The Las Vegas Black Hat Arsenal during August 2017 was a total blast. Now, we are returning back to London with over 40 tools.
The presenters are as well invited to submit their tools to the “Official Black Hat Arsenal Security Tools Repository“ to keep a track and to provide to users/audience an one-stop repository of every thing demoed during the past years/session.
Most of the selected tools are already present on GitHub and some are yet to be uploaded. This article contains the links to their respective repositories.
Android, iOS and Mobile Hacking
- Objection
https://github.com/sensepost/objection - BADINTENT – INTEGRATING ANDROID WITH BURP
https://github.com/mateuszk87/BadIntent
Data Forensics and Incident Response
- CYBOT – OPEN-SOURCE THREAT INTELLIGENCE CHAT BOT (REVAMPED)
https://github.com/CylanceSPEAR/CyBot - NG-NETMS & OPTOSS PLUS
https://sourceforge.net/projects/ngnms/
Exploitation and Ethical Hacking
- DPAPI AND DPAPI-NG – DECRYPTION TOOLKIT
https://cqureacademy.com/blog/windows-internals/black-hat - UAC-A-MOLA
https://github.com/ElevenPaths/uac-a-mola - EXPLOIT PACK
https://github.com/juansacco/exploitpack - 2FASSASSIN
https://github.com/maxwellkoh/2FAssassin
Hardware/Embedded
- DYODE – A DIY, LOW-COST DATA DIODE FOR ICS
https://github.com/wavestone-cdt/dyode
Internet of Things
- WHID INJECTOR – HOW TO BRING HID ATTACKS TO THE NEXT LEVEL
https://github.com/whid-injector/WHID
Malware Defense
- MYSTIQUE
https://github.com/MinervaLabsResearch/Mystique - AKTAION V2 – A MACHINE LEARNING OPEN-SOURCE & ACTIVE DEFENSE (ORCHESTRATION) TOOL
https://github.com/jzadeh/aktaion2
Network Attacks
- DET (DATA EXFILTRATION TOOLKIT)
https://github.com/sensepost/DET - FruityC2
https://github.com/xtr4nge/FruityC2
Network Defense
- ACE (AUTOMATED COLLECTION AND ENRICHMENT PLATFORM)
https://github.com/Invoke-IR/ACE - CLOUD SECURITY SUITE – ONE STOP TOOL FOR AWS SECURITY AUDIT
https://github.com/SecurityFTW/cs-suite - ID2T – THE INTRUSION DETECTION DATASET GENERATION TOOLKIT
https://git.tk.informatik.tu-darmstadt.de/SPIN/ID2T-toolkit - WIPI-HUNTER – WIFI-PINEAPPLE ACTIVITIES DETECTION
https://github.com/WiPi-Hunter
OSINT – Open Source Intelligence
- Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
https://github.com/dradis/dradis-ce - DATASPLOIT – OSINT FRAMEWORK
https://github.com/DataSploit/datasploit - OSINT-SPY
https://github.com/SharadKumar97/OSINT-SPY - TINFOLEAK
http://www.vicenteaguileradiaz.com/tools/
Vulnerability Assessment
- OPENSCAP AND SCAP SECURITY GUIDE
https://github.com/OpenSCAP/scap-security-guide - POWERSAP – POWERSHELL TOOL TO ASSESS SAP SECURITY
https://github.com/airbus-seclab/powersap - SECCUBUS
https://github.com/schubergphilis/Seccubus
Web AppSec
- MODSECURITY 3.0.0
https://github.com/SpiderLabs/ModSecurity/wiki/ModSecurity-version-3-RC1 - REFLECTOR – BURP SUITE EXTENSION
https://github.com/elkokc/reflector - XSSER – FROM XSS TO RCE 2.75
https://github.com/Varbaek/xsser - OWASP ZAP
https://github.com/zaproxy/zaproxy - PYMULTITOR
https://github.com/realgam3/pymultitor