Successfully reported this slideshow.
Your SlideShare is downloading. ×

PROGRAMMING AND CYBER SECURITY

Ad

1 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 1 0 0 0 0 1 1 1 1 0
0 1 0 1 1 1 0 1 0 1 1 0 1 1 1 0 1 0
1 1 0 0 1 0 1
1 0 0 1 0 1
1 0 1 1 ...

Ad

DISCLAIMER
This presentation and the Services methodology, frameworks and templates used in
this document will remain the ...

Ad

CONCLUSION
CASE STUDY
WHAT LANGUAGES
WHY PROGRAMMING
CONTEXT
{elysiumsecurity}
cyber protection & response CONTENTS
3
PUBL...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Loading in …3
×

Check these out next

1 of 23 Ad
1 of 23 Ad

PROGRAMMING AND CYBER SECURITY

Download to read offline

An overview of why knowing programming can make you a better cyber security professional, a look at the most popular languages and some pitfalls to avoid

An overview of why knowing programming can make you a better cyber security professional, a look at the most popular languages and some pitfalls to avoid

Advertisement
Advertisement

More Related Content

Advertisement

PROGRAMMING AND CYBER SECURITY

  1. 1. 1 1 1 0 0 1 0 1 0 0 0 0 1 1 0 1 1 0 0 0 0 1 1 1 1 0 0 1 0 1 1 1 0 1 0 1 1 0 1 1 1 0 1 0 1 1 0 0 1 0 1 1 0 0 1 0 1 1 0 1 1 1 1 0 1 0 1 0 1 0 0 1 0 1 0 1 1 0 1 0 1 0 1 1 1 1 1 1 0 0 1 0 0 1 0 1 0 0 1 1 1 0 0 0 1 0 1 0 1 0 0 1 1 1 1 1 1 1 0 1 1 0 1 0 1 1 1 1 1 1 1 0 1 0 0 0 1 1 0 0 1 1 1 0 0 1 1 0 0 1 0 1 1 0 1 1 1 0 0 0 1 0 1 0 1 1 0 1 0 1 1 1 1 0 1 0 1 1 1 0 0 1 0 1 0 0 1 1 1 0 1 0 PROGRAMMING AND CYBERSECURITY PYTHON MAURITIUS USER GROUP VERSION: 1.0.1 DATE: 30/09/2021 AUTHOR: SYLVAIN MARTINEZ REFERENCE: ES-CP-PACS REPORT ENGINE: 2.1.0 CLASSIFICATION: PUBLIC {elysiumsecurity} cyber protection & response
  2. 2. DISCLAIMER This presentation and the Services methodology, frameworks and templates used in this document will remain the property of ES and must not be used or re-used without explicit consent from ES unless it is already available, or becomes available, in the public domain. {elysiumsecurity} cyber protection & response 2 PUBLIC
  3. 3. CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT {elysiumsecurity} cyber protection & response CONTENTS 3 PUBLIC GOAL WHO AM I? COMPANY BACKGROUND CYBER SECURITY RISK CONCEPT CYBER SECURITY JOB’S RELEVANCE AUTOMATION TOOLING REVERSE ENGINEERING EXPLOITS MANY LANGUAGES TO CHOOSE FROM MOST USEFUL LANGUAGES POPULAR SECURITY PROJECTS SECURED ANDROID APP O365 LOGS IP SOURCE BEWARE TAKE AWAY
  4. 4. Icons: from The Noun Project unless stated otherwise GOAL 4 TO AVOID SOME COMMON MISTAKES 3 TO KNOW WHERE TO START 2 TO KNOW HOW PROGRAMMING CAN BE USED 1 TO UNDERSTAND THE IMPORTANCE OF PROGRAMMING IN CYBER SECURITY {elysiumsecurity} cyber protection & response PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT
  5. 5. WHO AM I? 5 {elysiumsecurity} cyber protection & response PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT https://www.elysiumsecurity.com
  6. 6. COMPANY BACKGROUND 6 {elysiumsecurity} cyber protection & response PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT FOUNDED IN 2015 BY SYLVAIN MARTINEZ INCORPORATED IN MAURITUS/UK AND OPERATING WORLDWIDE PROVIDING INDEPENDENT EXPERTISE IN CYBER SECURITY COMPREHENSIVE CYBER SECURITY SERVICE PORTFOLIO: FROM CISO ADVISORY TO PENETRATION TESTING AND INCIDENT RESPONSE EXPOSURE TO A VARIETY OF BUSINESS SECTORS: FINANCE, TELECOMS, HEALTHCARE, HOTELS, MANUFACTORING, NAVAL, RETAIL, ETC. BOUTIQUE STYLE APPROACH WITH A DISCREET, TAILORED AND SPECIALIZED CYBER SECURITY SERVICE THAT FITS YOUR WORKING ENVIRONMENT
  7. 7. CYBER SECURITY RISK CONTEXT {elysiumsecurity} cyber protection & response 7 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT PAST FUTURE 100% 0% TIME GROWTH PAST FUTURE 100% 0% TIME GROWTH PAST FUTURE 100% 0% TIME GROWTH CYBER SECURITY RISKS’ PROBABILITY AND IMPACT ARE INCREASING. THEIR ABILITY TO DISRUPT COMPANIES BUSINESS OPERATION HAVE GROWING FINANCIAL, REPUTATIONAL AND LEGAL NEGATIVE CONSEQUENCES + =
  8. 8. CYBER SECURITY JOB’S RELEVANCE {elysiumsecurity} cyber protection & response 8 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT PROGRAMMING KNOWLEDGE BENEFITS MOST MANAGEMENT ROLE MOST ADVISORY ROLE ALL TECHNICAL ROLE How much could knowledge of programming help you be better at your job? ALL MANAGEMENT ROLE ALL ADVISORY ROLE ALL TECHNICAL ROLE PERCEPTION REALITY
  9. 9. AUTOMATION {elysiumsecurity} cyber protection & response 9 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT REPETITIVE TASKS EFFICIENCY SAVE TIME REGEX SEARCH FILTERING PROCESS LARGE VOLUME OF DATA EXTRACT PATTERNS FIND NEEDLE
