Guest editorial by Rob Fuller
DEFCON, the 9000+ attendee hacker conference in Vegas has become a sort of hydra conference. It has become more like a global fair than what most people think of conferences; even the badge is highly unique.
I say this because there are so many things to do at DEFCON, other than going to talks, that you could spend your whole weekend looking at the "World’s Largest Boar!”, so to speak. One of the CTF (Capture the Flag) contest winners this year actually exclaimed that he only made it to 2 talks in 12 years! I am also one of those individuals who barely get a chance to go to talks and now that the speaker pool is so diverse, it's hard to find all of the "stuff" they release.
Before anyone has a chance to post "it's all on the DEFCON CD dummy," I want to challenge them to try. After a weekend of googling (which came back with few results) and making contact with some of the speakers, I provide you with a mostly accurate list of "stuff" that was released at DEFCON this year. If any of the information is inaccurate, or a tool is missing, please contact me and I will update this post.
Beholder – by Nelson Murilo and Luis Eduardo
Description: An open source wireless IDS program
Homepage Link: http://www.beholderwireless.org/
Email Address: email@example.com
The Middler – by Jay Beale
Description: The end-all be-all of MITM tools
Homepage Link: http://www.themiddler.com/ (Online?)
Preface Link: http://www.intelguardians.com/themiddler.html
ClientIPS – by Jay Beale
Description: An open source inline “transparent” client-side IPS
Homepage Link: http://www.ClientIPS.org/ (Online?)
Marathon Tool – by Daniel Kachakill
Description: A Blind SQL Injection tool based on heavy queries
Download Link: DEFCON 16 CD. No online link found.
Email Address: firstname.lastname@example.org
The Phantom Protocol – by Magnus Brading
Description: A Tor-like protocol that fixes some of Tor’s major attack vectors
Homepage Link: http://code.google.com/p/phantom
Email Address: email@example.com
ModScan – by Mark Bristow
Description: A SCADA Modbus Network Scanner
Homepage Link: http://modscan.googlecode.com/
Email Address: firstname.lastname@example.org
Grendel Scan – by David Byrne
Description: Web Application scanner that searches for logic and design flaws as well as the standard flaw seen in the wild today (SQL Injection, XSS, CSRF)
Homepage Link: http://grendel-scan.com/
iKat – interactive Kiosk Attack Tool
(This site has an image as a banner that is definitely not safe for work! – You have been warned) by Paul Craig
Description: A web site that is dedicated to helping you break out of Kiosk jails
Homepage Link: http://ikat.ha.cked.net
Email Address: email@example.com
DAVIX – by Jan P. Monsch and Raffael Marty
Description: A SLAX based Linux Distro that is geared toward data/log visualization
Homepage Link: http://code.google.com/p/davix/
Download Link: http://www.geekceo.com/davix/davix-0.5.0.iso.gz
Email Addresses: firstname.lastname@example.org and email@example.com
CollabREate – by Chris Eagle and Tim Vidas
Description: An IDA Pro plugin with a server backend that allows multiple people to collaborate on a single RE (reverse engineering) project.
Homepage Link: http://www.idabook.com/defcon
Email Addresses: firstname.lastname@example.org and email@example.com
Dradis – by John Fitzpatrick
Description: A tool for organizing and sharing information during a penetration test
Email Address: firstname.lastname@example.org
Squirtle – by Kurt Grutzmacher
Description: A Rouge Server with Controlling Desires that steals NTLM hashes.
Homepage: http://code.google.com/p/squirtle (Live?)
Email Address: email@example.com
WhiteSpace – by Kolisar
Description: A script that can hide other scripts such as CSRF and iframes in spaces and tabs
Download Link: DEFCON 16 CD
VoIPer – by nnp
Description: VoIP automated fuzzing tool with support for a large number of VoIP applications and protocols
Homepage Link: http://voiper.sourceforge.net/
Barrier – by Errata Security
Description: A browser plugin that pen-tests every site that you visit.
Homepage Link: http://www.erratasec.com
Email Address: firstname.lastname@example.org
Psyche – by Ponte Technologies
Description: An advanced network flow visualization tool that is not soley based on time.
Homepage Link: http://psyche.pontetec.com/
* Rob Fuller is a security researcher and pen-tester. He can be found on Twitter and in Room 362.