8 Hot Hacking Tools to Come out of Black Hat USA
High-impact tools for white hats that will be revealed and released next month at Black Hat USA in Las Vegas.
June 23, 2017
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltdd4e19713bb4a345/64f0d89815ed142db7ad5e63/01-tools.jpeg?width=700&auto=webp&quality=80&disable=upscale)
Late July and early August are a bit like summer camp and Christmas rolled into one for your typical white hat penetration tester. Not only does the yearly Black Hat USA confab in Vegas give them the opportunity to step away from the keyboard to share ideas and socialize with like-minded friends and colleagues, but it also usually provides a cornucopia of new tools for hacking the heck out of enterprise systems.
This year is no different. Expect a full slate of new tools coming out of the Black Hat Briefings and Arsenel talks.
Here are a few highlights.
Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada, July 22-27, 2017. Click for information on the conference schedule and to register.
Presenting Researchers: Clint Gibler and Noah Beddome of NCC Group, Developing Trust and Getting Betrayed
Designed to help pen testers break into machines and spread across development environments, GitPwnd evades detection by inserting attackers into common dev workflows. The name of the game, say Gibler and Beddome, is attacking trust relationships between code, platforms, developers, and their parent organization.
Presenting Researchers: Christopher Domas of Battelle Memorial Institute, Breaking the x86 Instruction Set
This toolset is meant to help white hats probe the weaknesses of processors. Domas will release the tool in a talk that will detail creative processor fuzzing techniques that can sift through the x86 instruction set to look for hardware glitches and related software vulnerabilities.
Presenting Researchers: Jinho Jung, Chanil Jeon, Max Wolotsky, Insu Yun and Taesoo Kim of Georgia Tech, AVPASS: Leaking and Bypassing Antivirus Detection Model Automatically
Researchers from Georgia Tech's Intel Science & Technology Center for Adversary-Resilient Security Analytics (ITSC-ARSA) will demonstrate the power of breaking security by defeating the math behind analytics-based detection. They'll release a tool called AVPASS, which can effectively spy on Android anti-malware detection models and manipulate malicious apps' APKs to disguise Android malware from the security software.
Presenting Researchers: Romain Coltel and Yves Le Provost of Alsid, WSUSpendu: How to Hang WSUS Clients
If you can compromise the domain a WSUS server is located on and escalate to an administrator account, WSUSpendu puts a whole lot more than that at your finger tips. Developed by French researchers, this script gives pen testers the power to create malicious updates, inject them into the WSUS server database, and distribute those goodies at will, even to air-gapped systems on disconnected networks.
Presenting Researchers: Amit Klein and Itzik Kotler of SafeBreach, The Adventures of AV and the Leaky Sandbox
AV powered by vast stores of intelligence in the cloud has been a big boon to security, but with the release of this new tool, Klein and Kotler are exposing a big downside. The connection used between the endpoint and the cloud can be manipulated to act as a most excellent attack sidechannel. They developed the tool to help demonstrate an exfiltration technique, even on high-security endpoints protected with strict egress filtering.
Presenting Researchers: Tal Be'ery, independent researcher, and Tal Maor of Microsoft, The Industrial Revolution of Lateral Movement
The lifeblood of modern attack strategies is all in lateral movement. The more swiftly an attacker can hop from one system to another, escalating privileges along the way, the more effective they'll be in stealing targeted data and compromising high-value systems. This open source tool automates lateral movement in a way that reduces the cost to attackers of running mass attacks that hit the target every time.
Presenting Researchers: Jean-Philippe Aumasson and Yolan Romailler of Kudelski Security, Automated Testing of Crypto Software Using Differential Fuzzing
The presenters demo and release this differential fuzzing tool that can detect vulnerabilities in common cryptographic API, including RSA encryption, elyptic-curve cryptography, and symmetric-key schemes.
Presenting Researchers: Luca Carettoni of Doyensec, Electronegativity - A Study of Electron Security
As native desktop apps make a comeback, Github Electron's cross-platform developer framework grows in popularity. This tool helps pen testers audit Electron-based apps and will be released as a part of an overall discussion of Electron's security model, as well as the common design-level weaknesses and implementation bugs in Electron-based applications.
Presenting Researchers: Luca Carettoni of Doyensec, Electronegativity - A Study of Electron Security
As native desktop apps make a comeback, Github Electron's cross-platform developer framework grows in popularity. This tool helps pen testers audit Electron-based apps and will be released as a part of an overall discussion of Electron's security model, as well as the common design-level weaknesses and implementation bugs in Electron-based applications.
Late July and early August are a bit like summer camp and Christmas rolled into one for your typical white hat penetration tester. Not only does the yearly Black Hat USA confab in Vegas give them the opportunity to step away from the keyboard to share ideas and socialize with like-minded friends and colleagues, but it also usually provides a cornucopia of new tools for hacking the heck out of enterprise systems.
This year is no different. Expect a full slate of new tools coming out of the Black Hat Briefings and Arsenel talks.
Here are a few highlights.
Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada, July 22-27, 2017. Click for information on the conference schedule and to register.
Read more about:
Black Hat NewsAbout the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024