Black Hat Briefings is a computer security conference that provides security consulting, training, and briefings to hackers, corporations, and government agencies around the world.
Android, iOS and Mobile Hacking
- Android Tamer – https://github.com/AndroidTamer
Twitter: @AndroidTamer / Presenter: Anant Shrivastava (@anantshri) - BadIntent—Integrating Android with Burp – https://github.com/mateuszk87/BadIntent
Presenter: Mateusz Khalil (@mateuszk87) - DiffDroid – https://github.com/antojoseph/diff-droid
Presenter: Anto Joseph (@antojosep007) - Kwetza – https://github.com/sensepost/kwetza
Presenter: Chris Le Roy (@brompwnie) - Needle – https://github.com/mwrlabs/needle
Twitter: @mwrneedle / Presenter: Marco Lancini (@lancinimarco) - NoPE Proxy (Non-HTTP Proxy Extension) – https://github.com/summitt/Burp-Non-HTTP-Extension
Presenter: Josh H.S. (@null0perat0r)
Code Assessment
- Puma Scan – https://github.com/pumasecurity/puma-scan
Twitter: @puma_scan / Presenter: Aaron Cure (@curea) - Tintorera: Source Code Intelligence (Code not yet uploaded) – https://github.com/vulnex/Tintorera
Presenter: Simon Roses Femerling (@simonroses)
Cryptography
- Hashview – https://github.com/hashview/hashview
Presenters: Casey Cammilleri (@CaseyCammilleri), Hans Lakhan (@jarsnah12) - Gibber Sense – https://github.com/smxlabs/gibbersense
Presenter: Ajit Hatti (@ajithatti)
Data Forensics and Incident Response
- Answering When/Where/Who is my Insider—UserLine – https://github.com/THIBER-ORG/userline
Presenter: Chema Garcia (@sch3m4) - DefPloreX: A Machine-Learning Toolkit for Large-scale eCrime Forensics – https://github.com/trendmicro/defplorex
Presenters: Federico Maggi (@phretor), Marco Balduzzi (@embyte), Lion Gu, Ryan Flores, Vincenzo Ciancaglini - HoneyPi – https://github.com/mattymcfatty/HoneyPi
Presenter: Matt South (@mattymcfatty) - PcapDB: Optimized Full Network Packet Capture for Fast and Efficient Retrieval – https://github.com/dirtbags/pcapdb
Presenters: Paul Ferrell (@pflarr), Shannon Steinfadt - SCOT (Sandia Cyber Omni Tracker) Threat Intelligence and Incident Response Management System – https://github.com/sandialabs/scot
Presenters: Nick Georgieff , Todd Bruner (@toddbruner) - Security Monkey – https://github.com/Netflix/security_monkey
Presenters: Mike Grima (@mikegrima) , Patrick Kelley (@MonkeySecurity) - ThreatResponse: An Open Source Toolkit for Automating Incident Response in AWS – https://github.com/ThreatResponse
Presenter: Andrew Krug (@andrewkrug) - Volatile Memory Analysis at Scale—the Highest Performing and Forensic Platform for Windows x64 – https://github.com/ShaneK2/inVtero.net
Presenter: Shane Macaulay (@ktwo_K2) - Yalda—Automated Bulk Intelligence Collection (Code not yet uploaded) – https://github.com/gitaziabari/Yalda
Presenter: Gita Ziabari (@gitaziabri)
Exploitation and Ethical Hacking
- AVET—AntiVirus Evasion Tool – https://github.com/govolution/avet
Presenter: Daniel Sauder (@DanielX4v3r) - Building C2 Environments with Warhorse – https://github.com/war-horse/warhorse
Presenter: Ralph May (@ralphte1) - umulus—A Cloud Exploitation Toolkit – https://github.com/godinezj/metasploit-framework/tree/cumulus
Presenter: Javier Godinez (@isomorphix) - GDB Enhanced Features (GEF) – https://github.com/hugsy/gef
Presenter: Chris Alladoum (@_hugsy_) - Leviathan Framework – https://ithub.com/leviathan-framework/leviathan
Presenters: Ozge Barbaros (@ozgebarbaros), Utku Sen (@utku1337) - MailSniper – https://github.com/dafthack/MailSniper
Presenter: Beau Bullock (@dafthack) - Rattler – https://github.com/sensepost/rattler
Presenter: Chris Le Roy (@brompwnie) - Seth – https://github.com/SySS-Research/Seth
Presenter: Adrian Vollmer (@AdrianVollmer)
Hardware/Embedded
- ChipWhisperer – https://github.com/newaetech/chipwhisperer
Presenter: Colin O’Flynn (@colinoflynn) - DYODE, a DIY, Low-Cost Data Diode for ICS – https://github.com/arnaudsoullie/dyode
Presenters: Arnaud Soullié (@arnaudsoullie), Ary Kokos () - FTW: Framework for Testing WAFs – https://github.com/fastly/ftw
Presenters: Chaim Sanders, Zack Allen (@teachemtechy) - The Bicho: An Advanced Car Backdoor Maker – https://github.com/UnaPibaGeek/CBM
Presenters: Claudio Caracciolo (@holesec), Sheila Ayelen Berta (@UnaPibaGeek)
Human Factors
- IsThisLegit – https://github.com/duo-labs/isthislegit
Presenters: Jordan Wright (@jw_sec), Mikhail Davidov (@sirus)
Internet of Things
- Hacker Mode – https://github.com/xssninja/Alexa-Hacker-Mode
Presenter: David Cross (@10rdV4d3r) - Universal Radio Hacker: Investigate Wireless Protocols Like a Boss – https://github.com/jopohl/urh
Presenter: Johannes Pohl (@jopohl)
Malware Defense
- Aktaion v2—Open Source Machine Learning and Active Defense Tool – https://github.com/jzadeh/Aktaion
Presenters: Joseph Zadeh (@JosephZadeh), Rod Soto (@rodsoto) - Cuckoodroid – https://github.com/idanr1986/cuckoo-droid
Presenter: Idan Revivo (@idanr86) - Cuckoo Sandbox – https://github.com/cuckoosandbox/cuckoo
Twitter: @cuckoosandbox / Presenter: Jurriaan Bremer (@skier_t) - LimaCharlie – https://github.com/refractionPOINT/limacharlie
Twitter: @rp_limacharlie / Presenter: Maxime Lamothe-Brassard (@_maximelb) - Malboxes – https://github.com/GoSecure/malboxes
Presenter: Olivier Bilodeau (@obilodeau)
Malware Offense
- A New Take at Payload Generation: Empty-Nest – https://github.com/empty-nest/emptynest
Presenters: James Cook (@_jbcook), Tom Steele (@_tomsteele)
Network Attacks
- BloodHound 1.3 – https://github.com/BloodHoundAD/BloodHound
Presenters: Andy Robbins (@_wald0), Rohan Vazarkar (@CptJesus), Will Schroeder (@harmj0y) - CrackMapExec v4 – https://github.com/byt3bl33d3r/CrackMapExec
Presenter: Marcello Salvati (@byt3bl33d3r) - DELTA: SDN Security Evaluation Framework – https://github.com/OpenNetworkingFoundation/DELTA
Presenters: Jinwoo Kim, Seungsoo Lee, Seungwon Shin - eaphammer – https://github.com/s0lst1c3/eaphammer
Presenter: Gabriel Ryan (@s0lst1c3) - GoFetch – https://github.com/GoFetchAD/GoFetch
Presenter: Tal Maor (@talthemaor) - gr-lora: An Open-Source SDR Implementation of the LoRa PHY – https://github.com/BastilleResearch/gr-lora
Presenter: Matt Knight (@embeddedsec) - Yasuo – https://github.com/0xsauby/yasuo
Presenter: Saurabh Harit (@0xsauby)
Network Defense
- Assimilator – https://github.com/videlanicolas/assimilator
Presenter: Nicolas Videla (@jsusvidela) - Noddos – https://github.com/noddos/noddos
Presenter: Steven Hessing - SITCH: Distributed, Coordinated GSM Counter-Surveillance – https://github.com/sitch-io/sensor
Twitter: @sitch_io
Presenter: Ash Wilson (@ashmastaflash) - Sweet Security – https://github.com/TravisFSmith/SweetSecurity
Presenter: Travis Smith (@MrTrav)
OSINT—Open Source Intelligence
- Datasploit—Automated Open Source Intelligence (OSINT) Tool – https://github.com/DataSploit/datasploit
Twitter: @datasploit / Presenter: Shubham Mittal (@upgoingstar) - Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting – https://github.com/dradis/dradis-ce
Twitter: @dradisfw / Presenter: Daniel Martin (@etdsoft) - OSRFramework: Open Sources Research Framework – https://github.com/i3visio/osrframework
Presenters: Félix Brezo Fernández (@febrezo), Yaiza Rubio Viñuela (@yrubiosec)
Reverse Engineering
- BinGrep – https://github.com/m4b/bingrep
Presenter: Hiroki Hada - FLARE VM – https://github.com/fireeye/flare-vm
Presenter: Peter Kacherginsky (@_iphelix)
Vulnerability Assessment
- Aardvark and Repokid – https://github.com/Netflix-Skunkworks/aardvark
https://github.com/Netflix/repokid
Presenters: Patrick Kelley (@MonkeySecurity), Travis McPeak (@travismcpeak) - Hack/400 and IBMiScanner Tooling for Checking Your IBM i (aka AS/400) Machines ! – https://github.com/hackthelegacy/hack400tool
Presenter: Bart Kulach (@bartholozz) - PowerSAP: Powershell Tool to Assess SAP Security – https://github.com/airbus-seclab/powersap
Presenter: Joffrey Czarny (@Sn0rkY) - SERPICO – https://github.com/SerpicoProject/Serpico
Twitter: @SerpicoProject / Presenters: Peter Arzamendi (@thebokojan), Will Vandevanter (@0xRST) - SimpleRisk – https://github.com/simplerisk/code
Twitter: @simpleriskfree / Presenter: Josh Sokol (@joshsokol)
Web AppSec
- BurpSmartBuster: A Smart Way to Find Hidden Treasures – https://github.com/pathetiq/BurpSmartBuster
Presenter: Patrick Mathieu (@pathetiq) - CSP Auditor – https://github.com/GoSecure/csp-auditor
Presenter: Philippe Arteau (@h3xstream) - Easily Exploit Timing Attacks in Web Applications with the ‘timing_attack’ Gem – https://github.com/ffleming/timing_attack
Presenter: Forrest Fleming (@ffleming) - Fuzzapi—Fuzzing Your RESTAPIs Since Yesterday – https://github.com/lalithr95/fuzzapi
Twitter: @Fuzzapi0x00 / Presenters: Abhijeth Dugginapeddi (@abhijeth), Lalith Rallabhandi (@lalithr95), Srinivas Rao (@srini0x00) - Offensive Web Testing Framework (OWASP OWTF) – https://github.com/owtf/owtf
Twitter: @owtfp / Presenter: Viyat Bhalodia (@viyat) - PyMultiTor – https://github.com/realgam3/pymultitor
Presenter: Tomer Zait (@realgam3) - ThreadFix Web Application Attack Surface Calculation – https://github.com/denimgroup/threadfix
Twitter: @ThreadFix / Presenter: Dan Cornell (@danielcornell) - WaToBo—The Web Application Toolbox – https://github.com/siberas/watobo
Presenter: Andreas Schmidt (@_znow) - WSSiP: A WebSocket Manipulation Proxy – https://github.com/nccgroup/wssip
Presenter: Samantha Chalker (@itsisatis)
- Top 50 Most Popular Cybersecurity Tools
- How Paraphrase Tool Helps To Optimize Content
- Best 20 Kali Linux Tools for Hacking and Penetration Testing
- Top 25 Open Source Intelligence Tools
- Online Domain Authority (DA) Rank Checker Websites
- Top 50 Hacking and Penetration Testing Tools [Compiled List 2019]
- Top 10 Essential CTF Tools for Solving Reversing Challenges
- Windows and Linux Privilege Escalation Tools – Compiled List 2019
- Subdomain Enumeration Tools – 2019 Update
- Top 10 Most Popular Bruteforce Hacking Tools – 2019 Update