SlideShare a Scribd company logo
1 of 26
Download to read offline
Your Internet Exposure
The Makes you Vulnerable
Abhisek Datta
Head of Technology, Appsecco
InfoSec for Startups
About Me – Abhisek Datta
• Head of Technology (appsecco.com)
• A boutique security consulting company
• TechWing @ null0x00 (null.co.in)
• An Open Security Community
• Security Researcher
• Discovered vulnerabilities in MS Office, Internet
Explorer, HP SiteScope etc.
• Open Source Contributor
• Wireplay, RbWinDBG etc.
github.com/abhisek
Attackers Attack What They See
Let's start with how attackers work
An attacker wants to hack a target and for this, will
perform a bunch of activities
1. Online Attack Surfaces
2. Breached Credentials
3. Known Vulnerable Software
4. (Easy to?) exploit security vulnerabilities
Asset Discovery
From Attacker’s Perspective
Your-Company.com
What Attacker Sees
• Your-Company.com
• Who is the registrar
• Where is it hosted
• Self-hosted or managed
e-mail service
• External help desk
services
• 3rd party services
What Attackers See – Domain Enumeration
whois
whois your-company.com
whois <IP>
dig
dig your-company.com NS
dig @NS1 your-company.com MX
dig @NS1 your-company.com TXT
What Attackers See – Subdomain Enumeration
• Your-Company.com
• Host-1
• Host-2
• Host-3
• Etc.
amass enum –passive –d
your-company.com
amass intel –whois –d
your-company.com
What Attackers See – Email Enumeration
• Your-Company.com
• u1@your-company.com
• u2@your-company.com
• u3@your-company.com
• u4@your-company.com
• Etc.
Hunter.io
theHarvester
Many more …
What Attackers See – Breached Credentials
• haveibeenpwned.com
• hacked-email.com
• etc.
What Attackers See – Breached Credentials
What Attackers See – Application Discovery
• Your-Company.com
• http://app1.your-company.com
• http://app2.your-company.com
• Etc.
nmap –p 80,443,8080 -sV -A
–iL hosts.txt
What Attackers See – Technology Discovery
• Your-Company.com
• App1 – Java/JavaEE
• App2 – NodeJS, AngularJS
• App3 – PHP
• Etc.
Wappalyzer
npm i -g wappalyzer
wappalyzer
https://app1.your-
company.com
Domain
External
Services
Help Desk
Mailers
Email
Breached
Credentials
Hosts
Apps
Technologies
What Attackers See – Putting it all Together
Unpatched
Services
App
VulnerabilitiesCredential
Spraying
Ticket Trick
Credential
Spraying
Real-life Breaches
Leveraging Internet Exposure Discovery Techniques
Invoice Fraud
Publicly Accessible Cloud
Storage Buckets
Sub-domain Take Over
Static site hosted on S3 and then forgot about it :)
Framework / Software
Vulnerabilities
Cloud Account Take Over
Staying Safe
What can I do?
How to be secure?
By establishing
TRUST
Threat What can I do about it?
Attacker able to identify host names Ensure all hosts exposed online are patched
Attacker able to discover email address Enforce strong password policy along with use of
password managers
Attacker able to discovered breached credentials
from public password dump
Enforce 2FA where possible
Subscribe to breach notification and rotate
passwords
Attackers able to discover applications Follow AppSec best practices
OWASP Testers Guide
OWASP Secure Coding Practices
OWASP Proactive Security Controls
Attacker able to discover my application
technology and dependencies
Ensure regular patching of application framework
and external dependencies
Attacker able to discover untracked or long
forgotten online asset
Asset inventory
Infrastructure as Code
Auditing, Logging and Alerting
Staying Safe
Fill the form below by 4pm
today and we will share the
results with you by 21 August
2019
https://bit.ly/31Jl7ed
Interested in Discovering Your Internet Exposure?
Abhisek Datta
https://github.com/abhisek
https://twitter.com/abh1sek
Thank You
Want us to discover your
Internet exposure and give
a report?
https://bit.ly/31Jl7ed

More Related Content

What's hot

Hijacking Softwares for fun and profit
Hijacking Softwares for fun and profitHijacking Softwares for fun and profit
Hijacking Softwares for fun and profitNipun Jaswal
 
The Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverThe Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverIMMUNIO
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidNikola Milosevic
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goMichael Furman
 
OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017TecsyntSolutions
 
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)Michael Furman
 
Top 10 web application security risks akash mahajan
Top 10 web application security risks   akash mahajanTop 10 web application security risks   akash mahajan
Top 10 web application security risks akash mahajanAkash Mahajan
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage:Where is the cyber workforce of tomorrowCyberskills shortage:Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrowStephen Cobb
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding'Self-Employed'
 
When the internet bleeded : RootConf 2014
When the internet bleeded : RootConf 2014When the internet bleeded : RootConf 2014
When the internet bleeded : RootConf 2014Anant Shrivastava
 
Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideProtecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideBenedek Menesi
 
Web application security
Web application securityWeb application security
Web application securityAkash Mahajan
 
Designing Secure APIs
Designing Secure APIsDesigning Secure APIs
Designing Secure APIsSteven Chen
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Sucuri
 

What's hot (18)

Hijacking Softwares for fun and profit
Hijacking Softwares for fun and profitHijacking Softwares for fun and profit
Hijacking Softwares for fun and profit
 
The Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverThe Quiet Rise of Account Takeover
The Quiet Rise of Account Takeover
 
Mobile Hacking
Mobile HackingMobile Hacking
Mobile Hacking
 
OWASP Top 10 for Mobile
OWASP Top 10 for MobileOWASP Top 10 for Mobile
OWASP Top 10 for Mobile
 
Web security
Web security Web security
Web security
 
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP SeraphimdroidMobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
Mobile security, OWASP Mobile Top 10, OWASP Seraphimdroid
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to go
 
OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017OWASP Mobile Security: Top 10 Risks for 2017
OWASP Mobile Security: Top 10 Risks for 2017
 
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)
 
Top 10 web application security risks akash mahajan
Top 10 web application security risks   akash mahajanTop 10 web application security risks   akash mahajan
Top 10 web application security risks akash mahajan
 
Cyberskills shortage: Where is the cyber workforce of tomorrow
Cyberskills shortage:Where is the cyber workforce of tomorrowCyberskills shortage:Where is the cyber workforce of tomorrow
Cyberskills shortage: Where is the cyber workforce of tomorrow
 
Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016Tim Willoughby presentation to cloud workshop 2016
Tim Willoughby presentation to cloud workshop 2016
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding
 
When the internet bleeded : RootConf 2014
When the internet bleeded : RootConf 2014When the internet bleeded : RootConf 2014
When the internet bleeded : RootConf 2014
 
Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical GuideProtecting Microsoft Teams from Cyber Security Threats - a Practical Guide
Protecting Microsoft Teams from Cyber Security Threats - a Practical Guide
 
Web application security
Web application securityWeb application security
Web application security
 
Designing Secure APIs
Designing Secure APIsDesigning Secure APIs
Designing Secure APIs
 
Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?Kludges and PHP. Why Should You Use a WAF?
Kludges and PHP. Why Should You Use a WAF?
 

Similar to Your internet-exposure-that-makes-you-vulnerable

(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...
(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...
(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...Priyanka Aash
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdfRavi Aggarwal
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxAmardeepKumar621436
 
Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWChanchalHiwanj1
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxSuhailShaik16
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing Priyanka Aash
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not MarketingArrowECS_CZ
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017TriNimbus
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementMayur Nanotkar
 
2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion DetectionAPNIC
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified — Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified — Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteImperva Incapsula
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf filedebmajumder741249
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityImperva Incapsula
 
Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingMuhammad Khizer Javed
 
Security at Greenhouse
Security at GreenhouseSecurity at Greenhouse
Security at GreenhouseMichael O'Neil
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingRavi Sankar
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxkarthikvcyber
 

Similar to Your internet-exposure-that-makes-you-vulnerable (20)

(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...
(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...
(SACON) Nilanjan, Jitendra chauhan & Abhisek Datta - How does an attacker kno...
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdf
 
Security Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptxSecurity Threats and Vulnerabilities-2.pptx
Security Threats and Vulnerabilities-2.pptx
 
Cyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITWCyber Security Workshop GDSC-BITW
Cyber Security Workshop GDSC-BITW
 
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptxINTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
INTERNSHIPREVIEW-ISHAQ (1) [Recovered].pptx
 
Web Application Penetration Testing
Web Application Penetration Testing Web Application Penetration Testing
Web Application Penetration Testing
 
FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not FireEye - Breaches are inevitable, but the outcome is not
FireEye - Breaches are inevitable, but the outcome is not
 
Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017Web App Security Presentation by Ryan Holland - 05-31-2017
Web App Security Presentation by Ryan Holland - 05-31-2017
 
Advanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security ManagementAdvanced Persistent Threats (APTs) - Information Security Management
Advanced Persistent Threats (APTs) - Information Security Management
 
2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection2023 NCIT: Introduction to Intrusion Detection
2023 NCIT: Introduction to Intrusion Detection
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified — Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified — Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
 
Introduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf fileIntroduction to Ethical Hacking pdf file
Introduction to Ethical Hacking pdf file
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Basics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty HuntingBasics of getting Into Bug Bounty Hunting
Basics of getting Into Bug Bounty Hunting
 
hacking ,bluetooth
hacking ,bluetoothhacking ,bluetooth
hacking ,bluetooth
 
Security at Greenhouse
Security at GreenhouseSecurity at Greenhouse
Security at Greenhouse
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical HackingHacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical Hacking
 
VAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptxVAPT_FINAL SLIDES.pptx
VAPT_FINAL SLIDES.pptx
 

More from IIMBNSRCEL

Payments Regulations
Payments RegulationsPayments Regulations
Payments RegulationsIIMBNSRCEL
 
Fin tech regulation in india jsa 14 02 2020
Fin tech regulation in india   jsa 14 02 2020Fin tech regulation in india   jsa 14 02 2020
Fin tech regulation in india jsa 14 02 2020IIMBNSRCEL
 
Open Source For Startup
Open Source For StartupOpen Source For Startup
Open Source For StartupIIMBNSRCEL
 
The marketing stack
The marketing stackThe marketing stack
The marketing stackIIMBNSRCEL
 
Email marketing
Email marketingEmail marketing
Email marketingIIMBNSRCEL
 
Storytelling For Startups
Storytelling For StartupsStorytelling For Startups
Storytelling For StartupsIIMBNSRCEL
 
Building big data & analytics startup
Building big data & analytics startupBuilding big data & analytics startup
Building big data & analytics startupIIMBNSRCEL
 
Data driven @startups
Data driven @startups Data driven @startups
Data driven @startups IIMBNSRCEL
 
Analytics for Startups
Analytics for StartupsAnalytics for Startups
Analytics for StartupsIIMBNSRCEL
 
ESOPs for startups
ESOPs for startupsESOPs for startups
ESOPs for startupsIIMBNSRCEL
 
Valuations For Startups
Valuations For StartupsValuations For Startups
Valuations For StartupsIIMBNSRCEL
 
Valuations For Startups
Valuations For StartupsValuations For Startups
Valuations For StartupsIIMBNSRCEL
 
Laying the foundation of startup marketing
Laying the foundation of  startup marketingLaying the foundation of  startup marketing
Laying the foundation of startup marketingIIMBNSRCEL
 
Content marketing for startups iim vizag
Content marketing for startups iim vizagContent marketing for startups iim vizag
Content marketing for startups iim vizagIIMBNSRCEL
 
Pitch presentation kaushal
Pitch presentation   kaushalPitch presentation   kaushal
Pitch presentation kaushalIIMBNSRCEL
 
Key thoughts for a killer investor pitch deck
Key thoughts for a killer investor pitch deckKey thoughts for a killer investor pitch deck
Key thoughts for a killer investor pitch deckIIMBNSRCEL
 
Content marketing for startups (iim indore, hiver)
Content marketing for startups (iim indore, hiver)Content marketing for startups (iim indore, hiver)
Content marketing for startups (iim indore, hiver)IIMBNSRCEL
 
Marketing For Startups
Marketing For StartupsMarketing For Startups
Marketing For StartupsIIMBNSRCEL
 

More from IIMBNSRCEL (20)

Payments Regulations
Payments RegulationsPayments Regulations
Payments Regulations
 
Fin tech regulation in india jsa 14 02 2020
Fin tech regulation in india   jsa 14 02 2020Fin tech regulation in india   jsa 14 02 2020
Fin tech regulation in india jsa 14 02 2020
 
