The State of Open Source Pentesting Tools

Penetration testers rely heavily on a challenging combination of open source and proprietary software. Most of these tools are available for free through various software repositories but who makes these tools and who maintains them? How up-to-date and robust is the ecosystem on which we stake our professional careers and test the security of some of the most important systems on the planet?

At Security B-Sides in San Fransisco, Pwnie Express developers Sam Stelfox and I (Gabe Koss) investigate the state of many uncommon and well-established tools. This talk looks at the various tools which are publicly available via the Kali Linux repositories from the perspective software development, maintainability and professional reliability.

In this talk we will:

  • Present statistical information about these tools
  • Place shame on projects which need to be better maintained
  • Highlight tools which are doing a good job
  • Make solutions to help the community at large better curate this complex ecosystem of tools

Drop by our talk at 4pm in the Main Room (Track 1) of the DNA Lounge.

About Security B-Sides

Security B-Sides is the first grass roots, DIY, open security conference in the world!  Security B-Sides is a great combination of two event styles: structured anchor events and grass-roots geocentric events. B-Sides San Francisco is a 2-day information security conference taking place on February 23rd and 24th at the DNA Lounge. Each day will feature two speaking tracks. Admission is free, on a first-come, first-served basis.

Click here to learn more about B-Sides San Francisco.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *