-
-
[转帖]2018黑帽大会工具清单-Blackhat
-
发表于:
2019-5-16 11:24
6293
-
[转帖]2018黑帽大会工具清单-Blackhat
1、Android,iOS和移动黑客
易受攻击的iOS应用程序:Swift版
b99K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6H3M7X3q4@1k6h3g2C8x3e0b7%4i4K6u0r3c8q4k6u0b7g2)9J5k6s2j5J52、代码评估
OWASP依赖性检查
760K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7k6i4u0W2L8i4W2D9L8$3&6Y4i4K6u0r3c8r3g2H3k6h3&6V1k6h3&6U0P5f1y4Z5k6h3y4C8美洲狮扫描
ebaK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6H3N6h3#2S2M7$3g2U0N6i4u0A6N6s2W2Q4x3V1k6H3N6h3#2S2i4K6u0V1M7$3y4S2L8R3`.`.3、加密
DeepViolet:SSL / TLS扫描API和工具
e99K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6M7r3!0G2k6Y4A6#2i4K6u0r3c8r3g2W2M7q4k6A6L8$3I4W2N6l9`.`.4、数据取证和事件响应
初学者到专家
89dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6T1M7X3!0Q4x3V1k6T1M7X3)9`.CyBot:开源威胁情报聊天机器人
f6cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6o6P5h3I4S2L8X3y4W2f1#2m8q4b7g2u0Q4x3V1k6o6P5f1u0G2N6l9`.`.LogonTracer
5caK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6v1f1p5y4q4f1W2c8o6b7#2)9J5c8V1I4G2k6$3!0F1g2s2u0S2j5$3g2J5rastrea2r(重新加载!):用Gusto和Style收集和狩猎IOC
dbfK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5j5i4y4@1M7X3g2S2x3Y4u0Q4x3V1k6J5j5i4y4@1M7X3g2S2x3Y4t1`.RedHunt OS(VM):用于对手仿真和威胁搜索的虚拟机
f04K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5k6h3c8Z5N6h3&6@1L8r3q4T1M7#2)9J5c8W2u0W2k6p5S2#2L8Y4c8Q4x3X3c8a6f1H3`.`.5、剥削与道德黑客
AVET:AntiVirus Evasion Tool
baaK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Y4L8%4k6G2L8s2g2@1K9h3!0F1i4K6u0r3j5i4k6W2N6l9`.`.DSP:Docker安全游乐场
073K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Y4K9i4m8W2M7U0b7#2i4K6u0r3c8r3!0U0K9$3g2J5f1$3g2U0N6i4u0A6N6s2W2b7L8r3q4&6k6%4u0G2N6h3&6V1hideNsneak:攻击混淆框架
b26K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5L8h3W2C8k6h3S2G2k6r3N6W2M7#2)9J5c8X3S2A6k6r3g2z5M7$3&6W2j5h3D9`.梅林
92cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6z5k6e0m8F1k6o6m8Y4i4K6u0r3L8h3g2J5L8r3W2F1RouterSploit
2aeK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6@1K9s2u0W2j5i4b7&6i4K6u0r3M7X3!0#2N6r3g2J5M7%4m8D9L8$3W2@16、硬件/嵌入式
ChipWhisperer
f0aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6i4N6S2k6i4c8W2j5$3S2Q4x3V1k6U0K9r3W2H3N6$3S2A6M7%4m8W2M7X3g2J5JTAGulator :揭开硬件安全的致命弱点
347K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Y4M7X3q4F1k6r3W2V1k6h3q4K6N6s2g2V1K9h3!0Q4x3V1k6B7N6r3q4Y4N6h3I4S2N6r3!0J5Micro-Renovator:将处理器固件带入代码
f55K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6P5h3&6U0M7%4u0U0i4K6u0r3e0h3W2U0M7X3!0d9k6h3&6G2N6X3q4@1L8%4t1`.TumbleRF:RF模糊变得容易
a99K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5K9i4k6W2M7X3I4G2L8%4m8K6k6h3y4Q4x3V1k6@1N6h3#2T1L8r3g2J5k6R3`.`.Walrus:充分利用您的卡片克隆设备
ec9K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6f1k6h3q4E0g2$3q4D9M7Y4g2K6i4K6u0r3g2$3q4D9M7Y4g2K67、物联网