  10. 10. TOOLING {elysiumsecurity} cyber protection & response 10 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT TOOLS CREATION EFFICIENCY CAPABILITY TOOLS CUSTOMISATION ADAPT AND REUSE
  11. 11. REVERSE ENGINEERING {elysiumsecurity} cyber protection & response 11 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT MALWARE KNOWLEDGE UNDERSTANDING APP ASSESSMENT SUSPICIOUS APP CONTROLS BYPASS
  12. 12. EXPLOITS {elysiumsecurity} cyber protection & response 12 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT VULNERABILITY ASSESSMENT ACCURACY PENETRATION TESTING INCREASED ATTACK SURFACE
  13. 13. MANY LANGUAGES TO CHOOSE FROM {elysiumsecurity} cyber protection & response 13 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT images from exploring-data.com and graphext.com LANGUAGES RELATIONSHIPS MOST USED LANGUAGES
  14. 14. MOST USEFUL LANGUAGES {elysiumsecurity} cyber protection & response 14 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT ANY LANGUAGE IS GOOD! MOST COMMONLY USED LANGUAGES IN CYBER SECURITY PYTHON C/C++ PHP JAVA PERL SHELL SCRIPTS ONCE YOU UNDERSTAND THE CORE PROGRAMMING CONCEPTS YOU CAN UNDERSTAND AND CHANGE ALMOST ANY CODE HTML ASM? RUBY
  15. 15. POPULAR CYBER SECURITY PROJECTS EXAMPLES {elysiumsecurity} cyber protection & response 15 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT POPULAR SECURITY TOOL PURPOSE LANGUAGE BANDIT Python code analyser PYTHON BURP SUITE Web traffic manipulation JAVA HAWKEYE VA Scanner PYTHON MALTEGO Data Visualisation JAVA METASPLOIT VAPT Framework RUBY NIKTO Web scanner PERL NMAP Network scanner C/PYTHON/LUA OPENVAS VA Scanner C RECON-NG OSINT Search PYTHON SATAN (very) old linux scanner PERL SCAPY Network manipulation PYTHON SQLMAP DB Scanner PYTHON WIRESHARK Network analyser C
  16. 16. SECURED ANDROID APP NEEDS TO BE TESTED {elysiumsecurity} cyber protection & response 16 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT CHALLENGE • Need to audit an Android APK app • App does not allow “Routing” and has “Cert pinning” PROGRAMMING SOLUTION • Decompile the code to Java (i.e.: d2j-dex2jar) • Analyse the Java code for security hooks (i.e.: jd-gui) • Decompile the code to SMALI (i.e.: apktool) • Edit the SMALI code to remove the protection (assembly) • Recompile and sign the code • Execute the non-secured code and manually check for issues NON-PROGRAMMING SOLUTION • Use the great MobSF framework to get some automated analysis • Give up / ask for a non-secure version
  17. 17. SECURED ANDROID APP NEEDS TO BE TESTED {elysiumsecurity} cyber protection & response 17 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT JAVA SHELL SCRIPTS ASSEMBLY/SMALI + SHELL SCRIPTS
  18. 18. O365 LOGS IP SOURCE IDENTIFICATION {elysiumsecurity} cyber protection & response 18 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT CHALLENGE • O365 Audit logs list of IP • Identify suspicious IP PROGRAMMING SOLUTION • Export logs as csv • Format csv to extract list of IP • Use IP country mapping API • add countries against each IP • Easily filter with countries of interest NON-PROGRAMMING SOLUTION • Manual IP extraction and resolution • or Pay for extra security add-ons: Risky-sign on, conditional logins, etc
  19. 19. O365 LOGS IP SOURCE IDENTIFICATION {elysiumsecurity} cyber protection & response 19 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT (POWER) SHELL SCRIPT
  20. 20. BEWARE {elysiumsecurity} cyber protection & response 20 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT Wasting time on non essential activities Reinventing a “broken” and less “efficient” wheel i.e.: crypto answer: ”Hello” Customization may lead to medium/long terms support issues
  21. 21. TAKE AWAY {elysiumsecurity} cyber protection & response 21 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT
  22. 22. GOING FURTHER {elysiumsecurity} cyber protection & response 22 PUBLIC CONCLUSION CASE STUDY WHAT LANGUAGES WHY PROGRAMMING CONTEXT • https://flatironschool.com/blog/best-programming-languages-cyber- security • https://www.sans.org/cyber-security-courses/automating- information-security-with-python/ • A lot of free resources online, google “free python hacking course”
  23. 23. © 2015-2021 ELYSIUMSECURITY LTD ALL RIGHTS RESERVED HTTPS://WWW.ELYSIUMSECURITY.COM CONSULTING@ELYSIUMSECURITY.COM ABOUT ELYSIUMSECURITY LTD. {elysiumsecurity} cyber protection & response ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS. ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE, A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT. ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE SECURITY AWARENESS THROUGH AN ORGANIZATION. ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES.

×