Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

[BSidesLV] ExploitHub: Arming the Pen Testers to Plug the Holes

ExploitHub: Arming the Pen Testers to Plug the Holes Vik Phatak

The State of Security

You can only rely on vendors to a certain point. They can’t protect from everything.

Exploit test results  –> Top 5 (Endpoint protection)

  1. Trend Micro
  2. McAfee
  3. Kaspersky
  4. Sophos
  5. F-Secure

Most tested do significantly better detecting the original exploit than a variant (altered payload etc….)

It’s not about a single product however, as a combination of protections is best to give overall protection

When using evasion techniques, no vendor comes out clean.

So how do you make things better –> By shining a light on it, and putting public pressure ont he vendors

Between Metasploit, Core and Canvas… under 10% of vulns are accounted for with a working exploit. This means 90% of vulns aren’t easily exploitable.

Just because it’s not in these products, doesn’t mean you’re secure.

Leveling the playing field

This is where the problem lies. The bad guys have some of these exploits. These aren’t always 0-day, they’re things that have been patched but there’s no PUBLIC exploit available for it.

How do we level the playing field? The security researchers aren’t getting together to share!

The answer is to create a marketplace for exploits…. you choose the price and see who wants to buy!

Connecting the buyers who need the exploit, with the sellers who have the technical skill to write the exploit.

No more free bugs… maybe tis is the solution?

Exploit Hub

Guiding principles

  • Enabling whitehats to do their job
  • Legitimize researchers
  • Create economically sustainable ecosystem
  • Researchers control the content and prices
    • If you want to sell an exploit for $10,000 per download… feel free

Working closely with Metasploit to create templates and integrate with Metasploit. Making it easier to buy and use without trying to get an exploit working first!

NSS Role –> Validation of the exploit where possible, making available in the store

Goal is to increase availability of exploits

0-day un-patched exploits won’t be available to prevent blackmail of companies

exploithub@nsslabs.com

Links:

  • Vik Phatak Bio –> LINK
  • NSSLabs –> LINK
Advertisements

One response to “[BSidesLV] ExploitHub: Arming the Pen Testers to Plug the Holes

  1. Pingback: Tweets that mention [BSidesLV] ExploitHub: Arming the Pen Testers to Plug the Holes « ©атсн²² (in)sесuяitу -- Topsy.com

%d bloggers like this: