SlideShare uma empresa Scribd logo

SecureWV - APT2

Transferir como PPTX, PDF
A
Adam Compton

SecureWV - APT2

Internet
1 de 38
Automated PenTest Toolkit Adam Compton, Senior Security Consultant
Who Am I? • Adam in 5 words: • Father 6 years • Pentester 15+ years • Husband 16+ years • Programmer 20+ years • Hillbilly 40+ years Automated Pentest Toolkit
Overview • Penetration testing often begins with a simple routine. Recon & Discovery Test Simple Services Test Default Creds Common Exploits Dump Creds/Info Pivot & Continue Automated Pentest Toolkit
Overview • Penetration testing often begins with a simple routine. • This routine can be slow on large networks. Automated Pentest Toolkit
Overview • Penetration testing often begins with a simple routine. • This routine can be slow on large networks. • Much of this routine can be automated. Automated Pentest Toolkit
Overview • Penetration testing often begins with a simple routine. • This routine can be slow on large networks. • Much of this routine can be automated. • So we wrote a tool to help with the automation. Automated Pentest Toolkit
Typical Pentest Routine • Run Nmap (or port scanner of choice) Automated Pentest Toolkit
Typical Pentest Routine • Run Nmap (or port scanner of choice) • Review ports and services • Port 21 -> test for anonymous FTP • Port 80 -> identify web service and check for flaws/default creds • Port 445 -> enum users/shares, ms08-067?, … • ... Automated Pentest Toolkit
Typical Pentest Routine • Run Nmap (or port scanner of choice) • Review ports and services • Port 21 -> test for anonymous FTP • Port 80 -> identify web service and check for flaws/default creds • Port 445 -> enum users/shares, ms08-067?, … • ... • Run Responder / Metasploit / CrackMapExec / … Automated Pentest Toolkit
Typical Pentest Routine • Run Nmap (or port scanner of choice) • Review ports and services • Port 21 -> test for anonymous FTP • Port 80 -> identify web service and check for flaws/default creds • Port 445 -> enum users/shares, ms08-067?, … • ... • Run Responder / Metasploit / CrackMapExec / … • … • Take over the DC/database/etc.. Automated Pentest Toolkit
If it is not broken… • Repeatability • Consistency • Can be tedious and slow • Manually parsing through data can be prone to error • Automation can help Automated Pentest Toolkit
Why Not Use <insert favorite scanner>? PROS • Plenty to choose from • Useful in specific scenarios • Some are OpenSource / cheap Automated Pentest Toolkit
Why Not Use <insert favorite scanner>? PROS • Plenty to choose from • Useful in specific scenarios • Some are OpenSource CONS • Can be fairly resource intensive • Can be expensive • How easy to add a new check/tool? Automated Pentest Toolkit
Automation via Scripting • Kali already has LOTS of popular tools and scripts • Automation methods: • Bash • Python (or scripting language of choice) • Metasploit RPC Automated Pentest Toolkit
APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase Automated Pentest Toolkit
APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output Automated Pentest Toolkit
APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services Automated Pentest Toolkit
APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services • Modules respond to events to perform specific tasks Automated Pentest Toolkit
APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services • Modules respond to events to perform specific tasks • Modules can create new events Automated Pentest Toolkit
APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services • Modules respond to events to perform specific tasks • Modules can create new events • Runs until event queue is empty Automated Pentest Toolkit
How Does This Help? • Multi-threaded event queue is fast. • Simple to create new modules for nearly any tool/script. • Ready to go: • Get Kali (or your favorite distro & tools) • Clone the repo Automated Pentest Toolkit
So, What Can It Do? • Identify services & operating systems • Screenshot web applications, X11, VNC, … • Analyze FTP and file shares • Brute force accounts • Run Metasploit modules • Compile hashes -> John the Ripper/HashCat • “ls /usr/share” – If it is listed here, a module can probably be made for it Automated Pentest Toolkit
Anatomy of a Module • Inherit from base module (typically ActionModule) • Has standard properties: • Name • Description • Requirements – Which tools need to be installed? • Trigger – Which event does this module listen for? • Safety Level – Scale of 1 – 5 (5 = safe, 1 = dangerous) • ”process()” is the primary method Automated Pentest Toolkit
Are There Limitations? • Tools need to be non-interactive Automated Pentest Toolkit
Are There Limitations? • Tools need to be non-interactive • Multi-threading is tricky • lot of traffic fast • modules can have limits defined, depend on the author Automated Pentest Toolkit
Are There Limitations? • Tools need to be non-interactive • Multi-threading is tricky • lot of traffic fast • modules can have limits defined, depend on the author • Brute force with caution • you might break some things • safety levels are your friend Automated Pentest Toolkit
Are There Limitations? • Tools need to be non-interactive • Multi-threading is tricky • lot of traffic fast • modules can have limits defined, depend on the author • Brute force with caution • you might break some things • safety levels are your friend • Nonstandard ports and service names may throw off modules Automated Pentest Toolkit
Some numbers… • 30 servers with FTP Automated Pentest Toolkit
Some numbers… • 30 servers with FTP • Manual testing: ~10 seconds per server Automated Pentest Toolkit
Some numbers… • 30 servers with FTP • Manual testing: ~10 seconds per server • 5 minutes to check all of them Automated Pentest Toolkit
Some numbers… • 30 servers with FTP • Manual testing: ~10 seconds per server • 5 minutes to check all of them • APT2 – ~1 second per server, done in 40* seconds • *Assuming ideal conditions Automated Pentest Toolkit
Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” Automated Pentest Toolkit
Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” • Pick a tool for the service, ~30 seconds • EyeWitness, Nikto, SSLScan, etc. • Multiply if the tool only accepts 1 IP • +1 minute because you have to read the help menu Automated Pentest Toolkit
Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” • Pick a tool for the service, ~30 seconds • EyeWitness, Nikto, SSLScan, etc. • Multiply if the tool only accepts 1 IP • +1 minute because you have to read the help menu • Now repeat for each service! Automated Pentest Toolkit
Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” • Pick a tool for the service, ~30 seconds • EyeWitness, Nikto, SSLScan, etc. • Multiply if the tool only accepts 1 IP • +1 minute because you have to read the help menu • Now repeat for each service! • APT2 removes the baseline time Automated Pentest Toolkit
Demo Time Automated Pentest Toolkit
Development • Open source – Available on the Rapid7 Github account at https://www.github.com/MooseDojo/apt2 • Future plans • Import from more than just NMAP • Responder -> John the Ripper -> secretsdump.py (**partially there now**) • Lots more modules • Python 3 ? • Pretty Reports • ? Automated Pentest Toolkit
411 & Questions • Adam Compton • @tatanus • adam_compton@rapid7.com • adam.compton@gmail.com • https://www.github.com/MooseDojo/apt2 • QUESTIONS??? Automated Pentest Toolkit

