Hackers of India

CertPivot: Infra-Chaining + Cert-Check

By Ajit Hatti on 05 Aug 2019 @ Blackhat : Arsenal
πŸ”— Link
We need help to complete this entry! Missing: Source Code
I can help!
#incident-management #threat-hunting #ssl #security-tools
Focus Areas: πŸ›‘οΈ Security Operations & Defense , πŸ”‘ Cryptography , βš™οΈ DevSecOps , 🚨 Incident Response , πŸ•΅οΈ Threat Intelligence
This tool demo covers following tools where the speaker has contributed or authored
CERTPIVOT

Abstract

CertPivot is a newest module of LAMMA specifically focuses on 2 features. One is Infra-Chaining using TLS certificates and second Cert-Check which looks for non-trusted TLS certificates in the trust store of a given machine.

Infra-Chaining feature of CertPivot module is useful specially for threat hunters and incident respondents, where as Certi-Check feature can be additionally used by admins and crypto-auditors