Spring is coming, and the air is filled with the clitter-clatter of keyboards honing code and prototyping exploits. With Black Hat Europe less than a month away, today we're unveiling the official Black Hat Arsenal schedule and topic lists. Arsenal, for those new to Black Hat security events, is a special tool/demo area that allows independent researchers and the open source community to demonstrate and showcase their work.
Black Hat Europe 2012's Arsenal will feature live demonstrations of nine new tools and resources, ranging from CAPTCHA crackers to PDF exploit analyzers. You can find the full schedule on the Black Hat Europe website, or read on for highlights from each of the presenters:
- Gursev Singh Kalra will present TesserCap, a GUI-based, first-of-its-kind CAPTCHA analysis tool that busts through CAPTCHA checks with eight-stage image pre-processing and OCR.
- Tom Forbes is bringing xcat, which exploits an xpath injection vulnerability in web application frameworks and supports advanced exploitation features. The tool supports both Xpath 1.0 and 2.0 and can extract entire XML databases.
- Vulnerability researchers will dig Frank Breedijk's Seccubus, a tool which automates regular vulnerability scans. Unlike most such tools, Seccubus's reports focus on delta findings, which lend themselves to much more efficient result interpretation.
- Didier Stevens will be demoing his suite of PDF tools, which are used by popular Linux distros and virus-scanning sites to detect malicious PPF files. He'll also be happy to talk about his many other projects.
- Xavier Mertens will have pastemon on hand. pastemon monitors documents on the ubiquitous pastebin.org, and can generate events based on regular expressions -- sure beats refreshing all day.
- Back on the PDF front, Jose Miguel Esparza will demo peepdf, an all-in-one security research tool for PDF files. peepdf sounds like the Swiss army knife of PDF security apps.
- Andrey Labunets will show off Windbgshark, a network debugging tool that's tightly integrated with both Windbg debugger and Wireshark packet analyzer. It's also a framework for building custom fuzzers.
- Serkan Özkan is the guy behind cvedetails.com, a security vulnerability database website. He'll show you some of its unique features, like links to human-readable OVAL definitions and customizable RSS feeds.
- Last but not least, Mike Jordon and James Forshaw will demonstrate CANAPE, which can proxy and manipulate Citrix ICA traffic. CANAPE's networking, parsing and fuzzing infrastructure can significantly reduce development effort.
Black Hat Europe 2012's Arsenal will take place throughout the day on March 16. Check the official schedule to find out times for specific tool / software demos.
Also, hurry and register to take advantage of Black Hat's 20% off Regular Registration Discount. It ends 2/29.