Prior to Blackhat 2012 I need some beta testers. Beta testing what exactly? For
the past 8 months I've been developing an 'aggressive' firewall.

What is it?

It is composed of 3 main parts.

[Client]
I have the client firewall ported to Windows XP/Vista/7 | MacOSX | Linux* |
FreeBSD. The client is a firewall that invokes the server, A.R.I.E.S.

[A.R.I.E.S.] Automated Recon / Identification and Elimination System(s)
This is the actual server. It is a preinstall setup on FreeBSD 8.2. It is
invoked via WOL by the clients.

<-*-> Technical Information <-*->

Minimum Physical Requirements{/U]:

A fast CPU, I am using an AMD Opteron K8

A fair ammount of RAM. It would be unfair to say exactly how much, it greatly
depends on how much you plan on using it for. 4g would be a good start for most
home networks.

Knowledge of the FreeBSD operating system, infosec knowledge, OS knowledge.

The purpose of A.R.I.E.S. is to act as a buffer between you and anything that
could be considered a threat.

What is a threat? Anything from some asshole with a nukem' script to ingress
keylogger traffic running within the network. During the initial
setup/configuration guide (post install) you will have 'knobs' you can use to
activate/deactivate various threat filters.

Ok, so now what?

After a threat has been determinated by the client, A.R.I.E.S. will be invoked.
The first job is to assess the threat and rule out a false positive or the
possibility of a spoofed source. After A.R.I.E.S. has deemed the threat to be
true, the next step will be fingerprinting/recon. You can adjust the frequency
at which probes are set. Bear in mind if you opt for steady/fast probes, such as
Firewalk/UDP scans, you're likely going to trigger their intrusion prevention
system (assuming they have one...).

Sweet! anything else?

After the recon phase, data will be analysed and the next step will be
elimination of the threat. This is done with quite a vast exploit library (most
known exploits, and a few of my own special scripts). Once again there is a
configuration script with knobs you can use to enable/disable these at your
discretion. Keep in mind however that depending on how you configure the recon
engine could cause incomplete scan results! this would prevent accuracy in
exploit selection!

The PoC was sucessful, so I have been reworking the engine on it to allow for a
manual user mode. This allows you to add on module packs you can use for manual
exploitation. I plan on adding more in the future but for now it is all beta.

[Mods]

Lysis - This module is centered around memory based exploits. SoF/BoF/Heap
poisoning/Heap Spraying/Mapping/Segment Modification

Atreides - Telephonetics! Much too much of this is still in development,
however what I have working now is line starving/ramping. Soon I hope to have a
display interface/logging system for incomming calls. This however requires
hardware implementations.

Whisper - 802.15.1 (bluetooth) listening/adjustment module. This will allow you
to use BT enabled devices at your will and mercy

Champion - Champion is designed to test (with massively extreme prejudice) the
reliability of your gateway devices. Routers/modems alike. Be warned: This
module will REALLY mess things up!

Revelation - I initially designed this to be a rootkit auditor, where you could
ajust the features of a rootkit (I've come up with a few good recipes..).
However I'm also including a db to detect rootkit usage over a network. This is
not ready, won't be for some time.

Portcullis - This is my baby, my pride and my joy. This is useful for almost
anything from leaping the great firewall of China to auditing a website. I have
spent A FREAKIN' TON of time building payloads for the most massive library of
injection suites available. Everything from triggering basic network protocols
to invoking torrent clients. I have equipped this mod to perform
Javascript/SQL/Cookie/Flash injection. It is a plethora of pwn.

A.R.I.E.S. also includes a user friendly toolkit to help you assess threats
at a physical level of security. Via CD/USB scripts.

I know the admins of this website are at this point wondering why I would
announce/post such a thing. It is not Illegal, like all other real world items only
malicious use of it will be Illegal. I will be releasing it to the public sometime next
year.. and I will be presenting it at blackhat this July. I assure you this is not a toy,
and has a lot of merit to network admins/security conscience individuals. I plan on
A.R.I.E.S. being synonymous with the word crucible. I want admins to feel at ease when
they must leave their network unattended.

I will be Giving A.R.I.E.S. away for absolutely no charge. I don't believe any
tool like this has ever been simply given away, I plan to be the first.. I want to
revolutionize security the way it currently stands. Only A.R.I.E.S. itself is free, the mod
packs however; will not be. In the future I will be asking for good
sums of money for them. For now I am asking 50$ per module. Admins are more than
welcome to apply for a copy themselves. This offer is not exclusive to sythe and
may be revoked at any time.

How do you get a copy of A.R.I.E.S.? Pm me. I want a well written essay of why
you want it, what you plan on doing with it, and why you deserve it. Later on I
will actually require registration w/ SMS verification. If I approve of your
request and feel that you deserve a copy then I will redirect you to it.

A.R.I.E.S. is not a toy, it is a powerful tool designed to protect assets on
your network, and perform administrative tasks that most people aren't capable
of. Again, this will be publicly available in the near future. I am asking for
beta testers / developers to check it out, I will be very inquisitive about any
requests made for distribution of my product, and not many people here will be
approved.

Again, this is fully legal. But as a disclaimer I want to make it clear that it
is only legal to use A.R.I.E.S. to protect your own network, audit your own
security configurations, and test your own websites. By accepting this product
you are relieving Sythe and the developing party of this software of any
liability you cause out of being an idiot. If you want to cause trouble there
are other tools on the internet intended for just that.

If you are a developer/security conscience individual who would like to
contribute to the project PM me with the following:

1. An essay about why you want A.R.I.E.S. And a specific reason with usage for
why you are interested in any existing Modules.

2. A promise that you will not abuse/share this software. Sharing this software
will result in your termination of it's privileges.

Nemo Me Impune Lacessit!

 

Bump 2/3

 

Final bump 3/3

Offer dies 12am GMT, 15 December.
(at least that's when I'll stop reading pms)