物联网设备的可扩展动态分析框架
872K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6P5h3y4#2M7X3g2D9j5h3u0Q4x3V1k6p5c8f1y4m8c8R3`.`.BLE CTF项目
67eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Z5j5h3y4C8k6$3&6S2M7W2)9J5c8X3u0D9k6g2)9#2k6X3y4@1k6R3`.`.WHID注射器和WHID Elite:新一代HID攻击性设备
690K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6%4K9r3W2V1i4K6u0V1K9h3&6B7k6h3y4@1L8%4u0Q4x3V1k6i4d9p5W2p58、恶意软件防御
为每位安全研究人员提供高级深度学习分析平台
40fK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8Y4c8W2L8q4)9J5c8W2u0W2M7$3W2D9K9h3g2F1N6q4)9J5k6p5#2x3i4K6u0V1f1X3g2K6k6h3q4J5j5$3S2Q4x3X3c8b7L8r3q4@1k6X3!0J5L8b7`.`.EKTotal
a5dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6F1j5h3!0Q4x3X3c8K6k6h3y4Q4x3V1k6W2K9%4c8G2N6r3q4D9固件审计:Blue Teams和DFIR的平台固件安全自动化
8ccK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6b7M7X3g2a6f1#2)9J5k6q4y4W2j5%4g2J5K9i4c8&6i4K6u0r3k6Y4N6S2N6h3c8A6N6l9`.`.MaliceIO
f3bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6E0j5h3I4A6j5$3g2A6L8#2)9J5c8X3#2S2L8r3W2U0k6b7`.`.目标 – 参见MacOS安全工具
011K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6G2j5X3A6W2j5%4c8A6N6X3g2Q4x3X3c8K6k6h3f1`.9、恶意软件进攻
BloodHound 1.5
c7cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6n7L8r3!0G2k6p5S2G2N6h3&6V1b7f1c8Q4x3V1k6n7L8r3!0G2k6p5S2G2N6h3&6V110、网络攻击
军械库
bfcK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6V1k6i4m8@1K9s2y4W2j5%4g2J5K9i4c8&6i4K6u0r3j5i4u0E0L8%4u0&6Chiron:一种先进的IPv6安全评估和渗透测试框架
059K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2j5i4c8D9j5i4y4A6M7#2)9J5c8V1y4Z5K9i4u0G2L8R3`.`.DELTA:SDN安全评估框架
b79K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6a6M7r3g2F1e0X3g2@1N6$3!0J5K9$3W2F1k6@1k6G2N6h3&6V1j5i4c8A6L8$3&6Q4x3V1k6p5c8f1I4f1b7b7`.`.Mallet:任意协议的拦截代理
f7eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3&6K6k6i4m8G2M7%4c8Q4x3V1k6E0j5h3I4D9k6i4b7`.PowerUpSQL:用于在企业环境中攻击SQL Server的PowerShell工具包
c32K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6z5k6i4c8e0f1p5W2Q4x3V1k6b7L8%4N6W2M7W2g2H3f1#2q4x3WarBerryPi
e5fK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4Y4M7X3!0#2L8X3c8*7k6i4u0G2i4K6u0r3N6$3q4J5j5X3g2J5M7Y4V1`.11、网络防御
ANWI(全新无线IDS):5美元的WIDS
601K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6e0j5h3&6C8k6i4c8w2j5i4u0H3k6g2)9J5c8X3q4F1N6$3V1`.CHIRON:基于家庭的网络分析和机器学习威胁检测框架
742K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7P5X3q4V1k6h3S2Q4x3V1k6U0K9r3W2J5L8$3&6Q4x3X3c8W2L8r3D9`.云安全套件:AWS / GCP / Azure安全审计的一站式工具
726K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6e0k6h3y4#2M7X3W2@1P5f1k6f1g2#2)9J5c8X3y4K6i4K6u0V1M7%4g2A6N6r3f1`.DejaVu:一个开源欺骗框架
1b6K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6T1K9r3c8J5k6i4y4Z5i4K6u0r3c8r3g2B7j5i4k6#2O12、SINT – 开源智能
DataSploit 2.0
