Skip to content

Latest commit

 

History

History
183 lines (117 loc) · 4.09 KB

BlackHat2018.md

File metadata and controls

183 lines (117 loc) · 4.09 KB

2018 Blackhat 工具列表

Android,iOS和移动黑客

易受攻击的iOS应用程序:Swift版 https://github.com/prateek147/DVIA-v2

代码评估

OWASP依赖性检查 https://github.com/jeremylong/DependencyCheck

美洲狮扫描 https://github.com/pumasecurity/puma-scan

加密

DeepViolet:SSL/TLS扫描API和工具 https://github.com/spoofzu/DeepViolet

数据取证和事件响应

初学者到专家 https://github.com/bro/bro

CyBot:开源威胁情报聊天机器人 https://github.com/CylanceSPEAR/CyBot

LogonTracer https://github.com/JPCERTCC/LogonTracer

rastrea2r(重新加载!):用Gusto和Style收集和狩猎IOC https://github.com/rastrea2r/rastrea2r

RedHunt OS(VM):用于对手仿真和威胁搜索的虚拟机 https://github.com/redhuntlabs/RedHunt-OS

剥削与道德黑客

AVET:AntiVirus Evasion Tool https://github.com/govolution/avet

DSP:Docker安全游乐场 https://github.com/giper45/DockerSecurityPlayground

hideNsneak:攻击混淆框架 https://github.com/rmikehodges/hideNsneak

梅林 https://github.com/Ne0nd0g/merlin

RouterSploit https://github.com/threat9/routersploit

硬件/嵌入式

ChipWhisperer https://github.com/newaetech/chipwhisperer

JTAGulator :揭开硬件安全的致命弱点 https://github.com/grandideastudio/jtagulator

Micro-Renovator:将处理器固件带入代码 https://github.com/syncsrc/MicroRenovator

TumbleRF:RF模糊变得容易 https://github.com/riverloopsec/tumblerf

Walrus:充分利用您的卡片克隆设备 https://github.com/TeamWalrus/Walrus

物联网

物联网设备的可扩展动态分析框架 https://github.com/sycurelab/DECAF

BLE CTF项目 https://github.com/hackgnar/ble_ctf

WHID注射器和WHID Elite:新一代HID攻击性设备 https://github.com/whid-injector/WHID

恶意软件防御

为每位安全研究人员提供高级深度学习分析平台 https://github.com/intel/Resilient-ML-Research-Platform

EKTotal https://github.com/nao-sec/ektotal

固件审计:Blue Teams和DFIR的平台固件安全自动化 https://github.com/PreOS-Security/fwaudit

MaliceIO https://github.com/maliceio/malice

目标 – 参见MacOS安全工具 https://github.com/ob jective-see

恶意软件进攻

BloodHound 1.5 https://github.com/BloodHoundAD/BloodHound

网络攻击

军械库 https://github.com/depthsecurity/armory

Chiron:一种先进的IPv6安全评估和渗透测试框架 https://github.com/aatlasis/Chiron

DELTA:SDN安全评估框架 https://github.com/OpenNetworkingFoundation/DELTA

Mallet:任意协议的拦截代理 https://github.com/sensepost/mallet

PowerUpSQL:用于在企业环境中攻击SQL Server的PowerShell工具包 https://github.com/NetSPI/PowerUpSQL

WarBerryPi https://github.com/secgroundzero/warberry

网络防御

ANWI(全新无线IDS):5美元的WIDS https://github.com/SanketKarpe/anwi

CHIRON:基于家庭的网络分析和机器学习威胁检测框架 https://github.com/jzadeh/chiron-elk

云安全套件:AWS / GCP / Azure安全审计的一站式工具 https://github.com/SecurityFTW/cs-suite

DejaVu:一个开源欺骗框架 https://github.com/bhdresh/Dejavu

OSINT – 开源智能

DataSploit 2.0 https://github.com/DataSploit/datasploit

Dradis 框架:了解如何将报告时间缩短一半 https://github.com/dradis/dradis-ce

逆向工程

Snake:恶意软件存储动物园 https://github.com/countercept/snake

智能电网/工业安全

GRFICS :工业控制模拟的图形现实主义框架 https://github.com/djformby/GRFICS

用于机器学习模型的对抗鲁棒性工具箱 https://github.com/IBM/adversarial-robustness-toolbox

Android动态分析工具(ADA) https://github.com/ANELKAOS/ada

射箭:开源漏洞评估和管理 https://github.com/archerysec/archerysec

boofuzz https://github.com/jtpereyda/boofuzz

BTA https://github.com/airbus-seclab/bta

深度利用 https://github.com/13o-bbr-bbq/machine_learning_security/tree/master/DeepExploit

Halcyon IDE:适用于Nmap脚本开发人员 https://github.com/s4n7h0/Halcyon

SimpleRisk https://github.com/simplerisk

TROMMEL https://github.com/CERTCC/trommel