Top 10 Software to Detect & Prevent Security Vulnerabilities from

BlackHat USA Conference

Website: http://www.mobodexter.com Blogs: http://blogs.mobodexter.com

Chandramouli Srinivasan(Mouli)CEO & President MOBODEXTER INC

Chandramouli is a serial Entrepreneur who has co-founded MoboDexter Group companies & ViewFindAR that does Information Technology products & services in CAMS domain. 

Prior to starting MoboDexter, Mouli worked as a system software development/test engineer/lead and Manager in product R&D organization in Intel, Hewlett Packard and WIPRO. His experience includes 6 years of software product engineering in product R&D groups as an engineering manager in Intel and HP handling development and test programs. Specialty includes handling programs which involved recruiting and building new teams for handling new SW product R&D functions

PMI certified Project Management Professional (PMP) - PMBOK practitioner for the past 3 years and an Agile SCRUM practitioner for 4 years. I have filed 1 US patent and 2 Research publications in SW/FW domains and passionate about technical contributions to the projects and programs 

Mouli had additional experience of leading large org-wide programs/initiatives on -  Quality : Test transformation, Test Automation, orthogonal defect classification (ODC), Static Code analysis, product defect prediction models, Closed Loop Quality System (CLQS)Methodologies: Test driven development; Model based testing methodologies; Retention prediction model; Competency evaluation model adoptionsBusiness : Lean sigma, Outsourcing evaluation & strategy, Business optimization using Moore’s product adoption model, Data center optimization, innovation

BlackHat USA 2015 got recently concluded and we head a bunch of news around how BlackHat brought to light various security vulnerabilities in day-to-day life like ZigBee protocol, Device for stealing keyless cars & ATM card skimmers. However the presenters, who are also ethical hackers, also gave a bunch of tools to help software community to detect & prevent security holes in the hardware & software while the product is ready for release.  We have reviewed all the presentations from the conference and give you here a list ofTop 10 tools/utilities that helps in security vulnerability detection & prevention.

Bearded• Bearded is an open source Security Automation

platform. The platform allows Development, QA, and Security team members to perform automated web security scans with a set of tools (w3af, sslyze, nmap, arachni etc.), and re-execute those scans as needed.• All tools can be executed in the cloud in Docker

containers. Bearded has a default web interface which integrates all core options and makes it possible to manage large pentests easily. Similar to owtf or minion, but using Docker containers and scalable for clouds.

Chellam• Chellam is a Wi-Fi IDS/Firewall for Windows. Chellam can

detect Wi-Fi attacks, such as Honeypots, Evil Twins, Mis-association, and Hosted Network based backdoors etc., against a Windows based client without the need of custom hardware or drivers. • The tool also allows you to create Firewall like rule sets

for Wi-Fi networks and create alerts etc. when there is a rule mismatch.

CuckooDroid – An Automated Malware Analysis Framework• To combat the growing problem of Android malware, we

present a new solution based on the popular open source framework Cuckoo Sandbox to automate the malware investigation process. This extension enables the use of Cuckoo’s features to analyze Android malware and provides new functionality for dynamic and static analysis. • This framework is an all in one solution for malware

analysis on Android. It is extensible and modular, allowing the use of new, as well as existing, tools for custom analysis.

Damn Vulnerable iOS App (DVIA)• Damn Vulnerable iOS App (DVIA) is an iOS application

that is damn vulnerable. The main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. • This application covers all the common vulnerabilities

found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. This application also contains a section where a user can read various articles on iOS application security.

Mana• Mana Toolkit is a Wi-Fi rogue access point toolkit whose

purpose is getting as many clients connected, and getting as many credentials from their connections. It was first presented at Defcon 22 last year (https://youtu.be/i2-jReLBSVk). • It started as an attempt to get KARMA attacks working

again, but ended up going much further. This is planned to extended further is future.

ShinoBOT• ShinoBOT is a RAT simulator to evaluate an

organization’s ability to protect its networks from an advanced targeted attack. It has the basic RAT functionality.

Execute any commandUpload / Download any fileTake a screenshotKey logging (new)

• It has also many components to make ShinoBOT powerful and hard to be detected, which is called ShinoBOT Suite. It contains exploit (shortcut attack, macro attack, extension spoofing), DGA, crypt, decoy file, downloader, dropper, icon spoofing, etc. And the C&C server is provided as a service, so you do not need to prepare a server.

SpeedPhishing Framework (SPF)• SPF is an open source simple email phishing

tool/framework which can assist penetration testers in quickly deploying phishing exercises in minimal time. The tool, when provided minimal input (such as just a domain name), can automatically search for potential targets, deploy multiple phishing websites, craft and send phishing emails to the targets, record the results, generate a basic report, among other more advanced tasks.• Features include:

Written in PythonCan be run fully AutomatedAutomated Target IdentificationProfiling of Target Company

Sqlchop• This awesome new tool, sqlchop, is a new SQL injection

detection engine, using a pipeline of smart recursive decoding, lexical analysis and semantic analysis. It can detect SQL injection query with extremely high accuracy and high recall with 0day SQLi detection ability, far better than nowadays’ SQL injection detection tools, most of which based on regex rules. • We proposed a novel algorithm to achieve both blazing fast

speed and accurate detection ability using SQL syntax analysis.• This tool will provide a web interface to demonstrate the new

engine. And some CTF-like SQL injection challenges can be executed. Hackers are welcomed to have a try.

TARDIS• Tripwire Automated Reconnaissance and Deep

Inspection System (TARDIS) is a framework which ties together threat feed data such as STIX and vulnerability scan data and references log repositories for indicators of compromise (IoC). • Threat feeds and log repositories contain mountains of

data that can be difficult to manage. TARDIS pulls relevant data from each and outputs the filtered data which matters to information security operation teams. • During Arsenal, we’ll show live attacks, exploits and

detection mechanisms with TARDIS. Learn how to integrate the tool into your existing infrastructure and how to add value through additional threat feed data.

YARD Stick One• Featuring an external antenna connector, transmit and

receive amplification, and plenty of expansion options, YARD Stick One is the most powerful CC1111 board available. • Unlike previous devices based on the CC1111

transceiver, it operates effectively over the entire frequency range of the transceiver IC, and it is open source hardware.

Subscribe