Call of Community - ShowMeCon 2014

About Ben
The Call of Community: Modern Warfare
Ben0xA – ShowMeCon 2014
Introductions
● 13+ years experience in Health Care
Information Systems
● Vice President & Security Officer
● Developer (Builder)
● Security Consultant, Trainer

About Ben
Introductions
● It's hard being an executive when
you look like you are a teenager.
● For serious!
● Thanks to @jaysonstreet

Disclaimer
Our thanks to all of
the websites we
ripped off to use
images for this deck.
Full attribution on last
slide!

Why Us?
● We are geeks
● We are gamers
● We love this community
● We both wanted to be like
our gaming heroes!

Why Us?

The Call of Community
What is this call?

Our hopes & dreams

Strategic Defense Execution Standard

What is PoshSec?
• PoshSec is a framework to enable information security pros, system
administrators, analysts and others to effectively help manage a systems or
a networks security.
• PoshSec consists of
• PoshSec PowerShell Module
• PoshSec Framework
PoshSec

How PoshSec Got Started
•Started by Matt Johnson and Will Steele
•Originally saw a lack of Security Related PowerShell modules
•Planned out the project as Will was battling cancer.
PoshSec

Assembling the team
•Need a team of ninja’s to help make PoshSec grow
•Partnered with Wolfgang Goerlich, Nick Jacob and Rich Cassara and
Michael Ortega
•All seasoned infosec pros and brilliant minds.
PoshSec

PoshSec

PoshSec Goals
• The initial PoshSec release focused on the Top 20 controls.
• While maintaining our expertise in the area Top20 controls, we are
branching out to cover:
• Server Hardening
• Forensics
• Many more areas
PoshSec

Account Management
• Created to satisfy Top Twenty Control #16 for the Account Monitoring and
Control section.
• Allows people to verify:
• User accounts
• Accounts that don’t expire
• Admin accounts
• Accounts that expire
• Accounts pass expiration date
PoshSec

Log Management
• Allows for querying of a few log types
• DNS
• IIS
• Allows you to set all of your Security Event logs to PoshSec recommended
settings.
PoshSec

Network Baselining
•Several Baselining Scripts
•Open Ports
•Wireless Networks
•Configure Windows Firewall
PoshSec

PoshSec 1.0
•PoshSec is officially releasing 1.0 of the PowerShell module
today.
•Cleaner code base, a few new additions
•First of many regular releases.
•Currently twice a year
•Download:http://github.com/poshsec/
PoshSec

PoshSec Framework
My original plan....
● Create an open source SIEM
● Bake everything inside
● Release it to the community
● Profit... wait... it's free
● Continue my day job!

PoshSec Framework

PoshSec Framework
It's not the sum of it's code!
Select your player...

PoshSec Framework
Green Ninja
● System Administration
● Basic Networking Functions
● Scan / Audit Domains
● Use Information in Scripts
● Patch Management

PoshSec Framework
Blue Ninja
● Defensive Team
● Live Port Monitoring
● Application Integrity
● Live File Monitoring
● Log Analysis

PoshSec Framework
CVE-2014-1776

PoshSec Framework
OneGet – PowerShell 5.0
Chocolately
http://chocolatey.org

PoshSec Framework
Red Ninja
● Offensive Team
● Powersploit Modules
● Enumeration Tool
● Leverage PSRemoting

PoshSec Framework
@obscuresec
Own a box, now you need to
download a 3rd
party tool like
python/rube.
PowerShell is already there!!!

PoshSec Framework
Black Ninja
● Penetration Testing
● Vulnerability Analysis
● Posh-Sec Modules
● Export Systems to Assets

PoshSec Framework
White Ninja
● Forensics
● Incident Response
● The limit is only based on us

PoshSec Framework
Features:
● Exposed Interface Elements
● Github Integration
● Custom Error Reporting
● Create Tabs for Individual Objects
● Seamless Integration with Scripts

PoshSec Framework
Unlock-TheKrakken
Live Demo!

PoshSec Framework 1.0
http://github.com/poshsec/poshsecframework
PoshSec Framework

PoshSec Developers
● @mwjcomputing
● @jwgoerlich
● @securitymoey
● @mortprime
● @rjcassara
● @sukotto_san
● @PoshSec
PoshSec Framework

PoshSec Framework

I Am The Cavalry
The Cavalry is a global
grassroots organization that
is focused on issues where
computer security intersects
public safety and human life.

I Am The Cavalry
Our areas of focus are
medical devices, automobiles,
home electronics and public
infrastructure.

