ZeroNights 2017: back to the cyber 80s
Last Friday, 17th of November, I attended the ZeroNights 2017 conference in Moscow. And it was pretty awesome. Thanks to the organizers! Here I would like to share some of my impressions.
First of all, I want to say that two main Moscow events for information security practitioners, #PHDays and ZeroNights, provide an excellent opportunity to meet all of the colleagues at once and to synchronize current views on important information security issues, including, of course, #VulnerabilityManagement, the most relevant for me. My opinion is that this year’s behind-the-scene conversations were especially good. And this is the most valuable characteristic for the event.
Every ZeroNights event has it’s own style. This time it was some geeky cyber retro from 1980s, like in popular cult movie Kung Fury. The place was also changed from familiar Cosmos Hotel to ZIL Culture Centre. It is the largest Palace of Culture from the Soviet Moscow times. The combination of US 80s cultural artifacts, RETROWAVE music with Soviet-style interiors (including, for example, statue of Lenin) made a pretty weird combination, but I liked it =)
I was unintentionally taking photos using some strange mode in camera and recorded a very short video fragment (3-5 seconds) for each photo. I decided to combine this fragments in a small video. This does not make much sense, but, perhaps, someone will find this “time-lapse” interesting 😉
Among the great presentations and workshops, there were also a small exhibition. This year there was two #VulnerabilityManagement vendors: #BeyondSecurity and #Qualys.
#Yandex #WAS #w3af #SecuriTeam #SDLC #SAST #Qualys #mimikatz #Kaspersky #DAST #CloudAgents #BurpSuite #BeyondSecurity #AVDS #VulnerabilityManagement #Events #ZeroNights
Read more: https://avleonov.com/2017/11/19/zeronights-2017-back-to-the-cyber-80s/
Last Friday, 17th of November, I attended the ZeroNights 2017 conference in Moscow. And it was pretty awesome. Thanks to the organizers! Here I would like to share some of my impressions.
First of all, I want to say that two main Moscow events for information security practitioners, #PHDays and ZeroNights, provide an excellent opportunity to meet all of the colleagues at once and to synchronize current views on important information security issues, including, of course, #VulnerabilityManagement, the most relevant for me. My opinion is that this year’s behind-the-scene conversations were especially good. And this is the most valuable characteristic for the event.
Every ZeroNights event has it’s own style. This time it was some geeky cyber retro from 1980s, like in popular cult movie Kung Fury. The place was also changed from familiar Cosmos Hotel to ZIL Culture Centre. It is the largest Palace of Culture from the Soviet Moscow times. The combination of US 80s cultural artifacts, RETROWAVE music with Soviet-style interiors (including, for example, statue of Lenin) made a pretty weird combination, but I liked it =)
I was unintentionally taking photos using some strange mode in camera and recorded a very short video fragment (3-5 seconds) for each photo. I decided to combine this fragments in a small video. This does not make much sense, but, perhaps, someone will find this “time-lapse” interesting 😉
Among the great presentations and workshops, there were also a small exhibition. This year there was two #VulnerabilityManagement vendors: #BeyondSecurity and #Qualys.
#Yandex #WAS #w3af #SecuriTeam #SDLC #SAST #Qualys #mimikatz #Kaspersky #DAST #CloudAgents #BurpSuite #BeyondSecurity #AVDS #VulnerabilityManagement #Events #ZeroNights
Read more: https://avleonov.com/2017/11/19/zeronights-2017-back-to-the-cyber-80s/
Alexander V. Leonov
ZeroNights 2017: back to the cyber 80s
Last Friday, 17th of November, I attended the ZeroNights 2017 conference in Moscow. And it was pretty awesome. Thanks to the organizers! Here I would like to share some of my impressions.
SOC Forum 2017: How I Learned to Stop Worrying and Love Massive Malware Attacks
Today I spoke at #SOCForum 2017 in Moscow. It was a great large-scale event about Security Operation Centers. 2,700 people registered. Lots of people in suits 😉 . And lots of my good fellows.