Recomendados

DerbyCon - APT2
DerbyCon - APT2DerbyCon - APT2
DerbyCon - APT2Adam Compton
 
Bsides Knoxville - APT2
Bsides Knoxville - APT2Bsides Knoxville - APT2
Bsides Knoxville - APT2Adam Compton
 
Networking Architecture of Warframe
Networking Architecture of WarframeNetworking Architecture of Warframe
Networking Architecture of WarframeMaciej Siniło
 
Testing sync engine
Testing sync engineTesting sync engine
Testing sync engineIlya Puchka
 
Debugging multiplayer games
Debugging multiplayer gamesDebugging multiplayer games
Debugging multiplayer gamesMaciej Siniło
 
Why internal pen tests are still fun
Why internal pen tests are still funWhy internal pen tests are still fun
Why internal pen tests are still funpyschedelicsupernova
 
Training – Going Async
Training – Going AsyncTraining – Going Async
Training – Going AsyncBetclic Everest Group Tech Team
 
Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...
Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...
Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...Daniel Czerwonk
 

Recomendados

DerbyCon - APT2
DerbyCon - APT2DerbyCon - APT2
DerbyCon - APT2Adam Compton
 
Bsides Knoxville - APT2
Bsides Knoxville - APT2Bsides Knoxville - APT2
Bsides Knoxville - APT2Adam Compton
 
Networking Architecture of Warframe
Networking Architecture of WarframeNetworking Architecture of Warframe
Networking Architecture of WarframeMaciej Siniło
 
Testing sync engine
Testing sync engineTesting sync engine
Testing sync engineIlya Puchka
 
Debugging multiplayer games
Debugging multiplayer gamesDebugging multiplayer games
Debugging multiplayer gamesMaciej Siniło
 
Why internal pen tests are still fun
Why internal pen tests are still funWhy internal pen tests are still fun
Why internal pen tests are still funpyschedelicsupernova
 
Training – Going Async
Training – Going AsyncTraining – Going Async
Training – Going AsyncBetclic Everest Group Tech Team
 
Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...
Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...
Open source tools for optimizing your peering infrastructure @ DE-CIX TechMee...Daniel Czerwonk
 
Micro control idsecconf2010
Micro control idsecconf2010Micro control idsecconf2010
Micro control idsecconf2010idsecconf
 
Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)Igalia
 
Practical Malware Analysis: Ch 9: OllyDbg
Practical Malware Analysis: Ch 9: OllyDbgPractical Malware Analysis: Ch 9: OllyDbg
Practical Malware Analysis: Ch 9: OllyDbgSam Bowne
 
Cooking a rabbit pie
Cooking a rabbit pieCooking a rabbit pie
Cooking a rabbit pieTomas Doran
 
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreA Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreCTruncer
 
Oscp - Journey
Oscp - JourneyOscp - Journey
Oscp - JourneyVandana Verma
 
Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Sam Bowne
 
An EyeWitness View into your Network
An EyeWitness View into your NetworkAn EyeWitness View into your Network
An EyeWitness View into your NetworkCTruncer
 
Packers
PackersPackers
PackersAnge Albertini
 
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...CODE BLUE
 
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic AnalysisCNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic AnalysisSam Bowne
 
Steelcon 2014 - Process Injection with Python
Steelcon 2014 - Process Injection with PythonSteelcon 2014 - Process Injection with Python
Steelcon 2014 - Process Injection with Pythoninfodox
 
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attacDefcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attacPriyanka Aash
 
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbgPractical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbgSam Bowne
 
How to Keep Your Data Safe in MongoDB
How to Keep Your Data Safe in MongoDBHow to Keep Your Data Safe in MongoDB
How to Keep Your Data Safe in MongoDBMongoDB
 
Keeping MongoDB Data Safe
Keeping MongoDB Data SafeKeeping MongoDB Data Safe
Keeping MongoDB Data SafeTony Tam
 
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...Sam Bowne
 
Training - What is Performance ?
Training - What is Performance ?Training - What is Performance ?
Training - What is Performance ?Betclic Everest Group Tech Team
 
CNIT 126 8: Debugging
CNIT 126 8: DebuggingCNIT 126 8: Debugging
CNIT 126 8: DebuggingSam Bowne
 
CNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
CNIT 127 Ch 16: Fault Injection and 17: The Art of FuzzingCNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
CNIT 127 Ch 16: Fault Injection and 17: The Art of FuzzingSam Bowne
 
Nmap for Scriptors
Nmap for ScriptorsNmap for Scriptors
Nmap for Scriptorsn|u - The Open Security Community
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101dc612
 

Mais conteúdo relacionado

Mais procurados

Micro control idsecconf2010
Micro control idsecconf2010Micro control idsecconf2010
Micro control idsecconf2010idsecconf
 
Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)Igalia
 
Practical Malware Analysis: Ch 9: OllyDbg
Practical Malware Analysis: Ch 9: OllyDbgPractical Malware Analysis: Ch 9: OllyDbg
Practical Malware Analysis: Ch 9: OllyDbgSam Bowne
 
Cooking a rabbit pie
Cooking a rabbit pieCooking a rabbit pie
Cooking a rabbit pieTomas Doran
 
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreA Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreCTruncer
 
Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Sam Bowne
 
An EyeWitness View into your Network
An EyeWitness View into your NetworkAn EyeWitness View into your Network
An EyeWitness View into your NetworkCTruncer
 
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...CODE BLUE
 
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic AnalysisCNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic AnalysisSam Bowne
 
Steelcon 2014 - Process Injection with Python
Steelcon 2014 - Process Injection with PythonSteelcon 2014 - Process Injection with Python
Steelcon 2014 - Process Injection with Pythoninfodox
 
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attacDefcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attacPriyanka Aash
 
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbgPractical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbgSam Bowne
 
How to Keep Your Data Safe in MongoDB
How to Keep Your Data Safe in MongoDBHow to Keep Your Data Safe in MongoDB
How to Keep Your Data Safe in MongoDBMongoDB
 
Keeping MongoDB Data Safe
Keeping MongoDB Data SafeKeeping MongoDB Data Safe
Keeping MongoDB Data SafeTony Tam
 
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...Sam Bowne
 
CNIT 126 8: Debugging
CNIT 126 8: DebuggingCNIT 126 8: Debugging
CNIT 126 8: DebuggingSam Bowne
 
CNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
CNIT 127 Ch 16: Fault Injection and 17: The Art of FuzzingCNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
CNIT 127 Ch 16: Fault Injection and 17: The Art of FuzzingSam Bowne
 

Mais procurados (20)

Micro control idsecconf2010
Micro control idsecconf2010Micro control idsecconf2010
Micro control idsecconf2010
 
Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)Property-based testing an open-source compiler, pflua (FOSDEM 2015)
Property-based testing an open-source compiler, pflua (FOSDEM 2015)
 
Practical Malware Analysis: Ch 9: OllyDbg
Practical Malware Analysis: Ch 9: OllyDbgPractical Malware Analysis: Ch 9: OllyDbg
Practical Malware Analysis: Ch 9: OllyDbg
 
Cooking a rabbit pie
Cooking a rabbit pieCooking a rabbit pie
Cooking a rabbit pie
 
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and MoreA Battle Against the Industry - Beating Antivirus for Meterpreter and More
A Battle Against the Industry - Beating Antivirus for Meterpreter and More
 
Oscp - Journey
Oscp - JourneyOscp - Journey
Oscp - Journey
 
Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging Practical Malware Analysis: Ch 8: Debugging
Practical Malware Analysis: Ch 8: Debugging
 
An EyeWitness View into your Network
An EyeWitness View into your NetworkAn EyeWitness View into your Network
An EyeWitness View into your Network
 
Packers
PackersPackers
Packers
 
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
[CB16] COFI break – Breaking exploits with Processor trace and Practical cont...
 
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic AnalysisCNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
 
Steelcon 2014 - Process Injection with Python
Steelcon 2014 - Process Injection with PythonSteelcon 2014 - Process Injection with Python
Steelcon 2014 - Process Injection with Python
 
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attacDefcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
Defcon 22-paul-mcmillan-attacking-the-iot-using-timing-attac
 
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbgPractical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
Practical Malware Analysis: Ch 10: Kernel Debugging with WinDbg
 
How to Keep Your Data Safe in MongoDB
How to Keep Your Data Safe in MongoDBHow to Keep Your Data Safe in MongoDB
How to Keep Your Data Safe in MongoDB
 
Keeping MongoDB Data Safe
Keeping MongoDB Data SafeKeeping MongoDB Data Safe
Keeping MongoDB Data Safe
 
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
Practical Malware Analysis: Ch 2 Malware Analysis in Virtual Machines & 3: Ba...
 
Training - What is Performance ?
Training - What is Performance ?Training - What is Performance ?
Training - What is Performance ?
 
CNIT 126 8: Debugging
CNIT 126 8: DebuggingCNIT 126 8: Debugging
CNIT 126 8: Debugging
 
CNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
CNIT 127 Ch 16: Fault Injection and 17: The Art of FuzzingCNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
CNIT 127 Ch 16: Fault Injection and 17: The Art of Fuzzing
 

Semelhante a SecureWV - APT2

DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101dc612
 
Real time system_performance_mon
Real time system_performance_monReal time system_performance_mon
Real time system_performance_monTomas Doran
 
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwonThe basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwonKenneth Kwon
 
Monitorama 2015 Netflix Instance Analysis
Monitorama 2015 Netflix Instance AnalysisMonitorama 2015 Netflix Instance Analysis
Monitorama 2015 Netflix Instance AnalysisBrendan Gregg
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsBishop Fox
 
Jose Luis Soria - XP2014 - Designing a Release Pipeline
Jose Luis Soria - XP2014 - Designing a Release PipelineJose Luis Soria - XP2014 - Designing a Release Pipeline
Jose Luis Soria - XP2014 - Designing a Release PipelineJose Luis Soria
 
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface DeviceCreating Havoc using Human Interface Device
Creating Havoc using Human Interface DevicePositive Hack Days
 
Nomura UCCSC 2009
Nomura UCCSC 2009Nomura UCCSC 2009
Nomura UCCSC 2009dnomura
 
Functionality, security and performance monitoring of web assets (e.g. Joomla...
Functionality, security and performance monitoring of web assets (e.g. Joomla...Functionality, security and performance monitoring of web assets (e.g. Joomla...
Functionality, security and performance monitoring of web assets (e.g. Joomla...Sanjay Willie
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersAndrew McNicol
 
Enumeration
EnumerationEnumeration
Enumerationfsciallo
 
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class Chris Gates
 
Hacklu2011 tricaud
Hacklu2011 tricaudHacklu2011 tricaud
Hacklu2011 tricaudstricaud
 

Semelhante a SecureWV - APT2 (20)

Nmap for Scriptors
Nmap for ScriptorsNmap for Scriptors
Nmap for Scriptors
 
DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101DC612 Day - Hands on Penetration Testing 101
DC612 Day - Hands on Penetration Testing 101
 
Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
 
Real time system_performance_mon
Real time system_performance_monReal time system_performance_mon
Real time system_performance_mon
 
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwonThe basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
The basics of hacking and penetration testing 이제 시작이야 해킹과 침투 테스트 kenneth.s.kwon
 
Monitorama 2015 Netflix Instance Analysis
Monitorama 2015 Netflix Instance AnalysisMonitorama 2015 Netflix Instance Analysis
Monitorama 2015 Netflix Instance Analysis
 
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit BasicsNetwork Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
Network Penetration Testing Toolkit - Nmap, Netcat, and Metasploit Basics
 
Jose Luis Soria - XP2014 - Designing a Release Pipeline
Jose Luis Soria - XP2014 - Designing a Release PipelineJose Luis Soria - XP2014 - Designing a Release Pipeline
Jose Luis Soria - XP2014 - Designing a Release Pipeline
 
Creating Havoc using Human Interface Device
Creating Havoc using Human Interface DeviceCreating Havoc using Human Interface Device
Creating Havoc using Human Interface Device
 
Nomura UCCSC 2009
Nomura UCCSC 2009Nomura UCCSC 2009
Nomura UCCSC 2009
 
Redundant devops
Redundant devopsRedundant devops
Redundant devops
 
Functionality, security and performance monitoring of web assets (e.g. Joomla...
Functionality, security and performance monitoring of web assets (e.g. Joomla...Functionality, security and performance monitoring of web assets (e.g. Joomla...
Functionality, security and performance monitoring of web assets (e.g. Joomla...
 
ethical Hack
ethical Hackethical Hack
ethical Hack
 
Wm4
Wm4Wm4
Wm4
 
Wm4
Wm4Wm4
Wm4
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
 
Enumeration
EnumerationEnumeration
Enumeration
 
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
The Dirty Little Secrets They Didn’t Teach You In Pentesting Class
 
Learning to code
Learning to codeLearning to code
Learning to code
 
Hacklu2011 tricaud
Hacklu2011 tricaudHacklu2011 tricaud
Hacklu2011 tricaud
 

Mais de Adam Compton

Becoming a Pentester
Becoming a PentesterBecoming a Pentester
Becoming a PentesterAdam Compton
 
A HillyBilly's Guide to Staying Anonymous Online - SecureWV
A HillyBilly's Guide to Staying Anonymous Online - SecureWVA HillyBilly's Guide to Staying Anonymous Online - SecureWV
A HillyBilly's Guide to Staying Anonymous Online - SecureWVAdam Compton
 
BSidesKnoxville 2019 - Unix: The Other White Meat
BSidesKnoxville 2019 - Unix: The Other White MeatBSidesKnoxville 2019 - Unix: The Other White Meat
BSidesKnoxville 2019 - Unix: The Other White MeatAdam Compton
 
2018 DerbyCon - Hillbilly Storytime - Pentest Fails
2018 DerbyCon - Hillbilly Storytime - Pentest Fails2018 DerbyCon - Hillbilly Storytime - Pentest Fails
2018 DerbyCon - Hillbilly Storytime - Pentest FailsAdam Compton
 
2018 HackerHalted - Hillbilly Storytime - Pentest Fails
2018 HackerHalted - Hillbilly Storytime - Pentest Fails2018 HackerHalted - Hillbilly Storytime - Pentest Fails
2018 HackerHalted - Hillbilly Storytime - Pentest FailsAdam Compton
 
Bsides LV - Hillbilly Storytime - Pentest Fails
Bsides LV - Hillbilly Storytime - Pentest FailsBsides LV - Hillbilly Storytime - Pentest Fails
Bsides LV - Hillbilly Storytime - Pentest FailsAdam Compton
 
SecureWV - PentestFails
SecureWV - PentestFailsSecureWV - PentestFails
SecureWV - PentestFailsAdam Compton
 
Infosec Europe 17 - PentestFails
Infosec Europe 17 - PentestFailsInfosec Europe 17 - PentestFails
Infosec Europe 17 - PentestFailsAdam Compton
 
Bsides Nashville - PentestFails
Bsides Nashville - PentestFailsBsides Nashville - PentestFails
Bsides Nashville - PentestFailsAdam Compton
 
Bsides Knoxville - OSINT
Bsides Knoxville - OSINTBsides Knoxville - OSINT
Bsides Knoxville - OSINTAdam Compton
 
Bsides Knoxville - PentestFails
Bsides Knoxville - PentestFailsBsides Knoxville - PentestFails
Bsides Knoxville - PentestFailsAdam Compton
 

Mais de Adam Compton (13)

Becoming a Pentester
Becoming a PentesterBecoming a Pentester
Becoming a Pentester
 
A HillyBilly's Guide to Staying Anonymous Online - SecureWV
A HillyBilly's Guide to Staying Anonymous Online - SecureWVA HillyBilly's Guide to Staying Anonymous Online - SecureWV
A HillyBilly's Guide to Staying Anonymous Online - SecureWV
 
BSidesKnoxville 2019 - Unix: The Other White Meat
BSidesKnoxville 2019 - Unix: The Other White MeatBSidesKnoxville 2019 - Unix: The Other White Meat
BSidesKnoxville 2019 - Unix: The Other White Meat
 
2018 DerbyCon - Hillbilly Storytime - Pentest Fails
2018 DerbyCon - Hillbilly Storytime - Pentest Fails2018 DerbyCon - Hillbilly Storytime - Pentest Fails
2018 DerbyCon - Hillbilly Storytime - Pentest Fails
 
2018 HackerHalted - Hillbilly Storytime - Pentest Fails
2018 HackerHalted - Hillbilly Storytime - Pentest Fails2018 HackerHalted - Hillbilly Storytime - Pentest Fails
2018 HackerHalted - Hillbilly Storytime - Pentest Fails
 
Bsides LV - Hillbilly Storytime - Pentest Fails
Bsides LV - Hillbilly Storytime - Pentest FailsBsides LV - Hillbilly Storytime - Pentest Fails
Bsides LV - Hillbilly Storytime - Pentest Fails
 
SecureWV - PentestFails
SecureWV - PentestFailsSecureWV - PentestFails
SecureWV - PentestFails
 
Infosec Europe 17 - PentestFails
Infosec Europe 17 - PentestFailsInfosec Europe 17 - PentestFails
Infosec Europe 17 - PentestFails
 
HackCon - SPF
HackCon - SPFHackCon - SPF
HackCon - SPF
 
DerbyCon - Legion
DerbyCon - LegionDerbyCon - Legion
DerbyCon - Legion
 
Bsides Nashville - PentestFails
Bsides Nashville - PentestFailsBsides Nashville - PentestFails
Bsides Nashville - PentestFails
 
Bsides Knoxville - OSINT
Bsides Knoxville - OSINTBsides Knoxville - OSINT
Bsides Knoxville - OSINT
 