Open Source For Startup
Open Source For StartupOpen Source For Startup
Open Source For Startup
 
The marketing stack
The marketing stackThe marketing stack
The marketing stack
 
Email marketing
Email marketingEmail marketing
Email marketing
 
Buyer persona
Buyer personaBuyer persona
Buyer persona
 
Storytelling For Startups
Storytelling For StartupsStorytelling For Startups
Storytelling For Startups
 
Building big data & analytics startup
Building big data & analytics startupBuilding big data & analytics startup
Building big data & analytics startup
 
Data driven @startups
Data driven @startups Data driven @startups
Data driven @startups
 
Analytics for Startups
Analytics for StartupsAnalytics for Startups
Analytics for Startups
 
ESOPs for startups
ESOPs for startupsESOPs for startups
ESOPs for startups
 
Valuations For Startups
Valuations For StartupsValuations For Startups
Valuations For Startups
 
Valuations For Startups
Valuations For StartupsValuations For Startups
Valuations For Startups
 
Iim vizag v1
Iim vizag v1Iim vizag v1
Iim vizag v1
 
Laying the foundation of startup marketing
Laying the foundation of  startup marketingLaying the foundation of  startup marketing
Laying the foundation of startup marketing
 
Content marketing for startups iim vizag
Content marketing for startups iim vizagContent marketing for startups iim vizag
Content marketing for startups iim vizag
 
Pitch presentation kaushal
Pitch presentation   kaushalPitch presentation   kaushal
Pitch presentation kaushal
 
Key thoughts for a killer investor pitch deck
Key thoughts for a killer investor pitch deckKey thoughts for a killer investor pitch deck
Key thoughts for a killer investor pitch deck
 
Content marketing for startups (iim indore, hiver)
Content marketing for startups (iim indore, hiver)Content marketing for startups (iim indore, hiver)
Content marketing for startups (iim indore, hiver)
 
Marketing For Startups
Marketing For StartupsMarketing For Startups
Marketing For Startups
 

Recently uploaded

Institutions Supporting Small Business Enterprises.pptx
Institutions Supporting Small Business Enterprises.pptxInstitutions Supporting Small Business Enterprises.pptx
Institutions Supporting Small Business Enterprises.pptxshrinivas kulkarni
 
Establishing An Enterprise and Project Management.pptx
Establishing An Enterprise and Project Management.pptxEstablishing An Enterprise and Project Management.pptx
Establishing An Enterprise and Project Management.pptxshrinivas kulkarni
 
How To Get Rich With Bitcoin Even If You Have No Clue About Technology
How To Get Rich With Bitcoin Even If You Have No Clue About TechnologyHow To Get Rich With Bitcoin Even If You Have No Clue About Technology
How To Get Rich With Bitcoin Even If You Have No Clue About Technologyzaidashadali00
 
Analysis Of FaarmTech | BBA | Business Plan
Analysis Of FaarmTech | BBA | Business PlanAnalysis Of FaarmTech | BBA | Business Plan
Analysis Of FaarmTech | BBA | Business Planmohsinrai101
 
Path to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdf
Path to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdfPath to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdf
Path to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdfContent Strategy Inc.
 
HDPE Pipe Fittings Manufacturer and Supplier
HDPE Pipe Fittings Manufacturer and SupplierHDPE Pipe Fittings Manufacturer and Supplier
HDPE Pipe Fittings Manufacturer and SupplierBhavin Kanani
 

Recently uploaded (6)

Institutions Supporting Small Business Enterprises.pptx
Institutions Supporting Small Business Enterprises.pptxInstitutions Supporting Small Business Enterprises.pptx
Institutions Supporting Small Business Enterprises.pptx
 
Establishing An Enterprise and Project Management.pptx
Establishing An Enterprise and Project Management.pptxEstablishing An Enterprise and Project Management.pptx
Establishing An Enterprise and Project Management.pptx
 
How To Get Rich With Bitcoin Even If You Have No Clue About Technology
How To Get Rich With Bitcoin Even If You Have No Clue About TechnologyHow To Get Rich With Bitcoin Even If You Have No Clue About Technology
How To Get Rich With Bitcoin Even If You Have No Clue About Technology
 
