Wednesday

A list of tools from Defcon 16 and some extras



Rob Fuller aka Mubix did a guest editorial at Zero Day with the Tools released during Defcon 16.

The tools include the following:

Beholder: An open source wireless IDS program

The Middler: The end-all be-all of MITM tools

ClientIPS: An open source inline “transparent” client-side IPS

Marathon Tool: A Blind SQL Injection tool based on heavy queries

The Phantom Protocol: A Tor-like protocol that fixes some of Tor’s major attack vectors

ModScan: A SCADA Modbus Network Scanner

Grendel Scan: Web Application scanner that searches for logic and design flaws as well as the standard flaw seen in the wild today (SQL Injection, XSS, CSRF)

iKat: A web site that is dedicated to helping you break out of Kiosk jails

DAVIX: A SLAX based Linux Distro that is geared toward data/log visualization

CollabREate: An IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project.

Dradis: A tool for organizing and sharing information during a penetration test

WhiteSpace: A script that can hide other scripts such as CSRF and iframes in spaces and tabs

VoIPer: VoIP automated fuzzing tool with support for a large number of VoIP applications and protocols

Barrier: A browser plugin that pen-tests every site that you visit.

Psyche: An advanced network flow visualization tool that is not soley based on time.

All links can be found here. For the tools that were only on the Defcon CD and who are not online, here is a downloadable Defcon iso.

Bonus material (not in the list above)

1. Soon the be published, the tool from the presentation "[Pushing a Camel through the eye of a Needle]" called reDuh.
In 2007 SensePost demonstrated the how DNS and Timing attacks could be used for a variety of attacks. This year we take those attacks further and show how small footholds in a target network can be converted into portals we can (and do) drive trucks through.
2. One non Defcon related Tool but quite important:

Since Version 3, Nessus turned to a proprietary model and started charging for the latest plugins. This is why based on the latest available code, a properly organised forked development was made with the name of OpenVAS. Finally, again a free Vulnerability Scanner.

OpenVAS-Client is released under GNU GPLv2 and may be linked with OpenSSL.

You can download OpenVAS here:

OpenVAS Client
OpenVAS Server

Or here is the official OpenVAS site for more information.

(Photo under creative commons from guccio Photostream)

Posted by Security4all at 20.8.08

Labels: ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)