Bsides Knoxville - PentestFails
Bsides Knoxville - PentestFailsBsides Knoxville - PentestFails
Bsides Knoxville - PentestFails
 

Último

Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...tanu pandey
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Delhi Call girls
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 

Último (20)

Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
𓀤Call On 7877925207 𓀤 Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
 
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
Nanded City ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready ...
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
APNIC Policy Roundup, presented by Sunny Chendi at the 5th ICANN APAC-TWNIC E...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
 
📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱
📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱
📱Dehradun Call Girls Service 📱☎️ +91'905,3900,678 ☎️📱 Call Girls In Dehradun 📱
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
Hire↠Young Call Girls in Tilak nagar (Delhi) ☎️ 9205541914 ☎️ Independent Esc...
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 

SecureWV - APT2

  • 1. Automated PenTest Toolkit Adam Compton, Senior Security Consultant
  • 2. Who Am I? • Adam in 5 words: • Father 6 years • Pentester 15+ years • Husband 16+ years • Programmer 20+ years • Hillbilly 40+ years Automated Pentest Toolkit
  • 3. Overview • Penetration testing often begins with a simple routine. Recon & Discovery Test Simple Services Test Default Creds Common Exploits Dump Creds/Info Pivot & Continue Automated Pentest Toolkit
  • 4. Overview • Penetration testing often begins with a simple routine. • This routine can be slow on large networks. Automated Pentest Toolkit
  • 5. Overview • Penetration testing often begins with a simple routine. • This routine can be slow on large networks. • Much of this routine can be automated. Automated Pentest Toolkit
  • 6. Overview • Penetration testing often begins with a simple routine. • This routine can be slow on large networks. • Much of this routine can be automated. • So we wrote a tool to help with the automation. Automated Pentest Toolkit
  • 7. Typical Pentest Routine • Run Nmap (or port scanner of choice) Automated Pentest Toolkit
  • 8. Typical Pentest Routine • Run Nmap (or port scanner of choice) • Review ports and services • Port 21 -> test for anonymous FTP • Port 80 -> identify web service and check for flaws/default creds • Port 445 -> enum users/shares, ms08-067?, … • ... Automated Pentest Toolkit
  • 9. Typical Pentest Routine • Run Nmap (or port scanner of choice) • Review ports and services • Port 21 -> test for anonymous FTP • Port 80 -> identify web service and check for flaws/default creds • Port 445 -> enum users/shares, ms08-067?, … • ... • Run Responder / Metasploit / CrackMapExec / … Automated Pentest Toolkit
  • 10. Typical Pentest Routine • Run Nmap (or port scanner of choice) • Review ports and services • Port 21 -> test for anonymous FTP • Port 80 -> identify web service and check for flaws/default creds • Port 445 -> enum users/shares, ms08-067?, … • ... • Run Responder / Metasploit / CrackMapExec / … • … • Take over the DC/database/etc.. Automated Pentest Toolkit
  • 11. If it is not broken… • Repeatability • Consistency • Can be tedious and slow • Manually parsing through data can be prone to error • Automation can help Automated Pentest Toolkit
  • 12. Why Not Use <insert favorite scanner>? PROS • Plenty to choose from • Useful in specific scenarios • Some are OpenSource / cheap Automated Pentest Toolkit
  • 13. Why Not Use <insert favorite scanner>? PROS • Plenty to choose from • Useful in specific scenarios • Some are OpenSource CONS • Can be fairly resource intensive • Can be expensive • How easy to add a new check/tool? Automated Pentest Toolkit
  • 14. Automation via Scripting • Kali already has LOTS of popular tools and scripts • Automation methods: • Bash • Python (or scripting language of choice) • Metasploit RPC Automated Pentest Toolkit
  • 15. APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase Automated Pentest Toolkit
  • 16. APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output Automated Pentest Toolkit
  • 17. APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services Automated Pentest Toolkit
  • 18. APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services • Modules respond to events to perform specific tasks Automated Pentest Toolkit