a69K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6p5j5i4c8S2f1%4m8D9L8$3W2@1i4K6u0r3k6r3q4@1j5i4y4H3L8r3!0A6N6l9`.`.Dradis 框架:了解如何将报告时间缩短一半
cbeK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6V1M7X3q4V1K9i4y4Q4x3V1k6V1M7X3q4V1K9i4y4Q4x3X3c8U0k6b7`.`.13、逆向工程
Snake:恶意软件存储动物园
24cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6U0L8%4g2F1N6r3g2J5j5$3g2H3N6q4)9J5c8Y4y4F1j5h3E0W214、智能电网/工业安全
GRFICS :工业控制模拟的图形现实主义框架
e62K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6V1K9X3k6G2M7X3#2T1P5g2)9J5c8V1N6d9c8V1W2o6f1H3`.`.15、漏洞评估
用于机器学习模型的对抗鲁棒性工具箱
9a8K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6u0b7V1#2Q4x3V1k6S2k6s2k6W2M7Y4y4S2M7X3W2S2L8q4)9J5k6s2u0G2j5Y4g2K6N6r3&6W2M7%4y4Q4x3X3c8@1L8$3!0D9j5X3!0^5Android动态分析工具(ADA)
e72K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6m8e0V1g2x3d9@1q4a6f1#2)9J5c8X3q4V1j5b7`.`.射箭:开源漏洞评估和管理
fbfK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2M7X3y4Z5k6i4u0&6M7$3g2U0i4K6u0r3j5i4u0U0K9r3g2J5P5i4y4W2j5H3`.`.boofuzz
326K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6B7N6s2m8W2M7X3g2&6k6r3q4Q4x3V1k6T1L8$3!0X3N6i4A6*7BTA
f7eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6S2K9i4u0T1N6i4y4Q4x3X3c8K6k6h3y4D9j5h3u0Q4x3V1k6T1N6r3p5`.深度利用
eafK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1j5I4x3$3!0Q4x3X3c8T1j5Y4u0Q4x3X3c8T1j5Y4q4Q4x3V1k6E0j5h3y4Z5K9h3&6W2i4K6g2X3L8r3g2S2M7X3&6A6L8X3N6Q4y4h3k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8Y4c8J5k6h3g2Q4x3V1k6E0j5i4y4@1k6i4u0Q4x3V1k6p5k6h3g2H3c8i4S2H3L8r3!0A6N6l9`.`.Halcyon IDE:适用于Nmap脚本开发人员
215K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6y4r3^5%4K9o6m8Q4x3V1k6t1j5h3I4U0P5h3!0F1SimpleRisk
0edK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6K6K9h3#2H3L8r3g2J5K9i4y4C8TROMMEL
307K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6o6c8g2u0f1b7@1y4Q4x3V1k6@1M7X3!0E0L8h3g2D916、Web AppSec
看看NGINX的ModSec 3.0:软件Web应用程序防火墙
aebK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6e0M7r3W2V1k6i4u0x3j5h3u0K6i4K6u0r3e0h3!0V1f1$3g2U0N6i4u0A6N6s2V1`.Astra:REST API的自动安全测试
7d4K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6X3L8r3W2H3K9$3q4J5N6q4)9J5k6r3W2F1j5%4g2T1j5i4c8G2M7W2)9J5c8V1q4K6N6s2u0S2Burp Replicator:自动化复杂漏洞的复制
f18K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6b7L8%4u0@1f1%4N6A6k6$3N6W2M7W2)9J5c8Y4u0W2M7r3I4A6j5$3q4@1L8%4t1`.OWASP进攻性Web测试框架
d4cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6G2N6%4c8X3i4K6u0r3L8%4N6@1k6R3`.`.OWASP JoomScan项目
be7K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6J5k6i4A6S2M7%4m8Q4x3V1k6B7L8$3!0E0M7$3y4S2L8R3`.`.WSSAT
755K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6k6j5h3I4U0K9h3&6k6L8$3I4S2L8r3q4F1i4K6u0r3g2#2y4e0b7g2b7`.
转贴来源:CSDN
oscarli
[培训]内核驱动高级班,冲击BAT一流互联网大厂工作,每周日13:00-18:00直播授课
