Black Hat Asia 2025: Top Cybersecurity Projects Breakdown

By /

Listen to this Post

Featured Image
BINUS University showcased five cutting-edge cybersecurity projects at Black Hat Asia 2025, continuing their five-year streak of Black Hat presentations. Below are the key projects and their details:

1. Casino Heist

🔗 GitHub Link
An open-source blockchain playground featuring challenges for smart contract vulnerabilities, common exploits, and simplified real-world hacks with mitigations.

You Should Know:

  • Use Foundry (forge) to test Ethereum smart contracts: 
    forge init casino_heist 
forge test --match-contract VulnerabilityTest
  • Check for reentrancy attacks with Slither: 
    slither ./contracts --detect reentrancy

2. Foundpy

🔗 GitHub Link
A Python implementation of Foundry for interacting with Web3 apps and solving CTF challenges.

You Should Know:

  • Install Foundpy: 
    pip install foundpy
  • Use it to deploy a test contract: 
    from foundpy import Web3 
w3 = Web3(Web3.HTTPProvider('http://localhost:8545')) 
print(w3.isConnected())

3. Plaguard

🔗 GitHub Link
A PowerShell deobfuscation toolkit and IOC detection engine for blue teams.

You Should Know:

  • Deobfuscate malicious PowerShell scripts: 
    .\Plaguard.ps1 -Script "obfuscated_script.ps1" -Deobfuscate
  • Extract IOCs from logs: 
    python plaguard.py -f logfile.txt --ioc

4. JARY

🔗 GitHub Link

A modular log correlation engine for threat hunting.

You Should Know:

  • Parse logs with JARY: 
    jary-cli -i auth.log -p "Failed password" --output json
  • Automate log analysis: 
    from jary import Analyzer 
results = Analyzer.correlate("apache.log", rules="sqli_rules.yaml")

5. FaceGSM

A toolkit for adversarial attacks on face recognition models (using FGSM).

You Should Know:

  • Generate adversarial examples: 
    import torch, torchvision 
attack = torchattacks.FGSM(model, eps=0.03) 
adversarial_image = attack(image, label)

What Undercode Say

The Black Hat Asia 2025 projects highlight real-world cybersecurity trends:
– Blockchain hacking (Casino Heist)
– Web3 security automation (Foundpy)
– Blue-team PowerShell defense (Plaguard)
– Threat intelligence via logs (JARY)
– AI model attacks (FaceGSM)

Key Commands to Remember:

  • Smart Contract Testing: `forge test`
  • Web3 Interaction: `web3.py`
  • PowerShell Deobfuscation: `Invoke-Deobfuscation`
  • Log Analysis: `jary-cli -i logs.txt`
  • Adversarial ML: `torchattacks.FGSM()`

Expected Output:

A detailed breakdown of each tool, its purpose, and executable commands for cybersecurity professionals.

🔗 Relevant Links:

References:

Reported By: Chrisandoryan And – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Related Posts: