Black Hat USA is happening in Las Vegas this August, and all attendees are invited to check out the Arsenal to network with others in the cybersecurity community and catch live demonstrations of the latest open-source security tools.
To get the most out of the Arsenal check out Black Hat Day Zero, a special primer for first-time attendees and returning Black Hat veterans to get the inside scoop on what to see and do. There, you’ll have a chance to hear about how tools are selected to appear in the Arsenal, how they benefit from attendee feedback, and what you should be spending your time seeing.
Plus, at the all-new Arsenal Lab you can enjoy live demos and expert guidance from top hardware hackers while you build, test, and hack all sorts of gadgets and devices.
There’s also a ton of great live demos on offer at the Black Hat USA Arsenal this year, including:
CQForensic: The Efficient Forensic Toolkit enables you to perform detailed computer forensic examinations. It guides you through the information-gathering process, providing data for analysis and extracting the evidence!
Ghost in the Browser: Backdooring with Shadow Workers will help you implant a pseudo-backdoor in a browser and ghost through a victim’s browser session to sniff, manipulate, and even proxy data silently. See a demo of the various persistence mechanisms this tool provides to keep service workers alive, and check out a compendium tool that provides various mitigation mechanisms against such attacks!
Alexa HackerMode 2.0: Voice Auto Pwn Using Kali Linux and Alexa Skill Combo is an Alexa-driven auto-sploit tool designed for the cloud. Not only will it help with syntax and encodings, but it will go full hacker mode and exploit systems automatically for you.
“Alexa, ask HackerMode to hack IP address 192.168.1.135” will instruct Alexa to begin and manage the process of port scanning, fingerprinting, exploit selection, and smart brute forcing exploits through Metasploit 4 or 5. Alexa will also entertain you with mood music or various other activities while it roots and dumps users and passwords from your target. If the exploit is taking a while you can check in on the progress by asking “How’s the hack going?”
Break out the Box (BOtB): Container Analysis, Exploitation and CICD Tool is the first tool aimed at hackers and developers to automate Container exploitation. Not only does BOtB provide the user with a detailed analysis of identified vulnerabilities of the container, BOtB provides an autopwn feature which allows for the user to automagically exploit the vulnerabilities identified and break out onto the host.
Social Attacker: Automated Phishing on Social Media Platforms is the first open source, multi-site, automated social media phishing framework. It allows you to automate the phishing of social media users on a mass scale by handling the connecting to and messaging of targets.
For more information about these offerings and many more check out the Black Hat USA Arsenal page, which is regularly updated with new content as we get closer to the event.