DEFCON 16 Tools

Rob Fuller yesterday did an excellent guest post on the Zero Day ZDNet blog on the tools released at DEFCON 16. Here is the list of DEFCON 16 tools:

  • Beholder: An open source wireless IDS program by Nelson Murilo and Luis Eduardo
  • The Middler: The end-all be-all of MITM tools by Jay Beale
  • ClientIPS: An open source inline "transparent" client-side IPS by Jay Beale
  • Marathon Tool: A blind SQL injection tool based on heavy queries by Daniel Kachakill
  • The Phantom Protocol: A Tor-like protocol that fixes some of Tor’s major attack vectors by Magnus Brading
  • ModScan: A SCADA modbus network scanner by Mark Bristow
  • Grendel Scan: A web application scanner that searches for logic and design flaws as well as the standard flaw seen in the wild today (SQL injection, XSS, XSRF) by David Byrne
  • iKat – interactive Kiosk Attack Tool: A web site that is dedicated to helping you break out of Kiosk jails by Paul Craig
  • DAVIX: A SLAX based Linux Distro that is geared toward data/log visualization by Jan P. Monsch and Raffael Marty
  • CollabREate: An IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project by Chris Eagle and Tim Vidas
  • Dradis: A tool for organizing and sharing information during a penetration test by John Fitzpatrick
  • Squirtle: A rouge server with controlling desires that steals NTLM hashes by Kurt Grutzmacher
  • WhiteSpace: A script that can hide other scripts such as CSRF and iframes in spaces and tabs by Kolisar
  • VoIPer: VoIP automated fuzzing tool with support for a large number of VoIP applications and protocols by nnp
  • Barrier: A browser plugin that pen-tests every site that you visit by Errata Security
  • Psyche: An advanced network flow visualization tool that is not soley based on time by Ponte Technologies

Update: Rob’s master DEFCON 16 tools list will be at Room362.com in a post called DEFCON 16 – The Tools not the Toools. He recently lists a few more tools:

  • PE-Scrambler by Nick Harbour
  • Packet-O-Matic: “A real time packet processor” – It extracts and can reinject packets. This includes VoIP calls in real time, Cable Modem (DOCSIS) traffic, and a whole host of others by Guy Martin
  • SA Exploiter: A GUI SQL Injection tool that creates SQL injection queries and brakes the 64k barrier using MS Debugger by Securestate
  • Fast-Track: A python based tool that automates several different typs of attacks including Metasploit’s Autopwn and SQL Injection by Securestate

Bonus: Michael Brooks of Rook Security posted a goodie bag of web code as a thank you to all the people that attended his two talks.

2017-03-12T17:40:23-07:00 August 19th, 2008|Security Conferences, Security Tools|1 Comment

One Comment

  1. Magnus brading | Kcloanstore April 30, 2012 at 10:17 am

    […] DEFCON 16 Tools | Infosec Events […]

Leave A Comment