The event was held in Radisson Royal Congress Park. There were three large halls for presentations and a huge space for exhibition/networking.
I would like to mention а stand of #PositiveTechnologies. They have shown today their new PT Security Intelligence Portal with #dashboards for executives and joint service with #SolarSecurity for providing #GosSOPKA functionality. Some stands were dedicated to Russian government Information Security initiatives: #GosSOPKA, #BDUFSTEC #vulnerability database and #FinCERT of the Central Bank of Russia.
During my presentation, I was talking how massive #malware (ransomware) attacks can be useful for an organization. Quite a provocative topic, right? 😉 I meant it in the sense that all the hype around #malware attack can help Information Security team to do the the following things:
* Establish useful policies, like mandatory #Windows host reboot after patch installation
* Ban some convenient, but dangerous functionality, like smb file sharing between workstations
* Implement useful processes, like system hardening (e.g. against mimikatz) or continuous processing of #CERT (FinCERT) bulletins
#YuriyBosov #WannaCry #SolarSecurity #SOCForum #ransomware #PositiveTechnologies #notPetya #MonaArkhipova #mimikatz #GosSOPKA #FinCERT #CERT #BDUFSTEC #BadRabbit #Acribia #Video #Events
Read more: https://avleonov.com/2017/11/22/soc-forum-2017-how-i-learned-to-stop-worrying-and-love-massive-malware-attacks/
Today I spoke at #SOCForum 2017 in Moscow. It was a great large-scale event about Security Operation Centers. 2,700 people registered. Lots of people in suits 😉 . And lots of my good fellows.
The event was held in Radisson Royal Congress Park. There were three large halls for presentations and a huge space for exhibition/networking.
I would like to mention а stand of #PositiveTechnologies. They have shown today their new PT Security Intelligence Portal with #dashboards for executives and joint service with #SolarSecurity for providing #GosSOPKA functionality. Some stands were dedicated to Russian government Information Security initiatives: #GosSOPKA, #BDUFSTEC #vulnerability database and #FinCERT of the Central Bank of Russia.
During my presentation, I was talking how massive #malware (ransomware) attacks can be useful for an organization. Quite a provocative topic, right? 😉 I meant it in the sense that all the hype around #malware attack can help Information Security team to do the the following things:
* Establish useful policies, like mandatory #Windows host reboot after patch installation
* Ban some convenient, but dangerous functionality, like smb file sharing between workstations
* Implement useful processes, like system hardening (e.g. against mimikatz) or continuous processing of #CERT (FinCERT) bulletins
#YuriyBosov #WannaCry #SolarSecurity #SOCForum #ransomware #PositiveTechnologies #notPetya #MonaArkhipova #mimikatz #GosSOPKA #FinCERT #CERT #BDUFSTEC #BadRabbit #Acribia #Video #Events
Read more: https://avleonov.com/2017/11/22/soc-forum-2017-how-i-learned-to-stop-worrying-and-love-massive-malware-attacks/
Vulnerability Management for Network Perimeter
Network Perimeter is like a door to your organization. It is accessible to everyone and #vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It’s important not to be such of target. 😉
What does it mean to control the network perimeter? Well, practically this process consist of two main parts:
* Assessing network hosts that are facing Internet using some Network Scanner (Nessus, #OpenVAS, #Qualys, MaxPatrol. #FSecure Radar, etc.)
* Assessing application servers, e.g. Web Servers, on these hosts using some special tools, e.g. Web Application Scanners (Acunetix, #BurpSuite, #Qualys #WAS, #Tenableio #WAS, #HighTechBridge ImmuniWeb, etc.)
Active scanning is a good method of perimeter assessment. Dynamics of the assets is relatively low, comparing with the Office Network. Perimeter hosts usually stays active all the time, including the time when you are going to #scan scanning them. 😉
Most of the dangerous vulnerabilities can be detected without authorization: problems with encryption (OpenSSL #Heartbleed, #Poodle, etc.). #RCE and DoS of web servers and frameworks (Apache Struts and #Equifax case)
The best results can be achieved with scanners deployed outside of your network. Thus, you will see your Network Perimeter the same way a potential attacker sees it. But certainly, you will be in a better position:
* You can ask your IT administrators to add your network and #WAS scanners in white list, so they will not be banned.
