Mike Landeck - CyberSecology

advertisement
AppSec USA 2014
Denver, Colorado
Orchestrating Security Testing
With Golismero
Mike Landeck
Speaker Bio
Mike Landeck
Mike Landeck led the security implementation and then
operationalized the Country’s largest Medicaid Management
Information System as the Director of Information Security
for Xerox’ State Healthcare and then managed the security
program implantation of Colorado’s Health Insurance
Exchange as a consulting manager for CGI.
Mike currently consults at one of the World’s largest technology companies on
improving security in the software development lifecycle as a Product Security
Strategy Consultant.
Mike is a frequent conference speaker and workshop presenter appearing at
conferences throughout the United States focusing on topics of software
security testing and security program management
2
Disclaimer
I do not speak on behalf of
my employer. The
information and
perspectives I present are
personal and do not
represent those of my
employer.
3
Golismero
Golismero Project Team
www.golismero.com
Mario Vilas
Raúl Requero
Daniel García
Core developer
Frontend developer
Backend developer
4
Agenda
Agenda
1. Very Brief Business Context
2. Golismero for Senior Users
3. Golismero for complete and total rookies
5
Business Context
Top three reason I hear organizations cite for not
using more automated assessment tools:
• Don’t know how to use
• Don’t know which tools to use
• Too much time to vet results
6
Business Context
Typical Automated Security Assessments
Web
Vulnerability
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Host
Vulnerability
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Network
Vulnerability
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Application
Vulnerability
7
Business Context
1. Nikto
2. Nmap
3. Openvas
4. Spiderfoot
5. Sslscan
6. Sqlmap
7. Xsser
8. Dns_Malware
9. Geoip
10.Punkspider
11.Shodan
12.Plecost
Single Request
13. Default Error Page
14. Directory Listing
15. Exploit-DB
16. Fingerprint Web
17. Brute Directories
18. Brute Dns
19. Brute Extensions
20. Brute Permutations
21. Brute Predictables
22. Brute Prefixes
23. Brute Suffixes
Single Analysis
Single Config
Single
Execution
Single Vetting
Single Report
8
Golismero Demo
Simple Demo- Default Settings
Golismero scan <host>
Action
Test
Target
9
Golismero Config File
File Location: /usr/share/golismero/golismero.conf
[openvas]
host = localhost
#
[testing/scan/openvas]
user = admin
password = <your password>
#
[shodan:Configuration]
apikey = <your shodan key>
10
Golismero Demo
Golismero Advanced
golismero scan <host>
-db <name for scan>
-o <user defined name of output file>
--cookie <name=value>
--user-agent <user defined value>
-pu <user name>
-pp <password>
11
Golismero Reporting
Report Formats:
• Determined by the extension
– I.e.: .html, .txt and .rst
Reporting on Previous Scans:
golismero report <fileName.ext> -db <scanName.db>
12
Golismero for Complete Rookies
Step 1: Download VMWare Player
Step 2: Download pre-configured kali
image
Step 3: Open Image
Step 4: Click the button to start wizard
Links and help for all this at:
http://SoftwareSecurityAssurance.com/AppSecUSA2014
13
Setting up a Test System
Demo: Go from zero
experience to running
golismero!
14
Installing Kali
There is not enough time in a one hour
workshop to walk through the installation
process, however there are literally hundreds of
Kali installation demo’s on YouTube.
– This one is comprehensive (and narrated!)
https://www.youtube.com/watch?v=k5mNnkG0F
Vk
15
Questions
16
Useful Links
Topic
Link
Golismero Web Site
www.golismero.com
Slides and
supporting material
http://SoftwareSecurityAssurance.com/AppSecUSA2014
OpenVAS Help
http://goo.gl/im2FLe
Basic Linux
commands for Kali
users
http://kali4hackers.blogspot.com/2013/06/some-basiccommands-for-kali-linux.html
Kali Installation
(video)
https://www.youtube.com/watch?v=k5mNnkG0FVk
Download Kali
http://www.kali.org/downloads/
Download VM Player https://my.vmware.com/web/vmware/free#desktop_end_user
_computing/vmware_player/6_0
Shodan Registration
http://www.shodanhq.com/account/register
17
End –h now
18
Download