Android, iOS and Mobile Hacking
- Android Tamer
https://github.com/AndroidTamer
Twitter: @AndroidTamer
Presenter: Anant Shrivastava (@anantshri) - BadIntent — Integrating Android with Burp
https://github.com/mateuszk87/BadIntent
Presenter: Mateusz Khalil (@mateuszk87) - DiffDroid
https://github.com/antojoseph/diff-droid
Presenter: Anto Joseph (@antojosep007) - Kwetza
https://github.com/sensepost/kwetza
Presenter: Chris Le Roy (@brompwnie) - Needle
https://github.com/mwrlabs/needle
Twitter: @mwrneedle
Presenter: Marco Lancini (@lancinimarco) - NoPE Proxy (Non-HTTP Proxy Extension)
https://github.com/summitt/Burp-Non-HTTP-Extension
Presenter: Josh H.S. (@null0perat0r)
Code Assessment
- Puma Scan
https://github.com/pumasecurity/puma-scan
Twitter: @puma_scan
Presenter: Aaron Cure (@curea) - Tintorera: Source Code Intelligence (Code not yet uploaded)
https://github.com/vulnex/Tintorera
Presenter: Simon Roses Femerling (@simonroses)
Cryptography
- Hashview
https://github.com/hashview/hashview
Presenters: Casey Cammilleri (@CaseyCammilleri), Hans Lakhan (@jarsnah12) - Gibber Sense
https://github.com/smxlabs/gibbersense
Presenter: Ajit Hatti (@ajithatti)
Data Forensics and Incident Response
- Answering When/Where/Who is my Insider — UserLine
https://github.com/THIBER-ORG/userline
Presenter: Chema Garcia (@sch3m4) - DefPloreX: A Machine-Learning Toolkit for Large-scale eCrime Forensics
https://github.com/trendmicro/defplorex
Presenters: Federico Maggi (@phretor), Marco Balduzzi (@embyte), Lion Gu, Ryan Flores, Vincenzo Ciancaglini - HoneyPi
https://github.com/mattymcfatty/HoneyPi
Presenter: Matt South (@mattymcfatty) - PcapDB: Optimized Full Network Packet Capture for Fast and Efficient Retrieval
https://github.com/dirtbags/pcapdb
Presenters: Paul Ferrell (@pflarr), Shannon Steinfadt - SCOT (Sandia Cyber Omni Tracker) Threat Intelligence and Incident Response Management System
https://github.com/sandialabs/scot
Presenters: Nick Georgieff , Todd Bruner (@toddbruner) - Security Monkey
https://github.com/Netflix/security_monkey
Presenters: Mike Grima (@mikegrima) , Patrick Kelley (@MonkeySecurity) - ThreatResponse: An Open Source Toolkit for Automating Incident Response in AWS
https://github.com/ThreatResponse
Presenter: Andrew Krug (@andrewkrug) - Volatile Memory Analysis at Scale — the Highest Performing and Forensic Platform for Windows x64
https://github.com/ShaneK2/inVtero.net
Presenter: Shane Macaulay (@ktwo_K2) - Yalda — Automated Bulk Intelligence Collection (Code not yet uploaded)
https://github.com/gitaziabari/Yalda
Presenter: Gita Ziabari (@gitaziabri)
Exploitation and Ethical Hacking
- AVET — AntiVirus Evasion Tool
https://github.com/govolution/avet
Presenter: Daniel Sauder (@DanielX4v3r) - Building C2 Environments with Warhorse
https://github.com/war-horse/warhorse
Presenter: Ralph May (@ralphte1) - umulus — A Cloud Exploitation Toolkit
https://github.com/godinezj/metasploit-framework/tree/cumulus
Presenter: Javier Godinez (@isomorphix) - GDB Enhanced Features (GEF)
https://github.com/hugsy/gef
Presenter: Chris Alladoum (@_hugsy_) - Leviathan Framework
https://ithub.com/leviathan-framework/leviathan
Presenters: Ozge Barbaros (@ozgebarbaros), Utku Sen (@utku1337) - MailSniper
https://github.com/dafthack/MailSniper
Presenter: Beau Bullock (@dafthack) - Rattler
https://github.com/sensepost/rattler
Presenter: Chris Le Roy (@brompwnie) - Seth
https://github.com/SySS-Research/Seth
Presenter: Adrian Vollmer (@AdrianVollmer)
Hardware/Embedded
- ChipWhisperer
https://github.com/newaetech/chipwhisperer
Presenter: Colin O’Flynn (@colinoflynn) - DYODE, a DIY, Low-Cost Data Diode for ICS
https://github.com/arnaudsoullie/dyode
Presenters: Arnaud Soullié (@arnaudsoullie), Ary Kokos () - FTW: Framework for Testing WAFs
https://github.com/fastly/ftw
Presenters: Chaim Sanders, Zack Allen (@teachemtechy) - The Bicho: An Advanced Car Backdoor Maker
https://github.com/UnaPibaGeek/CBM
Presenters: Claudio Caracciolo (@holesec), Sheila Ayelen Berta (@UnaPibaGeek)
Human Factors
- IsThisLegit
https://github.com/duo-labs/isthislegit
Presenters: Jordan Wright (@jw_sec), Mikhail Davidov (@sirus)
Internet of Things
- Hacker Mode
https://github.com/xssninja/Alexa-Hacker-Mode
Presenter: David Cross (@10rdV4d3r) - Universal Radio Hacker: Investigate Wireless Protocols Like a Boss
https://github.com/jopohl/urh
Presenter: Johannes Pohl (@jopohl)
Malware Defense
- Aktaion v2 — Open Source Machine Learning and Active Defense Tool
https://github.com/jzadeh/Aktaion
Presenters: Joseph Zadeh (@JosephZadeh), Rod Soto (@rodsoto) - Cuckoodroid
https://github.com/idanr1986/cuckoo-droid
Presenter: Idan Revivo (@idanr86) - Cuckoo Sandbox
https://github.com/cuckoosandbox/cuckoo
Twitter: @cuckoosandbox
Presenter: Jurriaan Bremer (@skier_t) - LimaCharlie
https://github.com/refractionPOINT/limacharlie
Twitter: @rp_limacharlie
Presenter: Maxime Lamothe-Brassard (@_maximelb) - Malboxes
https://github.com/GoSecure/malboxes
Presenter: Olivier Bilodeau (@obilodeau)
Malware Offense
- A New Take at Payload Generation: Empty-Nest
https://github.com/empty-nest/emptynest
Presenters: James Cook (@_jbcook), Tom Steele (@_tomsteele)
Network Attacks
- BloodHound 1.3
https://github.com/BloodHoundAD/BloodHound
Presenters: Andy Robbins (@_wald0), Rohan Vazarkar (@CptJesus), Will Schroeder (@harmj0y) - CrackMapExec v4
https://github.com/byt3bl33d3r/CrackMapExec
Presenter: Marcello Salvati (@byt3bl33d3r) - DELTA: SDN Security Evaluation Framework
https://github.com/OpenNetworkingFoundation/DELTA
Presenters: Jinwoo Kim, Seungsoo Lee, Seungwon Shin - eaphammer
https://github.com/s0lst1c3/eaphammer
Presenter: Gabriel Ryan (@s0lst1c3) - GoFetch
https://github.com/GoFetchAD/GoFetch
Presenter: Tal Maor (@talthemaor) - gr-lora: An Open-Source SDR Implementation of the LoRa PHY
https://github.com/BastilleResearch/gr-lora
Presenter: Matt Knight (@embeddedsec) - Yasuo
https://github.com/0xsauby/yasuo
Presenter: Saurabh Harit (@0xsauby)
Network Defense
- Assimilator
https://github.com/videlanicolas/assimilator
Presenter: Nicolas Videla (@jsusvidela) - Noddos
https://github.com/noddos/noddos
Presenter: Steven Hessing - SITCH: Distributed, Coordinated GSM Counter-Surveillance
https://github.com/sitch-io/sensor
Twitter: @sitch_io
Presenter: Ash Wilson (@ashmastaflash) - Sweet Security
https://github.com/TravisFSmith/SweetSecurity
Presenter: Travis Smith (@MrTrav)
OSINT — Open Source Intelligence
- Datasploit — Automated Open Source Intelligence (OSINT) Tool
https://github.com/DataSploit/datasploit
Twitter: @datasploit
Presenter: Shubham Mittal (@upgoingstar) - Dradis: 10 Years Helping Security Teams Spend More Time Testing and Less Time Reporting
https://github.com/dradis/dradis-ce
Twitter: @dradisfw
Presenter: Daniel Martin (@etdsoft) - OSRFramework: Open Sources Research Framework
https://github.com/i3visio/osrframework
Presenters: Félix Brezo Fernández (@febrezo), Yaiza Rubio Viñuela (@yrubiosec)
Reverse Engineering
- BinGrep
https://github.com/m4b/bingrep
Presenter: Hiroki Hada - FLARE VM
https://github.com/fireeye/flare-vm
Presenter: Peter Kacherginsky (@_iphelix)
Vulnerability Assessment
- Aardvark and Repokid
https://github.com/Netflix-Skunkworks/aardvark
https://github.com/Netflix/repokid
Presenters: Patrick Kelley (@MonkeySecurity), Travis McPeak (@travismcpeak) - Hack/400 and IBMiScanner Tooling for Checking Your IBM i (aka AS/400) Machines !
https://github.com/hackthelegacy/hack400tool
Presenter: Bart Kulach (@bartholozz) - PowerSAP: Powershell Tool to Assess SAP Security
https://github.com/airbus-seclab/powersap
Presenter: Joffrey Czarny (@Sn0rkY) - SERPICO
https://github.com/SerpicoProject/Serpico
Twitter: @SerpicoProject
Presenters: Peter Arzamendi (@thebokojan), Will Vandevanter (@0xRST) - SimpleRisk
https://github.com/simplerisk/code
Twitter: @simpleriskfree
Presenter: Josh Sokol (@joshsokol)
Web AppSec
- BurpSmartBuster: A Smart Way to Find Hidden Treasures
https://github.com/pathetiq/BurpSmartBuster
Presenter: Patrick Mathieu (@pathetiq) - CSP Auditor
https://github.com/GoSecure/csp-auditor
Presenter: Philippe Arteau (@h3xstream) - Easily Exploit Timing Attacks in Web Applications with the ‘timing_attack’ Gem
https://github.com/ffleming/timing_attack
Presenter: Forrest Fleming (@ffleming) - Fuzzapi — Fuzzing Your RESTAPIs Since Yesterday
https://github.com/lalithr95/fuzzapi
Twitter: @Fuzzapi0x00
Presenters: Abhijeth Dugginapeddi (@abhijeth), Lalith Rallabhandi (@lalithr95), Srinivas Rao (@srini0x00) - Offensive Web Testing Framework (OWASP OWTF)
https://github.com/owtf/owtf
Twitter: @owtfp
Presenter: Viyat Bhalodia (@viyat) - PyMultiTor
https://github.com/realgam3/pymultitor
Presenter: Tomer Zait (@realgam3) - ThreadFix Web Application Attack Surface Calculation
https://github.com/denimgroup/threadfix
Twitter: @ThreadFix
Presenter: Dan Cornell (@danielcornell) - WaToBo — The Web Application Toolbox
https://github.com/siberas/watobo
Presenter: Andreas Schmidt (@_znow) - WSSiP: A WebSocket Manipulation Proxy
https://github.com/nccgroup/wssip
Presenter: Samantha Chalker (@itsisatis)
Leave a Reply