Tweet
Date: Thursday, September 20, 2012
Time: 1:00 pm ET/10:00 am PT - FREE (soit 19h heure française)
Duration: 60 minutes including Q&A
---------------------------
Overview:
"The right tool for the right job." That is the reason Black Hat created the Arsenal to the USA event, an area in which Free and OpenSource tool authors could show off their wares. This webcast features three of the most popular tools and their authors.
---------------------------
Armitage
Armitage is a red team collaboration tool built on the open source Metasploit Framework. Released in December 2010, Armitage has seen constant updates and improvements since its inception-updates and improvements driven by feedback from its wonderful user community. This demonstration will show how Armitage works and dive into some of the lesser known features that are quite handy for penetration testers.
ThreadFix
ThreadFix is an open source software vulnerability aggregation and management system that allows software security teams to reduce the time it takes to fix software vulnerabilities. ThreadFix imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and projects. The system allows companies to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. By auto generating web application firewall rules, this system also allows companies to protect vulnerable applications while remediation activities occur. ThreadFix empowers managers with vulnerability trending reports that demonstrate software security progress over time.
Smartphone Pentesting Framework
As smartphones enter the workplace, sharing the network and accessing sensitive data, it is crucial to be able to assess the security posture of these devices in much the same way we perform penetration tests on workstations and servers. However, smartphones have unique attack vectors that are not currently covered by available industry tools. The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices. We will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization.
Time: 1:00 pm ET/10:00 am PT - FREE (soit 19h heure française)
Duration: 60 minutes including Q&A
---------------------------
Overview:
"The right tool for the right job." That is the reason Black Hat created the Arsenal to the USA event, an area in which Free and OpenSource tool authors could show off their wares. This webcast features three of the most popular tools and their authors.
---------------------------
Armitage
Armitage is a red team collaboration tool built on the open source Metasploit Framework. Released in December 2010, Armitage has seen constant updates and improvements since its inception-updates and improvements driven by feedback from its wonderful user community. This demonstration will show how Armitage works and dive into some of the lesser known features that are quite handy for penetration testers.
ThreadFix
ThreadFix is an open source software vulnerability aggregation and management system that allows software security teams to reduce the time it takes to fix software vulnerabilities. ThreadFix imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and projects. The system allows companies to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. By auto generating web application firewall rules, this system also allows companies to protect vulnerable applications while remediation activities occur. ThreadFix empowers managers with vulnerability trending reports that demonstrate software security progress over time.
Smartphone Pentesting Framework
As smartphones enter the workplace, sharing the network and accessing sensitive data, it is crucial to be able to assess the security posture of these devices in much the same way we perform penetration tests on workstations and servers. However, smartphones have unique attack vectors that are not currently covered by available industry tools. The smartphone penetration testing framework, the result of a DARPA Cyber Fast Track project, aims to provide an open source toolkit that addresses the many facets of assessing the security posture of these devices. We will look at the functionality of the framework including information gathering, exploitation, social engineering, and post exploitation through both a traditional IP network and through the mobile modem, showing how this framework can be leveraged by security teams and penetration testers to gain an understanding of the security posture of the smartphones in an organization.
Commentaire