. Maintained by the team at Aqua Security, Kube-Hunter is an open source tool for scanning and actively hunting security weaknesses in Kubernetes clusters. It has about a year of development under its belt and will be demoed at Black Hat Arsenal.
Image Source: Adobe Stock (Konstantin Yuganov)
EAPHammer
Enterprise Wireless Infrastructure Security Assessment Tool
Another fairly mature tool that initially saw its release at Black Hat Arsenal and DEF CON Demo Labs in 2017, EAPHammer performs targeted rogue access point attacks against enterprise wireless infrastructure, making it a solid tool for wireless assessments and red team engagements. The tool continues to evolve, and its creator will present a slate of new features at DEF CON Demo Labs.
Image Source: Adobe Stock (whyframeshot)
Barq
AWS Post-Exploitation Framework
Insecure Elastic Compute Cloud (EC2) instances and poorly secured secrets and parameters in Amazon Web Services (AWS) are a huge problem in enterprise architecture today. Barq is designed to help teams probe into these weaknesses. It's a post-exploitation framework that gives red teams the power to perform attacks on running AWS infrastructure, without having the original instance SSH keypairs. Using barq, teams can perform enumeration and extraction of stored secrets and parameters in AWS. Its creator will demo the tool at Black Hat Arsenal.
Image Source: Adobe Stock (ekaphon)
An AppSec Educational Framework
Modern Development Security Training Platform
To help the security community evolve the way it trains developers to securely code in the modern era of DevOps and continuous integration/continuous delivery (CI/CD) toolchains, a pair of presenters from Duo Security, now part of Cisco, and Hunter2, are releasing an open training platform that gives software engineers an interactive training lab for exploiting and patching modern Web applications in the framework of their choice — giving them the chance to learn principles in a way that makes sense for them.
Image Source: Adobe Stock (nd3000)
An AppSec Educational Framework
Modern Development Security Training Platform
To help the security community evolve the way it trains developers to securely code in the modern era of DevOps and continuous integration/continuous delivery (CI/CD) toolchains, a pair of presenters from Duo Security, now part of Cisco, and Hunter2, are releasing an open training platform that gives software engineers an interactive training lab for exploiting and patching modern Web applications in the framework of their choice — giving them the chance to learn principles in a way that makes sense for them.
Image Source: Adobe Stock (nd3000)
Image Source:Adobe Stock (@kasto)
Read more about:
Black Hat NewsAbout the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024