SERVICES INDUSTRIES IOACTIVELABS NEWS ABOUT

CONTACT

IOACTIVE LABS Blog Resources Tools Advisories Disclosure Policy

IOACTIVE LABS TOOLS & APPLICATIONS

Hackinginvolvestools.Agoodhackerknowshowtousetoolstotheirbestadvantage.Anevenbetter
hackerwritestheirowntools.AllthetoolsandapplicationshereweredevelopedbyIOActiveresearchers
tohelpourclientswiththeirsecuritypriorities.Thesetoolsareavailablefordownloadandarecompletely
free,veryuseful,asis,andunsupported.

FEATURED TOOL
HARDWARE LAB
DealingwithUnknownCodeandMalwareAttacks
usingTheMemoryCruncher VIDEO
BuiltonBlockWatchTechnology Briefoverviewofservices
availablefromthe
Determiningifyourecompromisedcanbeacomplexprocess. expandedIOActive
Youneedtoanalyzeallthecomponentsofavirus,APT,orother HardwareLab.Viewhere
unauthorizedactivityanduseseveraldifferent(andsometimes orviaYouTube.(3:13)
difficult)approachestobesuccessful.Oneusefulmethodisto
usememoryanalysis.

IOActivesBlockWatchdoesthatforyou.Itisthelargest
availablehashdatabase,containing400+millionintegritychecks.
Itprovidessoftwareassuranceandhighintegrityverificationof
thevolatilememoryinWindowsbasedsystems.TheIOActive
MemoryCruncherisafreeSoftwareasaService(SaaS)
applicationthatgivesyouinstantaccesstoBlockWatchsnetwork
hostedsecurehashwhitelist.
FEATURED
TheMemoryCruncheraddressesthecomplexchallenges RESEARCH
associatedwithintegrityattestation.Itinterpretsphysicalmemory Discoverawealthof
snapshots,normalizesinputs,andensurescompleteness.You usefulandinteresting
caneasilygeneratereportsinMicrosoftWordorsimply informationfromthe
browsetogetagoodideaaboutwhatisreallyrunningonyour IOActiveresearchteam
computer. rangingfromwhitepapers
topresentationstocase
studiesandmore.And
dontmissourpopular
Blog.

inVtero.net BLOG

Expandingonprocessdetectionintomicroarchitecture InFlightHacking
independenthypervisorintrospection.TheaimofinVtero.netisto System
providesomeveryhighperformance,highassuranceinterfaces
toworkwithphysicalmemorydumps.Isolationandextractionof
processmemory,includingrecursiveintrospectionof
VM/hypervisorsthatmayberunning.

DOWNLOADFROMGITHUB

Polarbearscan

Thistoolachievesfasterandmoreefficientbannergrabbingand
portscanningbycombiningtwoexistingideas.Ittakesstateless
SYNscanningusingcryptographicallyprotectedcookiestoparse WHITEPAPER
incomingacknowledgements.Italsousesapatcheduserland AWakeUpCallFor

TCP/IPstacksothescannercanrestorestateimmediatelyupon SATCOMSecurityBy

receivingacryptographicallyverifiedpacketwithboththeSYN RubenSantamarta

andACKflagsset.Pleasenotethatthescannerrightnowonly SatelliteCommunications
supportsIPv4basedscanninganditwillonlyworkproperlyover (SATCOM)playavitalrole
Ethernettype(wiredorwireless)interfaces.Therearenoplansto intheglobal
supportIPv6ordifferentinterfacesinthenearfuture. telecommunications
system.IOActive
DOWNLOADSOURCE evaluatedthesecurity
postureofthemostwidely
deployedInmarsatand
MelkorFuzzerforELF
IridiumSATCOM
AlejandroHernndezisaSeniorSecurityconsultantforIOActive. terminals.
HistoolassistswiththeELFparsingprocess.Melkor,writteninC,
isanintuitiveandeasytouseELFfileformatfuzzer.Itmutates LAUNCHPDF
theexistingdatainanELFsamplehowever,itdoesnotchange
valuesrandomly(dumbfuzzing),instead,itfuzzescertain
metadatawithsemivalidvaluesthroughtheuseoffuzzingrules.
Inordertohavehighercode/branchcoverageduringtesting,
certainmetadatadependenciesmustbeinplace.
 DOWNLOADSOURCE MEDIA
CarHacking2With
IOActiveSChris
IOAQRF(beta) Valasek&TwitterS
CharlieMiller
Thistool,writtenbySimonRosesFemerling,consistsoftwofiles:
aPythonfilethatgeneratesQRfuzzpatternsandashellscript Watchthisvideoclipshot
thatcanbeusedtogeneratecommonQRcodecontentthatapps byFORBESshowinghow
use,suchasphonenumbers,SMS,andURLs. ChrisandCharliecontrol
carswithCANmessage
DOWNLOADSOURCE injections.

WATCHVIDEO
DDSFuzzers

ThiscollectionoffuzzerscanfuzzDHCPservers,iCalendar
parsers,IRCclients,Socketsystemcalls,UNIXsystemcalls,and
TFTPservers.Italsoincludesmangle.c,abinaryfiledumbfuzzer
thatflipssomebits.WritteninC,Perl,andPython,mostofthese
toolsarestraightforwardandcontainonlyacoupleofhundred
TOOLS&APPLICATIONS
linesofcode.
BlockWatchBETA

DOWNLOADSOURCE BlockWatchhelpsenable
atrustedcloud
infrastructure.Itanalyzes
NTLMWebProxy thememoryacquiredfrom
hypervisortypecloud
Simpleandprecise,thistoolsfunctionalitygivesyouaproxythat
infrastructuresandalerts
spoofsanNTLMrequesttoadomainjoinedrequest,andthen
youifanyunknowncode
forwardstheNTLMchallenge/responsesequencetoatargeted
isrunning.
server.ItworksjustlikeSMBReflection,butoverHTTP.

DOWNLOADSOURCE

SimpleStupidHTTPV1

TiredofdealingwitheasytoownHTTPdaemons?Dontwant
dynamiccontentorsupercoolchunkedthreading?Justwantto
serveupstaticcontent?StupidSimpleV1livescompletelyin
memoryafterinitialfileupload,anditperformsnodynamic
memoryaccessafterlisteningisinitialized(unlessyouspecifyan
intervalreload).Featuresincludetheabilitytoserviceonlyvalid
GETrequests,nomemorywritesexceptduringfileloadand
kernellevelrecv(),nodynamiccontent,nosubdirectorysupport,
andnodynamicheadersexceptcontenttype.
 DOWNLOADSOURCE

MemSearchMemorySearchingTool

Thiscrossplatform(LinuxandWin32)toolallowsyoutosearch
fortrampolineinstructionsinmemory.

DOWNLOADSOURCE

DNSWhat?ScanningTool

Thistoolsfunctionalityistwofold:(1)scanthedesignatednetwork
segmentforactiveDNSserversand(2)sniffoffthewireto
determinewhetherDNSservers(localhostoronthelocal
segment)arevulnerabletothenewDNScachepoisoningattack.

DOWNLOADSOURCE

LIBWifiToolKit

TheLIBWifiToolKitprovidesresearcherswithaframeworkin
whichtofuzz802.11protocols.

DOWNLOADSOURCE

Snarkv0.16HTTPInterrogationProxy

Asocalled"attackproxy",Snarkallowsausertomonitorandedit
HTTPrequestsandresponses.Snarkcanbeconfiguredtoactas
awebproxy,orinatunnelmodewhichallowsforproxychaining,
orusewithothertools.Snarkwaswritteninperlandshouldrunin
anyenvironmentthatissupportedbyperl,andwxWindows.

DOWNLOADSOURCE
DOWNLOADINSTALLER

Morfv0.3NinjaEncoder

Morfisthesupremeninjagodofencodings.URL,HTTP,Base64,
HEX,MD5,SHA1,UTF7,thelistgoeson...

DOWNLOADSOURCE
DOWNLOADINSTALLER
SecretSquirrelv0.8PasswordManager

SecretSquirrelisyourbasicpasswordmanagerapplication
writteninJava.Itrunsonallplatformsthatsupportrecent
versionsofJava.ItusesBlowfishandSHA384,password
generationusingJavasecurerandomobject(fullyconfigurable),
passwordgroups,andsoon.

DOWNLOADSOURCE
DOWNLOADCOMPILED
DOWNLOADINSTALLER

Custosv0.1bDapiWrapper

ThisisabetaversionofCustosthatisaworkingexampleofusing
theDAPIAPIstostoresecrets.TheincludedVisualStudio2003
projectisbothaCOMobjectandAssembly,whichcanbeusedby
ASPandASP.NETprojects.Additionally,amanagerapplicationis
providedtohelpcreatetherequiredRegistryentries.

DOWNLOADSOURCE

TabbyTunnelSSLTunnelforWindows

ThisisanSSLtunnelthatcanmakeuseofcertificatesinthe
WindowsCertificateStore.Thisisusefulforcreatingtunnelsto
clientcertificateauthenticatedservices.TabbyTunnelmakesuse
oftheIOActive.SSLlibrary.

DOWNLOADSOURCE
DOWNLOADBINARY

IOActive.SSLMicrosoft.NETSSLLibrary

ThislibrarythatallowsforeasieruseofSSLin.NETtools.Itis
usedbyTabbyTunnel.

DOWNLOADSOURCE
DOWNLOADBINARY
 SERVICES IOACTIVELABS NEWS ABOUT

INDUSTRIES Blog In the News Executive

Hardware | Software | Wetware Resources Press Releases Management
CONTACT
SECURITYSERVICES
Tools Events & Advisory Board

Advisories Speaking Philanthropy

Disclosure Policy Careers

Copyright2017.IOActive,Inc.AllRightsReserved. | PrivacyPolicy | SiteMap

IOActiveonYouTube | IOActiveonLinkedIn | IOActiveonGitHub | IOActiveonCrunchbase|IOActiveonTwitter|IOActiveonJobvite