* You can check and correlate #scan results of remote #scanner with (authenticated?) #scan results produced by the #scanner deployed in your organization’s network and thus filtering false positives.
What about the targets for scanning? How should you get them?
#Tenableio #Splunk #QualysWAS #Qualys #python #Poodle #OpenVAS #OpenSSL #Nessus #Maxpatrol #HighTechBridge #Heartbleed #FSecureRadar #Equifax #BurpSuite #AtlassianJIRA #ApacheStruts #Acunetix #VulnerabilityManagement #PerimeterServices #Concept
Read more: https://avleonov.com/2017/11/28/vulnerability-management-for-network-perimeter/
Network Perimeter is like a door to your organization. It is accessible to everyone and #vulnerability exploitation does not require any human interactions, unlike, for example, phishing attacks. Potential attacker can automate most of his actions searching for an easy target. It’s important not to be such of target. 😉
What does it mean to control the network perimeter? Well, practically this process consist of two main parts:
* Assessing network hosts that are facing Internet using some Network Scanner (Nessus, #OpenVAS, #Qualys, MaxPatrol. #FSecure Radar, etc.)
* Assessing application servers, e.g. Web Servers, on these hosts using some special tools, e.g. Web Application Scanners (Acunetix, #BurpSuite, #Qualys #WAS, #Tenableio #WAS, #HighTechBridge ImmuniWeb, etc.)
Active scanning is a good method of perimeter assessment. Dynamics of the assets is relatively low, comparing with the Office Network. Perimeter hosts usually stays active all the time, including the time when you are going to #scan scanning them. 😉
Most of the dangerous vulnerabilities can be detected without authorization: problems with encryption (OpenSSL #Heartbleed, #Poodle, etc.). #RCE and DoS of web servers and frameworks (Apache Struts and #Equifax case)
The best results can be achieved with scanners deployed outside of your network. Thus, you will see your Network Perimeter the same way a potential attacker sees it. But certainly, you will be in a better position:
* You can ask your IT administrators to add your network and #WAS scanners in white list, so they will not be banned.
* You can check and correlate #scan results of remote #scanner with (authenticated?) #scan results produced by the #scanner deployed in your organization’s network and thus filtering false positives.
What about the targets for scanning? How should you get them?
#Tenableio #Splunk #QualysWAS #Qualys #python #Poodle #OpenVAS #OpenSSL #Nessus #Maxpatrol #HighTechBridge #Heartbleed #FSecureRadar #Equifax #BurpSuite #AtlassianJIRA #ApacheStruts #Acunetix #VulnerabilityManagement #PerimeterServices #Concept
Read more: https://avleonov.com/2017/11/28/vulnerability-management-for-network-perimeter/
Atlassian Jira, Python and automated labeling
I have already wrote about #Atlassian Jira automation in “Automated task processing with JIRA API“. But all examples there were with using of #curl. So, I decided to make one more post about Jira #API. This time with #python examples and about labeling issues (nice wordplay, right? ;-)).
You can use labeles for organizing issues on Jira Scrum and #Kanban Boards, Jira Dashboards or just for advanced searching (e.g. `labels = "LabelName"`)
Let’s start from the basics.
### How to search Jira issues from your own #python scripts?
It’s easy. Send a post request to _/rest/api/2/search/_ with some JQL expression. Jira server will return first 50 matching issues. If you need more, set a **startAt** parameter and repeat post requests while the number of issues you requested is less than **total** number of founded issues (parameter in response).
#scrum #python #Kanban #json #AtlassianJIRA #Atlassian #API
Read more: https://avleonov.com/2017/11/30/atlassian-jira-python-and-automated-labeling/
I have already wrote about #Atlassian Jira automation in “Automated task processing with JIRA API“. But all examples there were with using of #curl. So, I decided to make one more post about Jira #API. This time with #python examples and about labeling issues (nice wordplay, right? ;-)).
