DEFCON 16: The Tools not the Toools


Originally posted to the Zero Day blog on Ziff Davis:

This article was also referenced in a Dark Reading blog post by John Sawyer:

All updates will reside here as I have no control over the article on Ziff Davis.

    DEFCON, the 9000+ attendee hacker conference in Vegas has become a sort of hydra conference. It has become more like a global fair than what most people think of conferences; even the badge is highly unique. I say this because there are so many things to do at DEFCON, other than going to talks, that you could spend your whole weekend looking at the “World’s Largest Boar!”, so to speak. One of the CTF (Capture the Flag) contest winners this year actually exclaimed that he only made it to 2 talks in 12 years! I am also one of those individuals who barely get a chance to go to talks and now that the speaker pool is so diverse it’s hard to find all of the “stuff” they release. Before anyone has a chance to post “It’s all on the DEFCON CD dummy” I want to challenge them to try. After a weekend of googling (which came back with few results) and making contact with some of the speakers, I provide you with a mostly accurate list of “stuff” that was released at DEFCON this year. If any of the information is inaccurate, or a tool is missing, please contact me and I will update this post.

The DEFCON CD can be found here:

Think you are good enough? The binaries from Capture the Flag have been posted here:

 PE-Scambler by Nick Harbour

Packet-O-Matic by Guy Martin

  • Description: “A real time packet processor” - It extracts and can reinject packets. This includes VoIP calls in real time, Cable Modem (DOCSIS) traffic, and a whole host of others.

  • Homepage Link:

  • Email Address:

SA Exploiter by Securestate

Fast-Track by Securestate

Beholder – by Nelson Murilo and Luis Eduardo

** The Middler – by Jay Beale**

ClientIPS – by Jay Beale

** Marathon Tool – by Daniel Kachakill**

The Phantom Protocol – by Magnus Brading

ModScan – by Mark Bristow

** Grendel Scan – by David Byrne**

  • Description: Web Application scanner that searches for logic and design flaws as well as the standard flaw seen in the wild today (SQL Injection, XSS, CSRF)

  • Homepage Link:

iKat – interactive Kiosk Attack Tool  (This site has an image as a banner that is definitely not safe for work! – You have been warned) by Paul Craig

DAVIX – by Jan P. Monsch and Raffael Marty

CollabREate – by Chris Eagle and Tim Vidas

VMware Pen-Testing Framework – by John Fitzpatrick

Dradis – by John Fitzpatrick

Squirtle – by Kurt Grutzmacher

WhiteSpace – by Kolisar

  • Description: A script that can hide other scripts such as CSRF and iframes in spaces and tabs

  • Download Link: DEFCON 16 CD

VoIPer – by nnp

  • Description: VoIP automated fuzzing tool with support for a large number of VoIP applications and protocols

  • Homepage Link:

Barrier – by Errata Security

Psyche – by Ponte Technologies


Other blogs that have linked this or my ZD Net post: