Tools Released at DEF CON

Tools Released at DEF CON 16

PE-Scrambler

by Nick Harbour

• Description: (pending update)
• Homepage Link: http://www.rnicrosoft.net/
• Email Address: nick.harbour [at] gmail ]dot[ com
• Local Copy: https://media.defcon.org/dc-16/tools/PEScrambler_v0_1.zip

Packet-O-Matic

by Guy Martin

• Description: “A real time packet processor” - It extracts and can reinject packets. This includes VoIP calls in real time, Cable Modem (DOCSIS) traffic, and a whole host of others.
• Homepage Link: http://www.packet-o-matic.org/
• Email Address: gmsoft [at] tuxicoman ]dot[ be
• Local Copy: https://media.defcon.org/dc-16/tools/packet-o-matic-svn-20080814.tar.gz

SA Exploiter

by Securestate

• Description: A GUI SQL Injection tool that creates SQL injection queries and brakes the 64k barrier using MS Debugger.
• Homepage Link: http://securestate.com/pages/free-tools.aspx
• Local Copy: https://media.defcon.org/dc-16/tools/sa_exploiter.rar

Fast-Track

by Securestate

• Description: A python based tool that automates several different types of attacks including Metasploit’s Autopwn and SQL Injection
• Homepage Link: http://securestate.com/pages/free-tools.aspx
• Local Copy: https://media.defcon.org/dc-16/tools/fasttrack.tgz

Beholder

by Nelson Murilo and Luis Eduardo

• Description: An open source wireless IDS program
• Homepage Link: http://www.beholderwireless.org/
• Email Address: bh [at] beholderwireless ]dot[ org
• Local Copy: https://media.defcon.org/dc-16/tools/beholder_wireless-0.8.6.tgz

BSODomizer

by Joe Grand (Kingpin) and Zoz

• Description: A gadget that interfaces between a computer and a VGA monitor and flashes a fake BSOD (Blue Screen of Death) at random time intervals or when triggered by an infrared remote control.
• Homepage Link: http://www.bsodomizer.com
• Email Address: kp [at] kingpinempire ]dot[ com

The Middler

by Jay Beale

• Description: The end-all be-all of MITM tools
• Homepage Link: http://code.google.com/p/middler/
• Alternate Link: http://www.inguardians.com/tools/
• Download Link: http://middler.googlecode.com/files/middler-1.0.tgz

ClientIPS

by Jay Beale

• Description: An open source inline “transparent” client-side IPS
• Homepage Link: http://www.ClientIPS.org/ (Online?)

Marathon Tool

by Daniel Kachakill

• Description: A Blind SQL Injection tool based on heavy queries
• Download Link: http://www.codeplex.com/marathontool
• Email Address: dani [at] kachakil ]dot[ com
• Local Copy: https://media.defcon.org/dc-16/tools/MarathonTool.zip

The Phantom Protocol

by Magnus Brading

• Description: A Tor-like protocol that fixes some of Tor’s major attack vectors
• Homepage Link: http://code.google.com/p/phantom
• Email Address: brading [at] fortego ]dot[ se

ModScan

by Mark Bristow

• Description: A SCADA Modbus Network Scanner
• Homepage Link: http://modscan.googlecode.com/
• Email Address: mark.bristow [at] gmail ]dot[ com
• Local Copy: https://media.defcon.org/dc-16/tools/modscan_0.1.tar

Grendel Scan

by David Byrne

• Description: Web Application scanner that searches for logic and design flaws as well as the standard flaw seen in the wild today (SQL Injection, XSS, CSRF)
• Homepage Link: http://grendel-scan.com/

iKatinteractive Kiosk Attack Tool

by Paul Craig
(This site has an image as a banner that is definitely not safe for work! You have been warned)

• Description: A web site that is dedicated to helping you break out of Kiosk jails
• Homepage Link: http://ikat.ha.cked.net
• Email Address: paul.craig [at] security-assessment ]dot[ com

DAVIX

by Jan P. Monsch and Raffael Marty

• Description: A SLAX based Linux Distro that is geared toward data/log visualization
• Homepage Link: http://code.google.com/p/davix/
• Download Link: http://www.geekceo.com/davix/davix-0.5.0.iso.gz
• Email Addresses: jan.monsch [at] iplosion ]dot[ com and raffy [at] secviz ]dot[ org

CollabREate

by Chris Eagle and Tim Vidas

• Description: An IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project.
• Homepage Link: http://www.idabook.com/defcon
• Email Addresses: cseagle [at] gmail ]dot[ com and tvidas [at] gmail ]dot[ com

VMware Pen-Testing Framework

by John Fitzpatrick

• Description: A collection of tools created to pen-test VMware environments
• Homepage: http://labs.mwrinfosecurity.com
• Email Address: john.fitzpatrick [at] mwrinfosecurity ]dot[ com

Dradis

by etd

• Description: A tool for organizing and sharing information during a penetration test
• Homepage: http://dradis.sourceforge.net
• Email Address: etd [at] nomejortu ]dot[ com
• Local Copy: https://media.defcon.org/dc-16/tools/dradis-v2.1.1.tar.gz & https://media.defcon.org/dc-16/tools/dradis-v2.1.1-setup.exe

Squirtle

by Kurt Grutzmacher

• Description: A rogue server with controlling desires that steals NTLM hashes.
• Homepage: http://code.google.com/p/squirtle
• Email Address: grutz [at] jingojango ]dot[ net
• Local Copy: https://media.defcon.org/dc-16/tools/squirtle-1.1a.zip

WhiteSpace

by Kolisar

• Description: A script that can hide other scripts such as CSRF and iframes in spaces and tabs
• Download Link: DEF CON 16 CD

VoIPer

by nnp

• Description: VoIP automated fuzzing tool with support for a large number of VoIP applications and protocols
• Homepage Link: http://voiper.sourceforge.net/
• Local Copy: https://media.defcon.org/dc-16/tools/voiper-0.07.tar.gz

Barrier

by Errata Security

• Description: A browser plugin that pen-tests every site that you visit.
• Homepage Link: http://www.erratasec.com
• Email Address: sales [at] erratasec ]dot[ com

Psyche

by Ponte Technologies

• Description: An advanced network flow visualization tool that is not solely based on time.
• Homepage Link: http://psyche.pontetec.com/
• Local Copy: https://media.defcon.org/dc-16/tools/psyche-0.4.tar.gz