We take a look back at some of the best offensive security tools that were launched over the past three months
The week leading up to Christmas 2020 was dominated by the continuing implications of the theft of red team hacking tools from FireEye as part of the SolarWinds supply chain attack.
On a quieter note, those outside the realms of espionage have enjoyed a wealth of legitimately sourced tools over the past three months.
Here’s our roundup of the latest hacking tools for the fourth quarter of 2020:
Semgrep: The ‘Burp Suite of source code analysis’
Software security start-up r2c launched a static analysis tool that it hopes will become “the Burp Suite of source code analysis”.
Semgrep is a free and open source tool that scans an entire project on-demand or automatically in CI/CD on every build or commit, with all analysis carried out locally.
“Semgrep aims to be useful out of the box, with hundreds of security rules,” Clint Gibler, r2c’s head of security research, tells The Daily Swig. “But crucially, it aims to be highly customizable and easily tunable to the code base being tested.”
Sharkcop uses machine learning to detect phishing URLs
A Google Chrome browser extension that identifies suspected phishing URLs with a machine learning algorithm was unveiled at Black Hat Asia in September.
Developed by a team of Vietnamese undergraduates, Sharkcop distinguishes between phishing URLs and legitimate domains based on analysis of SSL certificates, URL length, domain age, and the number of redirections.
These variables are evaluated by Support Vector Machine, a comparatively simple machine learning algorithm that performs regression and classification tasks with impressive accuracy.
Vulmap aids privilege escalation with CVE-mapping vulnerability scanner
Also launched at Black Hat Asia this year was Vulmap, a hacking tool designed to aid privilege escalation by leveraging known security vulnerabilities.
Vulmap, an open source project, contains an online local vulnerability scanner used for probing Windows and Linux systems.
Besides discovering vulnerabilities on the localhost, it also displays information about the flaw, including the CVE number and risk score and, if it exists, related exploit ids and exploit titles.
Ghunt OSINT tool seeks out Google users’ account information
An open source tool that allows security teams to explore data created by Google accounts was launched in October.
GHunt profiles a Google user’s footprint based solely on an email address. With this information, the tool can determine an account owner’s name and Google ID, YouTube channel, and active Google services, including Photos and Maps.
Metadata associated with such accounts, such as the phone model and software build of devices used to upload photos, might also be determined.
ReNgine automates intel-gathering process for pen testers
Security teams working with web applications now have access to an open source reconnaissance tool for enumeration and to help run penetration tests.
ReNgine is a reconnaissance framework that works with other tools to scan domains, list endpoints, and search directories.
Offensive security professionals can use the tool to create a pipeline that pulls together more complex queries from scan engines and present the results in a single window.
AttackForge streamlines the security testing process
AttackForge is a pen test management and collaboration platform created to facilitate security testing across large and small organizations.
While there were already “great products” on the market, co-founder Fil Filiposki said the collaboration features included with AttackForge set the platform apart from other products.
Filiposki told The Daily Swig: “AttackForge.com is our free to use platform. It is aimed at students or aspiring pen testers looking to learn the trade and prepare portfolios… as well as small boutique consultancy teams providing pen testing services.”
Other hacking tools and related news this quarter:
The last three months of 2020 has also seen the release of a number of other tools aimed at improving security in a range of settings, from corporations to home users:
- The TinyCheck open source privacy project turns your Raspberry Pi into a stalkerware detection unit. The device monitors traffic between a smartphone and the network to detect signs of stalkerware or other indicators of compromise from malicious applications.
- Amid a sharp rise in adversarial attacks against machine learning systems, Microsoft has released a new framework that it says will empower security analysts in their battle to protect AI-powered technology.
- Developed by security analyst Utku Sen, Urlhunter can search URL shortener archives. Security researchers can use it to find sensitive files and URLs that have been accidentally shared with the public.
- A project that charts how malicious hackers make use of open source offensive security tools was unveiled at the VB Security Conference in October. The research informs the long-running debate on whether the development and publication of offensive security tools is beneficial or harmful to security as a whole.
- An open source Python tool, O365 Squatting, generates typosquatting permutations based on a user supplied root domain, offering a systematic way to check for potential phishing websites and audit Office365 infrastructure.
- Launched at Black Hat Europe, the SnitchDNS framework offers automation and network monitoring features to pen testers.
- On the defensive side, Salesforce made its JARM fingerprinting tool open source, offering network defenders a means to identify malicious servers associated with malware campaigns in the process.
- And finally, The Daily Swig interviewed the co-founder of security platform Censys about how the search engine for internet-connected devices grew from a university project into a major commercial security platform.
Additional reporting by James Walker.
PREVIOUS EDITION Latest web hacking tools – Q3 2020