Commercial attack tools
1 / 23

Commercial Attack Tools - PowerPoint PPT Presentation

  • Uploaded on

Commercial Attack Tools. Team BAM! Scott Amack, Everett Bloch, Maxine Major. Overview. Why Commercial? Uses Good Evil Tool Comparisons Demo Considerations. Why Commercial?. (When freeware is just as good) Additional functionality for professional environments Advanced reporting

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Commercial Attack Tools' - malia

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Commercial attack tools

Commercial Attack Tools

Team BAM!Scott Amack, Everett Bloch, Maxine Major


  • Why Commercial?

  • Uses

    • Good

    • Evil

  • Tool Comparisons

  • Demo

  • Considerations

Why commercial
Why Commercial?

(When freeware is just as good)

  • Additional functionality for professional environments

    • Advanced reporting

    • Audit logs

  • All-in-one suites

  • Professionally maintained & supported

Why commercial1
Why Commercial?

  • More immediate protection

    • Exploits (and vulnerability awareness) made available before freeware

      “black-hat hackers typically rely on other tool kits that are less focused on research and more focused on swift, illegal break-ins.“ (Canberra Times)

Who uses these tools
Who Uses These Tools?

  • Aerospace industry

  • Universities / Education

  • E-commerce

  • Energy & Utilities

  • Financial Services

  • Healthcare

  • Manufacturing

  • Security Consulting

  • … and several unnamed “major federal U.S. agencies”

Commercial hacking
Commercial Hacking

  • Commercial not always Ethical

    • Not all entities willing to pay large amounts of money for these tools want to use them ethically.

      • Many foreign governments buy & use these tools unethically on their people and other countries.

  • Not all hacking tools are “good”

    • Marketed as “lawful intercept tools”

    • Can violate human rights

    • "Corporate Enemies of the Internet” – identified by Reporters Without Borders

Five corporate enemies of the internet 2013
Five Corporate Enemies of the Internet 2013

  • Gamma Group (U.K.)

  • trovicor(Germany)

  • HackingTeam(Italy)

  • Amesys(France)

  • Blue Coat Systems (U.S.)

Five corporate enemies of the internet 20131
Five Corporate Enemies of the Internet 2013

  • Company: Gamma (UK)Product: FinFisher (FinSpy)

    • Commercial surveillance software suite

    • Used to target Bahraini activists (May 2012)

    • During the fall of Egypt’s Pres. Murbarak, dissidents found FinFisher marketed to Egypt’s secret police (July 2002)

    • Discovered iTunes Flaw that allowed third parties to use iTunes update to install unauthorized programs. Discovered in 2008. not patched until Nov 2011.

Five corporate enemies of the internet 20132
Five Corporate Enemies of the Internet 2013

  • Company: trovicor (Germany)Product: trovicor Monitoring Center

    • Communication interception: “collect, retain, analyse and distribute voice and data communication as well as historical data.” (trovicor)

    • Enabled Bahrain’s royal family to spy on news providers and arrest them.

    • Work with Iran

Five corporate enemies of the internet 20133
Five Corporate Enemies of the Internet 2013

  • Company: HackerTeam (Italy)Product: Da Vinci

    • “For Governmental LEAs and Agencies ONLY.”

Five corporate enemies of the internet 20134
Five Corporate Enemies of the Internet 2013

  • Company: Blue Coat (California)Product: PacketShaper.

    • Filtering and censorship devices for countries such as Syria and Burma.

    • “Deep Packet Inspection (DPI) products developed by Blue Coat made it possible for the regime to spy on dissidents and netizens throughout the country, and to arrest and torture them.”

Five corporate enemies of the internet 20135
Five Corporate Enemies of the Internet 2013

  • Company: Amesys (France)Product: EAGLE System

    • EAGLE spyware sold to Libya while Muammar Gaddafi was in power

      • “mass surveillance system used to spy on dissidents, journalists, activists, and political opponents.”

      • “ do not have responsibility for how their tools are used once sold”

    • Accused of selling to Morocco and Qatar

    • EAGLE System sold to Nexa Technologies (2013)

A comparison
A Comparison

Core Impact vs. Immunity Canvas

“… penetration-testing frameworks that provide discovery tools, exploit code for remote and local vulnerabilities, remote agents, and other handy-dandy gadgets for exploring and exploiting a network.”

A comparison1
A Comparison

Core Impact

  • $25,000/year per seat

  • Created around 1997

  • About 1650 Commercial-Grade exploits created in-house

  • User is denied the ability to create or import external exploits

  • Usable by almost anyone with basic computer knowledge

    Immunity Canvas

  • $3,101/year for a 10-seat license

  • Created around 2002

  • Over 490 exploits, about 4 added every month

  • Ability for user to create custom exploits

  • Intended for people with a good understanding of computers and exploits

A comparison2
A Comparison

Core Impact

  • Intuitive and very easy to use GUI interface, “point and shoot” functionality

  • Requires little to no networking/programming knowledge

  • Each attack has a setup (Wizard) that walks through the entire process of setting up and exploiting a system, local or on a network

  • Offers no Command Line Interface

A comparison3
A Comparison

Immunity Canvas

  • Simple yet robust GUI for initiating attacks on targets

    • Simple three panel display makes for easy navigation and informative results

  • Offers a Command Line Interface in addition to the GUI

A comparison4
A Comparison

Core Impact

  • Won Secure Enterprise’s Tester’s Choice award for best penetration testing framework due to its flexibility and ease of use

    Immunity Canvas

  • Free tutorial videos and documentation available on immunity web page

Commercial metasploit
Commercial Metasploit

  • Advantages of Pro:

    • “Smart” exploitation

    • Password auditing

    • Penetration test reporting

    • Team workflow automation

    • Social engineering

    • Web app scanning

    • Web interface

    • Network discovery

Commercial metasploit1
Commercial Metasploit

  • Pricing

    • $5000 initial purchaseper year, per seat

    • Renewal rates depend on licensing agreement with Rapid7

Commercial metasploit2
Commercial Metasploit


Windows 7

Windows XP SP2

Ubuntu 8.04 (image provided by Metasploit)


  • Commercial != Ethical

  • Cost of commercial tools is prohibitively expensive for individuals.

  • Commercial software is highly beneficial for professional pen. testing organizations.

In summary
In Summary

  • Why Commercial?

  • Commercial Tools & Ethics

    • “Five corporate enemies of the internet”

  • Comparison of Tools

    • Core Impact vs. Immunity Canvas

  • Demonstration

    • Metasploit Pro

  • Conclusions