Analysis Of FaarmTech | BBA | Business Plan
Analysis Of FaarmTech | BBA | Business PlanAnalysis Of FaarmTech | BBA | Business Plan
Analysis Of FaarmTech | BBA | Business Plan
 
Path to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdf
Path to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdfPath to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdf
Path to Traditional Pub - BookFest 2024 presentation - 03-23-2024.pdf
 
HDPE Pipe Fittings Manufacturer and Supplier
HDPE Pipe Fittings Manufacturer and SupplierHDPE Pipe Fittings Manufacturer and Supplier
HDPE Pipe Fittings Manufacturer and Supplier
 

Your internet-exposure-that-makes-you-vulnerable

  • 1. Your Internet Exposure The Makes you Vulnerable Abhisek Datta Head of Technology, Appsecco
  • 3. About Me – Abhisek Datta • Head of Technology (appsecco.com) • A boutique security consulting company • TechWing @ null0x00 (null.co.in) • An Open Security Community • Security Researcher • Discovered vulnerabilities in MS Office, Internet Explorer, HP SiteScope etc. • Open Source Contributor • Wireplay, RbWinDBG etc. github.com/abhisek
  • 5. Let's start with how attackers work An attacker wants to hack a target and for this, will perform a bunch of activities 1. Online Attack Surfaces 2. Breached Credentials 3. Known Vulnerable Software 4. (Easy to?) exploit security vulnerabilities
  • 8. • Your-Company.com • Who is the registrar • Where is it hosted • Self-hosted or managed e-mail service • External help desk services • 3rd party services What Attackers See – Domain Enumeration whois whois your-company.com whois <IP> dig dig your-company.com NS dig @NS1 your-company.com MX dig @NS1 your-company.com TXT
  • 9. What Attackers See – Subdomain Enumeration • Your-Company.com • Host-1 • Host-2 • Host-3 • Etc. amass enum –passive –d your-company.com amass intel –whois –d your-company.com
  • 10. What Attackers See – Email Enumeration • Your-Company.com • u1@your-company.com • u2@your-company.com • u3@your-company.com • u4@your-company.com • Etc. Hunter.io theHarvester Many more …
  • 11. What Attackers See – Breached Credentials
  • 12. • haveibeenpwned.com • hacked-email.com • etc. What Attackers See – Breached Credentials
  • 13. What Attackers See – Application Discovery • Your-Company.com • http://app1.your-company.com • http://app2.your-company.com • Etc. nmap –p 80,443,8080 -sV -A –iL hosts.txt
  • 14. What Attackers See – Technology Discovery • Your-Company.com • App1 – Java/JavaEE • App2 – NodeJS, AngularJS • App3 – PHP • Etc. Wappalyzer npm i -g wappalyzer wappalyzer https://app1.your- company.com
  • 15. Domain External Services Help Desk Mailers Email Breached Credentials Hosts Apps Technologies What Attackers See – Putting it all Together Unpatched Services App VulnerabilitiesCredential Spraying Ticket Trick Credential Spraying
  • 16. Real-life Breaches Leveraging Internet Exposure Discovery Techniques
  • 19. Sub-domain Take Over Static site hosted on S3 and then forgot about it :)
  • 23. How to be secure? By establishing TRUST
  • 24. Threat What can I do about it? Attacker able to identify host names Ensure all hosts exposed online are patched Attacker able to discover email address Enforce strong password policy along with use of password managers Attacker able to discovered breached credentials from public password dump Enforce 2FA where possible Subscribe to breach notification and rotate passwords Attackers able to discover applications Follow AppSec best practices OWASP Testers Guide OWASP Secure Coding Practices OWASP Proactive Security Controls Attacker able to discover my application technology and dependencies Ensure regular patching of application framework and external dependencies Attacker able to discover untracked or long forgotten online asset Asset inventory Infrastructure as Code Auditing, Logging and Alerting Staying Safe
  • 25. Fill the form below by 4pm today and we will share the results with you by 21 August 2019 https://bit.ly/31Jl7ed Interested in Discovering Your Internet Exposure?
  • 26. Abhisek Datta https://github.com/abhisek https://twitter.com/abh1sek Thank You Want us to discover your Internet exposure and give a report? https://bit.ly/31Jl7ed