  • 19. APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services • Modules respond to events to perform specific tasks • Modules can create new events Automated Pentest Toolkit
  • 20. APT2 – Automate the standard stuff • APT2 is a framework • Modules • Event queue • KnowledgeBase • Run Nmap and parse output • Create events based on ports/services • Modules respond to events to perform specific tasks • Modules can create new events • Runs until event queue is empty Automated Pentest Toolkit
  • 21. How Does This Help? • Multi-threaded event queue is fast. • Simple to create new modules for nearly any tool/script. • Ready to go: • Get Kali (or your favorite distro & tools) • Clone the repo Automated Pentest Toolkit
  • 22. So, What Can It Do? • Identify services & operating systems • Screenshot web applications, X11, VNC, … • Analyze FTP and file shares • Brute force accounts • Run Metasploit modules • Compile hashes -> John the Ripper/HashCat • “ls /usr/share” – If it is listed here, a module can probably be made for it Automated Pentest Toolkit
  • 23. Anatomy of a Module • Inherit from base module (typically ActionModule) • Has standard properties: • Name • Description • Requirements – Which tools need to be installed? • Trigger – Which event does this module listen for? • Safety Level – Scale of 1 – 5 (5 = safe, 1 = dangerous) • ”process()” is the primary method Automated Pentest Toolkit
  • 24. Are There Limitations? • Tools need to be non-interactive Automated Pentest Toolkit
  • 25. Are There Limitations? • Tools need to be non-interactive • Multi-threading is tricky • lot of traffic fast • modules can have limits defined, depend on the author Automated Pentest Toolkit
  • 26. Are There Limitations? • Tools need to be non-interactive • Multi-threading is tricky • lot of traffic fast • modules can have limits defined, depend on the author • Brute force with caution • you might break some things • safety levels are your friend Automated Pentest Toolkit
  • 27. Are There Limitations? • Tools need to be non-interactive • Multi-threading is tricky • lot of traffic fast • modules can have limits defined, depend on the author • Brute force with caution • you might break some things • safety levels are your friend • Nonstandard ports and service names may throw off modules Automated Pentest Toolkit
  • 28. Some numbers… • 30 servers with FTP Automated Pentest Toolkit
  • 29. Some numbers… • 30 servers with FTP • Manual testing: ~10 seconds per server Automated Pentest Toolkit
  • 30. Some numbers… • 30 servers with FTP • Manual testing: ~10 seconds per server • 5 minutes to check all of them Automated Pentest Toolkit
  • 31. Some numbers… • 30 servers with FTP • Manual testing: ~10 seconds per server • 5 minutes to check all of them • APT2 – ~1 second per server, done in 40* seconds • *Assuming ideal conditions Automated Pentest Toolkit
  • 32. Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” Automated Pentest Toolkit
  • 33. Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” • Pick a tool for the service, ~30 seconds • EyeWitness, Nikto, SSLScan, etc. • Multiply if the tool only accepts 1 IP • +1 minute because you have to read the help menu Automated Pentest Toolkit
  • 34. Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” • Pick a tool for the service, ~30 seconds • EyeWitness, Nikto, SSLScan, etc. • Multiply if the tool only accepts 1 IP • +1 minute because you have to read the help menu • Now repeat for each service! Automated Pentest Toolkit
  • 35. Let’s extrapolate! • Grab open ports from .gnmap, ~30 seconds • “grep 80/open scan.gnmap | cut –d ‘ ‘ –f 2 > iplist.txt” • Pick a tool for the service, ~30 seconds • EyeWitness, Nikto, SSLScan, etc. • Multiply if the tool only accepts 1 IP • +1 minute because you have to read the help menu • Now repeat for each service! • APT2 removes the baseline time Automated Pentest Toolkit
  • 37. Development • Open source – Available on the Rapid7 Github account at https://www.github.com/MooseDojo/apt2 • Future plans • Import from more than just NMAP • Responder -> John the Ripper -> secretsdump.py (**partially there now**) • Lots more modules • Python 3 ? • Pretty Reports • ? Automated Pentest Toolkit
  • 38. 411 & Questions • Adam Compton • @tatanus • adam_compton@rapid7.com • adam.compton@gmail.com • https://www.github.com/MooseDojo/apt2 • QUESTIONS??? Automated Pentest Toolkit