I Am The Cavalry
● Content Management
● Project Management
● Administrative Assistance
● Technical Systems Assistance
● Sponsorship
Needs

I Am The Cavalry
http://www.iamthecavalry.org/
@iamthecavalry
I haz stickerz!

I Am The Cavalry

Simple method for planning
cyber defenses based on
straightforward step-by-step
instructions.

Help you identify where attacks
are likely to come from, where
they are likely to go to, how
they are likely to get there, and
what the impact on your
organization will be.

The final goal is to implement a
defense that will allow you to
maintain an acceptable
information security posture.

● Organization Risk Tolerance
● IT Basics
● Critical Asset Planning
● Threat Scoping
● Strategic Network Mapping
● Attack Vector Identification
Focus

● Attack Path Identification
● Defense Planning
● Defense Testing
● Attack Detection and Response
Focus (continued)

Current Contributors
James Arlen (@Myrcurial)
Iftach Ian Amit (@Iamit)
Zate (@Zate)
Gabe Bassett (@gdbassett)
Ben Ten (@Ben0xA)

http://wiki.doinginfosecright.com/index.php?title=SDES
help@doinginfosecright.com

Where do you fit in?

I'm answering the call....
what do you need?
● Contribute Ideas
● Contribute Powershell Modules
● Share your scripts with the
community
● Use the tools... give us feedback!

I'm answering the call....
what do you need?
● Join a Project
● Support a project
(skills/financially)
● Discourage Negativity

This idea is only as strong as
this community. It's time to
stand together as a team!

The more we work as a team
the stronger this community
will become.

Conclusion

Conclusion
Contact Information
● @Ben0xA
● Ben0xA on Freenode (IRC)
● bsideschicago@ben0xa.com
● http://ben0xa.com
● http://github.com/Ben0xA
● http://github.com/PoshSec

Conclusion
Contact Information
● @mwjcomputing

Conclusion
Questions?

Conclusion
Thank you!
I have stickers if you want one.

Attribution
http://www.virginmedia.com/images/Tennis_for_Two-tennis-431.jpg
http://insertcredit.com/wp-content/uploads/2012/11/pong.jpeg
http://upload.wikimedia.org/wikipedia/en/0/01/Screenshot_of_Zork_running_on_Frotz_through_iTerm_2_on_Mac_OSX.
png
http://www.abandonia.com/files/games/410/Chip%27s%20Challenge_3.png
http://cdn.akamai.steamstatic.com/steam/apps/240160/ss_f2cf77e7d577b6b2b55f9c4e9c3711abcbdb3846.1920x1080.
jpg?t=1387578150
http://static.giantbomb.com/uploads/original/0/4245/290740-map09_oh_noes_two_elementals.png
http://1.bp.blogspot.com/--qksWYEfKrE/TrvyGxkyUuI/AAAAAAAAA7E/VfKZGhl5w8s/s1600/Breakout+
%25281978%2529+%2528Atari%2529+%2528PAL%2529_74.png
http://freevitathemes.com/wp-content/uploads/2012/03/super-mario.png
http://satoshimatrix.files.wordpress.com/2011/08/snake-rattle-n-roll-u-0000.png
http://assets1.ignimgs.com/2001/10/19/zelda_nes_boomerang-334450.jpg
http://www.socwall.com/images/wallpapers/13209-1680x1050.jpg
http://i1.ytimg.com/vi/hSzDAB0Ua4g/hqdefault.jpg
http://images4.alphacoders.com/191/191376.jpg
http://thoughtsonfilms.files.wordpress.com/2008/08/img_6.jpg
http://wiimedia.ign.com/wii/image/article/779/779902/star-fox-64-virtual-console-20070411045113846_640w.jpg
http://us.blizzard.com/static/_images/games/wrath/wallpapers/wall1/wall1-1600x1200.jpg
http://www.familyfriendlygaming.com/Images/2012/Pics/FINAL_FANTASY_DIMENSIONS/8679battle.png
http://images4.alphacoders.com/191/191376.jpg
http://86bb71d19d3bcb79effc-d9e6924a0395cb1b5b9f03b7640d26eb.r91.cf1.rackcdn.com/wp-
content/uploads/2011/11/the-legend-of-zelda-skyward-sword-walkthrough-artwork.jpg

Call of Community - ShowMeCon 2014

Recomendados

Recomendados

Mais conteúdo relacionado

Semelhante a Call of Community - ShowMeCon 2014

Semelhante a Call of Community - ShowMeCon 2014 (20)

Último

Último (20)

Call of Community - ShowMeCon 2014