Thursday, August 21, 2008

Blackhat / Defcon 2008 Security Tool Round-up

Now that Blackhat and Defcon are over and most of us have recovered from the associated hang overs, it's fine time we review some of the great projects released at the events:


This addition to the SVN tree of Metasploit includes the KARMA wireless hacking toolkit enabling many fake-AP hijacking and side-jacking attacks. If you thought your CEO was in danger at Starbucks before, now you really have to look out! Karmasploit makes hijacking sessions, capturing passwords and redirecting traffic mind numbing easy. In addition a universal wireless driver with injection support was added called "airbase" to allow you to complete attacks with most off the shelf wireless cards.


A new cross platform full featured web application penetration tool. Grendelscan is has filled the void in a free open source tool thats cross platform (Win/Linux/OSX) nice GUI and very advanced feature set including XSS, SQL Injection, HTTP fuzzing and standard misconfiguration checks powered by an updated set of Nikto signatures. With HP and many others releasing watered down applications I see Grendelscan quickly becoming THE defacto tool in web app vulnerability testing.


An open-source wireless IDS system, with detection for injection, replay attacks, rouge AP's and hijacking attempts. Sounds like a promising tool especially for small-medium business to get a view into their wireless space and little budget for the mostly commercial WIDS systems. Yes Kismet does some of this but it was originally designed for wardriving and is not as featured as Beholder claims to be.


Obviously not a new tool but Fyodor announced extensive upgrades to the newest development version of nmap at Defcon. Most interesting upgrades are the faster scanning techniques based on common ports, better OS detection and last but not least a rockin new revamed GUI version Zenmap which has a mind blowing network mapping function which auto-creates a 3D network map showing host associations and ability to pan and tilt (the demo of this feature had the crowd in an uproar of excitement). Zenmap supports OSX in addition to Windows and Linux


Voiper is a toolkit for fuzzing and attacking VOIP protocols and devices. It currently only supports the SIP protocol but seems like a promising tool for penetration testing VOIP.

No comments: