We are pleased to present "FlowMate" and "SNC Scan", two of our in-house developments, at BlackHat 2023 and DEF CON 31, two of the largest events for IT security professionals and security managers worldwide. We asked the Heroes and leading tool developers Nicolas Schickert and Florian Haag, Senior Consultants IT Security at usd HeroLab and Matthias Göhring, Head of usd HeroLab.
What was your motivation to apply with your tools at BlackHat and DEF CON?
Matthias: Of course, we at usd HeroLab have been developing tools ourselves for a long time; always when we find that our pentests become both qualitatively better and more efficient as a result and there are no suitable tools available. At the same time, we benefit enormously from the community's open source tools, so I am very pleased that we can also give something back here. This makes me incredibly proud and we are living up to our mission #moresecurity.
BlackHat and DEF CON are important instances in the scene. How did you feel when you heard about the adoption of your tools?
Nicolas: I was super excited that the SNC Scan was accepted. Our development team really put a lot of time into it. Thinking about presenting our tool to an international audience makes me really proud.
Florian: When we found out about FlowMate's acceptance, we were thrilled. I am happy that the subject of my master thesis has now become a tool that helps the community and my colleagues in their everyday pentesting. I am also happy that we are given time and space for our creativity and that we can pursue such projects.
What is your presentation about?
Florian: I present FlowMate together with my colleagues in the BlackHat Arsenal as well as the DEF CON DemoLabs. Here, the latest developments and open source tools are presented to the community. In our presentation, we will demonstrate how pentesting can be taken to a new level by analyzing data flows within web applications.
Nicolas: We are presenting our tool SNC Scan at BlackHat Arsenal. In the presentation, we will show how the tool can be used to analyze the encryption configurations of an SAP system and the benefits it can bring to security analysts and SAP operations teams.
What makes your tools so special?
Florian: Unlike other available tools, FlowMate works from a black box perspective. This means that it does not require access to the code or the backend of a web application. Data flows are created by analyzing HTTP messages between the browser and the application alone. For ease of use, FlowMate is implemented as a plugin for the BurpSuite proxy. Due to the widespread use of BurpSuite in the toolbox of pentesters and IT security affine analysts, it is easy to use without much preparation.
Nicolas: SNC Scan enables unauthenticated analysis of SNC encryption protocol configurations. This can be used to read out misconfigurations and vulnerabilities at the network level without the need for complex manual analysis with authenticated access. Our development creates a solution for the SNC protocol, one that has long existed for the SSL/TLS protocols, and thus closes a gap in the pentest procedure for SAP systems.
August is the start. What are your preparations like?
Nicolas: For sure, a lot of time will be spent on finalizing our tools in the next few weeks.
Florian: We are really looking forward to the topics that are currently driving the community. Of course, we will also keep up with all the other talks at BlackHat and DEF CON.