You can use labeles for organizing issues on Jira Scrum and #Kanban Boards, Jira Dashboards or just for advanced searching (e.g. `labels = "LabelName"`)
Let’s start from the basics.
### How to search Jira issues from your own #python scripts?
It’s easy. Send a post request to _/rest/api/2/search/_ with some JQL expression. Jira server will return first 50 matching issues. If you need more, set a **startAt** parameter and repeat post requests while the number of issues you requested is less than **total** number of founded issues (parameter in response).
#scrum #python #Kanban #json #AtlassianJIRA #Atlassian #API
Read more: https://avleonov.com/2017/11/30/atlassian-jira-python-and-automated-labeling/
Processing .docx and .xlsx files with Python
MS Office documents are probably one of the most inconvenient and poorly formalized data sources. It’s much better to keep all the data in specialized databases or at least in wiki. But in real life, MS Office documents are in active use in nearly every organization. Simply because it is a flexible and easy tool that anyone can use. That’s why it’s important to know an automated ways for processing such files.
You can easily edit .docx files without any libraries. Technically it’s just a zip archive. So, you can unzip it, make a replacement in the document.xml file and make a zip it again. It’s much better than dealing with old binary .doc files. But there are even more elegant ways.
Let’s says, we need to read data from .xlsx document and generate .docx files based on some existing template. To work with .xlsx files I will use #openpyxl #python library,
#xlsx #python #openpyxl #docx #API #Microsoft #MSOffice #pythondocx
Read more: https://avleonov.com/2017/12/02/processing-docx-and-xlsx-files-with-python/
MS Office documents are probably one of the most inconvenient and poorly formalized data sources. It’s much better to keep all the data in specialized databases or at least in wiki. But in real life, MS Office documents are in active use in nearly every organization. Simply because it is a flexible and easy tool that anyone can use. That’s why it’s important to know an automated ways for processing such files.
You can easily edit .docx files without any libraries. Technically it’s just a zip archive. So, you can unzip it, make a replacement in the document.xml file and make a zip it again. It’s much better than dealing with old binary .doc files. But there are even more elegant ways.
Let’s says, we need to read data from .xlsx document and generate .docx files based on some existing template. To work with .xlsx files I will use #openpyxl #python library,
#xlsx #python #openpyxl #docx #API #Microsoft #MSOffice #pythondocx
Read more: https://avleonov.com/2017/12/02/processing-docx-and-xlsx-files-with-python/
Vulners.com vulnerability detection plugins for Burp Suite and Google Chrome
What is the main idea of version-based #vulnerability detection, especially for Web Applications? With an access to the HTTP response (html, headers, scripts, etc.), you can get the name and version of some standards web application (e.g. CMS, CRM, wiki, task tracker) or names and versions of software components that this web application uses: web server, libraries, frameworks, and so on.
Next step is to get all known vulnerabilities and #exploits for this software. This is the typical task for Vulners.com – largest database and security content searching system (see “Vulners – #Google for hacker“).
So, guys from Vulners Team made a set of useful regular expressions for detecting software names and versions – https://vulners.com/api/v3/burp/rules. You can use this rules in your own scripts and if you want something that will work out of the box, you can try existing plugins for #BurpSuite and #Google Chrome.
In this post I would like to show how the detection rules work, present new Vulners Burp #API and #vulnerability detection plugins for #BurpSuite and #Google Chrome.
#vulnerscom #json #GoogleChrome #CPE #BurpSuite #AtlassianConfluence #ApacheTomcat #AngularJS #VulnerabilityManagement #API
Read more: https://avleonov.com/2017/12/10/vulners-com-vulnerability-detection-plugins-for-burp-suite-and-google-chrome/
What is the main idea of version-based #vulnerability detection, especially for Web Applications? With an access to the HTTP response (html, headers, scripts, etc.), you can get the name and version of some standards web application (e.g. CMS, CRM, wiki, task tracker) or names and versions of software components that this web application uses: web server, libraries, frameworks, and so on.
Next step is to get all known vulnerabilities and #exploits for this software. This is the typical task for Vulners.com – largest database and security content searching system (see “Vulners – #Google for hacker“).
So, guys from Vulners Team made a set of useful regular expressions for detecting software names and versions – https://vulners.com/api/v3/burp/rules. You can use this rules in your own scripts and if you want something that will work out of the box, you can try existing plugins for #BurpSuite and #Google Chrome.
In this post I would like to show how the detection rules work, present new Vulners Burp #API and #vulnerability detection plugins for #BurpSuite and #Google Chrome.
#vulnerscom #json #GoogleChrome #CPE #BurpSuite #AtlassianConfluence #ApacheTomcat #AngularJS #VulnerabilityManagement #API
Read more: https://avleonov.com/2017/12/10/vulners-com-vulnerability-detection-plugins-for-burp-suite-and-google-chrome/
Vulners.com vulnerability detection plugins for Burp Suite and Google Chrome
New Nessus 7 Professional and the end of cost-effective Vulnerability Management (as we knew it)
It’s an epic and really sad news. 🙁
When people asked me about the cost-effective solution for #VulnerabilityManagement I usually answered: “Nessus Professional with some additional automation through #Nessus API”.
With just a couple of #Nessus Professional scanning nodes it was possible to #scan all the infrastructure and network perimeter (see “Vulnerability Management for Network Perimeter“). Price for each node was fixed and reasonable. And you could make your any reports from the raw #scan data, as you like it.
#Nessus Pro was still were best choice even when Tenable:
* Cut off master/slave functionality in #Nessus and created “Nessus Manager”.
* Changed #API completely during the update from 5 to 6 version.
* Gradually increased the price from $1,5k to $2,7k per scanning node per year.
But unfortunately it’s not anymore. End of an era.
And what is even more sad is that #Tenable does not mention disabling the #API and multi-user function in the main #Nessus 7 marketing, as it never was, as if it’s not very important. Just look at “Announcing #Nessus Professional v7” – not a word about “API” or users. Only in additional link:
Only there, in the text (not a video) there is an information about removed features.
The nice little things like “Easily transferable license” and “Emailed #scan reports and custom report name / logo” do not make it any better.
So, what next?
#Tenableio #TenableSecurityCenter #Tenable #SikuliX #Selenium #OpenVAS #NessusManager #Nessus #VulnerabilityManagement #Productology #ComplianceManagement #API
Read more: https://avleonov.com/2017/12/13/new-nessus-7-professional-and-the-end-of-cost-effective-vulnerability-management-as-we-knew-it/
It’s an epic and really sad news. 🙁
When people asked me about the cost-effective solution for #VulnerabilityManagement I usually answered: “Nessus Professional with some additional automation through #Nessus API”.
With just a couple of #Nessus Professional scanning nodes it was possible to #scan all the infrastructure and network perimeter (see “Vulnerability Management for Network Perimeter“). Price for each node was fixed and reasonable. And you could make your any reports from the raw #scan data, as you like it.
#Nessus Pro was still were best choice even when Tenable:
* Cut off master/slave functionality in #Nessus and created “Nessus Manager”.
* Changed #API completely during the update from 5 to 6 version.
* Gradually increased the price from $1,5k to $2,7k per scanning node per year.
But unfortunately it’s not anymore. End of an era.
And what is even more sad is that #Tenable does not mention disabling the #API and multi-user function in the main #Nessus 7 marketing, as it never was, as if it’s not very important. Just look at “Announcing #Nessus Professional v7” – not a word about “API” or users. Only in additional link:
Only there, in the text (not a video) there is an information about removed features.
The nice little things like “Easily transferable license” and “Emailed #scan reports and custom report name / logo” do not make it any better.
So, what next?
#Tenableio #TenableSecurityCenter #Tenable #SikuliX #Selenium #OpenVAS #NessusManager #Nessus #VulnerabilityManagement #Productology #ComplianceManagement #API
Read more: https://avleonov.com/2017/12/13/new-nessus-7-professional-and-the-end-of-cost-effective-vulnerability-management-as-we-knew-it/
Microsoft security solutions against ransomware and APT
Last Tuesday I was invited to #Microsoft business breakfast “Effective protection against targeted and multilevel attacks”. Here I would like to share some of my thoughts on this. Need to mention that the food was delicious and the restaurant of Russian Geographical Society is a very lovely place. 😉 Thanks, Microsoft!
### #Microsoft as a security vendor? O RLY?
#Microsoft products are not actually my topic. To tell you the truth, personally I’d better live in a world without this massive #Windows hegemony in desktop operating systems. I use #Linux mostly. And even when I have to work in a #Windows environment, it’s much easier for me to do all the work in some #Linux virtual machine.
But in the real life almost every office network is build on #Microsoft solutions. And if you are doing #VulnerabilityManagement in any organization, you should deal with them too. The good news is that many security features are available out of the box in the MS products that you have already purchased. It’s just important to know about these features and use them right.
One more thing, why it’s interesting to learn more about #Microsoft information security products. #Microsoft developers, obviously, have direct access to #Windows source code and know better how their own OS works. Many things are much easier for them to implement than for other security vendors. So, good chances that you will see in #Microsoft products some interesting features, that other vendors don’t have (yet).
### Drowning in data
The event began with an opening speech by #AndreyIvanov from #Microsoft Russia.
I liked his thesis that “we are drowning in security data”:
* Threat Intelligence from different sources that need to be implemented in your infrastructure and somehow validated. A good place to mention Vulners.com #vulnerability feeds 😉
* Threat Detection using logs, scanners, various protection tools, etc.
* The overall number of #SIEM inputs is growing faster than our resources. New IT system = new problems of #SIEM configuration.
So, it would be nice if somebody, for example OS vendor, will provide all this as a service, right? 😉
### Detect the undetectable
Then there was the keynote by #ZbigniewKukowski – one of the leading #Microsoft information security experts.
#### Why is it necessary?
Here is what I would like to note from his report. First of all, great arguments_ why it is necessary_. Ok, this is marketing. But the ability to explain (to sell) necessity of information security is important skill for any information security specialist now. It does not matter if you are working in a security vendor, integrator or customer.
Zbigniew mentioned an interesting case: some Polish company, that lost $ 4.3 million in recent the #Petya attack in 4 days. The cost of Information Security measures will be much less than the potential losses of business.
Another argument – attacks are not the entertainment for some individuals any more. Now it’s a well-organized criminal business. Dozens of people are working on popular #malware tools, like #Petya. That’s why #ransomware tools are so popular now – cyber-criminals just want to return their development costs.
#ZbigniewKukowski #WindowsDefenderCredentialGuard #vulnerscom #VirusTotal #ransomware #Petya #mimikatz #Microsoft #Linux #ControlledFolderAccess #BadRabbit #AndreyIvanov #SIEM #Productology
Read more: https://avleonov.com/2017/12/20/microsoft-security-solutions-against-ransomware-and-apt/
Last Tuesday I was invited to #Microsoft business breakfast “Effective protection against targeted and multilevel attacks”. Here I would like to share some of my thoughts on this. Need to mention that the food was delicious and the restaurant of Russian Geographical Society is a very lovely place. 😉 Thanks, Microsoft!
### #Microsoft as a security vendor? O RLY?
#Microsoft products are not actually my topic. To tell you the truth, personally I’d better live in a world without this massive #Windows hegemony in desktop operating systems. I use #Linux mostly. And even when I have to work in a #Windows environment, it’s much easier for me to do all the work in some #Linux virtual machine.
But in the real life almost every office network is build on #Microsoft solutions. And if you are doing #VulnerabilityManagement in any organization, you should deal with them too. The good news is that many security features are available out of the box in the MS products that you have already purchased. It’s just important to know about these features and use them right.
One more thing, why it’s interesting to learn more about #Microsoft information security products. #Microsoft developers, obviously, have direct access to #Windows source code and know better how their own OS works. Many things are much easier for them to implement than for other security vendors. So, good chances that you will see in #Microsoft products some interesting features, that other vendors don’t have (yet).
### Drowning in data
The event began with an opening speech by #AndreyIvanov from #Microsoft Russia.
I liked his thesis that “we are drowning in security data”:
* Threat Intelligence from different sources that need to be implemented in your infrastructure and somehow validated. A good place to mention Vulners.com #vulnerability feeds 😉
* Threat Detection using logs, scanners, various protection tools, etc.
* The overall number of #SIEM inputs is growing faster than our resources. New IT system = new problems of #SIEM configuration.
So, it would be nice if somebody, for example OS vendor, will provide all this as a service, right? 😉
### Detect the undetectable
Then there was the keynote by #ZbigniewKukowski – one of the leading #Microsoft information security experts.
#### Why is it necessary?
Here is what I would like to note from his report. First of all, great arguments_ why it is necessary_. Ok, this is marketing. But the ability to explain (to sell) necessity of information security is important skill for any information security specialist now. It does not matter if you are working in a security vendor, integrator or customer.
Zbigniew mentioned an interesting case: some Polish company, that lost $ 4.3 million in recent the #Petya attack in 4 days. The cost of Information Security measures will be much less than the potential losses of business.
Another argument – attacks are not the entertainment for some individuals any more. Now it’s a well-organized criminal business. Dozens of people are working on popular #malware tools, like #Petya. That’s why #ransomware tools are so popular now – cyber-criminals just want to return their development costs.
#ZbigniewKukowski #WindowsDefenderCredentialGuard #vulnerscom #VirusTotal #ransomware #Petya #mimikatz #Microsoft #Linux #ControlledFolderAccess #BadRabbit #AndreyIvanov #SIEM #Productology
Read more: https://avleonov.com/2017/12/20/microsoft-security-solutions-against-ransomware-and-apt/
Vulners Nmap plugin
In previous post about Vulners #vulnerability detection plugins for Burp and #GoogleChrome, I mentioned that it would be great to have a plugin for some free publicly available tool, like #Nmap. And guys from the Vulners Team have recently released #Nmap plugin. Isn’t it awesome? 🙂
To detect vulnerabilities with Vulners #Nmap plugin, you need to download the script and run it like this:
$ wget -O vulners.nse https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse
$ nmap -sV --script vulners.nse corporation.com
The output you can see on the screenshot above.
First of all, I need to say that it’s not the full analogue of the plugins for Burp and #GoogleChrome.
In the current version it doesn’t analyse the content and headers of the site. It doesn’t detect vulnerabilities of standard Web applications. From the other hand, this plugin can detect vulnerabilities of network services, that plugins for Burp and Chrome obviously won’t detect.
#vulnerscom #python #OpenSSH #NmapNSE #Nmap #Lua #Exploit #exim #CPE #VulnerabilityManagement
Read more: https://avleonov.com/2017/12/29/vulners-nmap-plugin/
In previous post about Vulners #vulnerability detection plugins for Burp and #GoogleChrome, I mentioned that it would be great to have a plugin for some free publicly available tool, like #Nmap. And guys from the Vulners Team have recently released #Nmap plugin. Isn’t it awesome? 🙂
To detect vulnerabilities with Vulners #Nmap plugin, you need to download the script and run it like this:
$ wget -O vulners.nse https://raw.githubusercontent.com/vulnersCom/nmap-vulners/master/vulners.nse
$ nmap -sV --script vulners.nse corporation.com
The output you can see on the screenshot above.
First of all, I need to say that it’s not the full analogue of the plugins for Burp and #GoogleChrome.
In the current version it doesn’t analyse the content and headers of the site. It doesn’t detect vulnerabilities of standard Web applications. From the other hand, this plugin can detect vulnerabilities of network services, that plugins for Burp and Chrome obviously won’t detect.
#vulnerscom #python #OpenSSH #NmapNSE #Nmap #Lua #Exploit #exim #CPE #VulnerabilityManagement
Read more: https://avleonov.com/2017/12/29/vulners-nmap-plugin/