Some of the most interesting tools from this year's conference we have selected are:
- CloudKatana
_A tool developed by Microsoft to automate the execution of adversarial techniques in Azure with the help of AzureFunctions, with the main goal of validating the detection rules and understanding the potential of the attack's behavior.
-CloudSniper
_A platform designed to manage cloud security operations aimed at responding to security incidents.
-Kubetriker
_An extremely fast Kubernetes security auditing tool
-REW-sploit
_A tool that analyzes Windows shellcode or attacks originating from Metasploit or CobaltStrike attack tools.
-LUDA
_Stands for "Large URL Dataset Analyzer, a tool developed by security researchers at Akamai to detect patterns in large numbers of URLs. Security teams can use the tool to discover URL schemes associated with known malware or threat actors.
-SGXRay
_An automated tool developed by Baidu engineers to detect SGXenclave errors stemming from trusted boundary violations.
-Cotopaxi
_A tool developed by Samsung to test the security of various IoT protocols.
- Packet Sender_An open source utility available for Windows, Mac and Linux that allows sending and receiving TCP, UDP and SSL packets.
-Kubesploit
_A tool for security penetration testing of Kubernetes clusters, complete with a developed HTTP/2 command and control server and proxy.
-Siembol
_An open source, real-time security information and event management tool based on big data technology.
-Cloudtopolis
_Tools for running password cracking systems on the Google CloudShell platform.
-Racketeer
_A tool that provides security teams with a way to simulate and test the detection of common ransomware operations against a set of corporate assets and network endpoints in a controlled manner.
-Phishmonger
_is an email phishing tool that allows penetration testers to quickly template, test and deploy phishing campaigns.
-BluePigeon
_A Bluetooth-based data leakage and proxy tool.
-Magpie
_An open source cloud security posture management tool designed to help companies protect their cloud infrastructure.
-PurpleSharp2.0
_A C# adversary simulation tool that performs adversary techniques aimed at generating attack telemetry in a monitored Windows environment.
-WARCannon
_A tool that searches the Internet for network vulnerabilities on a large scale. Security researchers and vulnerability bounty hunters can utilize WARCannon to horizontally scale their research across the Internet in a fast, cost-effective and completely non-intrusive/stealthy manner.
-PMapper
_A script and library for identifying risks in AWS accounts or AWSIdentityandAccessManagement configurations for AWS organizations.
-PingCastle
_A tool for performing security audits on ActiveDirectory servers
-reNgine
_An automated reconnaissance framework meant to collect information during penetration testing of web applications.
-Solitude
_An open-source privacy analytics tool designed to help people check where their private data goes after it leaves their favorite mobile or web app.
Folks interested in the above tools can find them on GitHub or contact me.
Follow me to bring you the latest in tech