보안에 관심을 두고 있는 분이라면 누구나 한번쯤은 가고 싶은 곳이 바로 DEFCON입니다. 저도 가고 싶습니다. -.-
이번에 열린 DEFCON에서 관련된 Tools 를 퍼왔습니다. 보통 DEFCON, blackhat에서 컨퍼런스를 하면 관련된 툴을 가지고 몇일후면 사고가 많이 일어납니다.
특히 중국쪽에서 바로 테스팅을 우리나라쪽으로 많이 하거나 약간 수정해서 강력하게 만들기도 합니다.
중국쪽에 크래서 형상을 띄는 인명이 약 500만명이라고 하니.. 비교로 우리나라 대학생 수는 약 100만명입니다.
Beholder – by Nelson Murilo and Luis Eduardo
Description: An open source wireless IDS program
Homepage Link: http://www.beholderwireless.org/
Email Address: bh@beholderwireless.org
The Middler – by Jay Beale
Description: The end-all be-all of MITM tools
Homepage Link: http://www.themiddler.com/ (Online?)
Preface Link: http://www.intelguardians.com/themiddler.html
ClientIPS – by Jay Beale
Description: An open source inline “transparent” client-side IPS
Homepage Link: http://www.ClientIPS.org/ (Online?)
Marathon Tool – by Daniel Kachakill
Description: A Blind SQL Injection tool based on heavy queries
Download Link: DEFCON 16 CD. No online link found.
Email Address: dani@kachakil.com
The Phantom Protocol – by Magnus Brading
Description: A Tor-like protocol that fixes some of Tor’s major attack vectors
Homepage Link: http://code.google.com/p/phantom
Email Address: brading@fortego.se
ModScan – by Mark Bristow
Description: A SCADA Modbus Network Scanner
Homepage Link: http://modscan.googlecode.com/
Email Address: mark.bristow@gmail.com
Grendel Scan – by David Byrne
Description: Web Application scanner that searches for logic and design flaws as well as the standard flaw seen in the wild today (SQL Injection, XSS, CSRF)
Homepage Link: http://grendel-scan.com/
iKat – interactive Kiosk Attack Tool (This site has an image as a banner that is definitely not safe for work! – You have been warned) by Paul Craig
Description: A web site that is dedicated to helping you break out of Kiosk jails
Homepage Link: http://ikat.ha.cked.net
Email Address: paul.craig@security-assessment.com
DAVIX – by Jan P. Monsch and Raffael Marty
Description: A SLAX based Linux Distro that is geared toward data/log visualization
Homepage Link: http://code.google.com/p/davix/
Download Link: http://www.geekceo.com/davix/davix-0.5.0.iso.gz
Email Addresses: jan.monsch@iplosion.com and raffy@secviz.org
CollabREate – by Chris Eagle and Tim Vidas
Description: An IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project.
Homepage Link: http://www.idabook.com/defcon
Email Addresses: cseagle@gmail.com and tvidas@gmail.com
Dradis – by John Fitzpatrick
Description: A tool for organizing and sharing information during a penetration test
Homepage: http://dradis.sourceforge.net
Email Address: john.fitzpatrick@mwrinfosecurity.com
Squirtle – by Kurt Grutzmacher
Description: A Rouge Server with Controlling Desires that steals NTLM hashes.
Homepage: http://code.google.com/p/squirtle (Live?)
Email Address: grutz@jingojango.net
WhiteSpace – by Kolisar
Description: A script that can hide other scripts such as CSRF and iframes in spaces and tabs
Download Link: DEFCON 16 CD
VoIPer – by nnp
Description: VoIP automated fuzzing tool with support for a large number of VoIP applications and protocols
Homepage Link: http://voiper.sourceforge.net/
Barrier – by Errata Security
Description: A browser plugin that pen-tests every site that you visit.
Homepage Link: http://www.erratasec.com
Email Address: sales@erratasec.com
Psyche – by Ponte Technologies
Description: An advanced network flow visualization tool that is not soley based on time.
Homepage Link: http://psyche.pontetec.com/
원문 - http://blogs.zdnet.com/security/?p=1735
