SlideShare a Scribd company logo

2015 mindthesec mauro risonho de paula assumpcao rev01 firebits

Download as ODP, PDF
Mauro Risonho de Paula Assumpcao
Mauro Risonho de Paula Assumpcao

OWASP OWTF THE OFFENSIVE (WEB) TESTING FRAMEWORK + PTES PENETRATION TESTING EXECUTION STANDARD = KALI POWER AUTO WEB PENTESTS Mauro Risonho de Paula Assumpção

1 of 26
OWASP OWTF THE OFFENSIVE (WEB) TESTING FRAMEWORK + PTES PENETRATION TESTING EXECUTION STANDARD = KALI POWER AUTO WEB PENTESTS Mauro Risonho de Paula Assumpção
PENSAMENTO Nosso Presente; é o Passado de alguma Civilização no Futuro. Mauro Risonho de Paula Assumpção
AGENDA ● OWTF Intro – Instalando OWTF com o Kali (apenas tools web) ● Executando OWTF – Parte 1: OWTF Passive + Semi-passive Web analysis – Parte 2: OWTF Active Web analysis – Parte 3: OWTF aux plugins – SE, IDs testing ● Conclusão ● Q&A
WHO I AM? ● Mauro Risonho de Paula Assumpção aka firebits ● Nerd/Autodidata/Entusiasta/Pentester/Analista em Vulnerabilidades/ Security Researcher/Instrutor/Palestrante e Eterno Aprendiz de Conhecimentos ● Analista em Segurança (R&D) pela Agility Networks, focado no sistema SIS (RE de Malwares, Deep Web e Pentest)
OWASP OWTF
6 OWASP OWTF OWASP OWTF https://www.owasp.org/index.php/OWASP_OWTF Email de contato (2014) de Abraham Aranguren, Leader OWASP OWTF Project
7 OWTF - Offensive (Web) Testing Framework OWTF Test Separation Start Without permission Automation Unite Tools, Knowledge, Standards, (OWASP and PTES) Test Separation Start Without permission
8 OWTF Chess-like approach OWTF Run Tools theHarvester ● Nikto ● Arachini ● W3af, etc Run Tests directly ● Header Searches ● HTML Body searches ● Craftled requests, etc Knowledge Repository ● PoCs Links ● Resource Links ● OWASP mapping Help Human analysis Flag importance ● Tool Output manager ● Screenshot manager ● Notes Manager ● Report Assistant Pentester OWTF
9 OWTF - Install Kali 1.1.0 ou Kali 2 - tests (conforme o caso) http://cdimage.kali.org/kali-1.1.0/kali-linux-1.1.0-amd64.iso http://docs.kali.org/network-install/kali-linux-network-mini-iso-install https://www.owasp.org/index.php/OWASP_OWTF kali-linux-web = Kali Linux web app assessment tools (group install) apt-get install kali-linux-web -y github git clone git://github.com/owtf/owtf.git OWTF 1.0.1 Lionheart wget https://github.com/owtf/owtf/archive/v1.0.1.tar.gz tar -xvvf https://github.com/owtf/owtf/archive/v1.0.1.tar.gz
10 OWTF - Install #git clone https://github.com/owtf/owtf.git #cd /root/owtf/install #python install.py #YES, YES, YES...FOREVER!:) ou pip install --upgrade -r install/owtf.pip
PTES
12 PTES Penetration Testing Execution Standard PTES – MindMap (FreeMind) http://www.pentest-standard.org/index.php/FAQ http://iamit.org/docs/Penetration_Testing_Execution_Standard.mm 1) Pre-engagement Interactions 2) Intelligence Gathering 3) Threat Modeling 4) Vulnerability Analysis 5) Exploitation 6) Post Exploitation 7) Reporting
KALI
14 KALI OW TF + KALI2 = FAIL!!!
15 KALI Escolher opcao 1
16 Escolher “Y” YES KALI
17 Acabou de instalar com sucesso! :) KALI
18 python owtf.py -h|more OWASP OWTF + PTES = KALI OWTF Comandos em CLI
19 python owtf.py -l web Listar plugins OWTF - Web Attacks OWASP OWTF + PTES = KALI
20 Simulation mode “-s ”: 1) SIMULATES what OWTF will do (so it does not do it!): 2) Is useful to check the effect of a command before running it #python owtf.py -s https://accounts.google.com | more Simulation mode OWASP OWTF + PTES = KALI
21 python owtf.py www.google.com OWASP OWTF + PTES = KALI
22 file:///root/owtf/owtf_review/index.html OWASP OWTF + PTES = KALI
23 DEMOS Parte 1: OWTF Passive + Semi-passive Web analysis Parte 2: OWTF Active Web analysis Parte 3: OWTF aux plugins – SE, IDs testing
24 DÚVIDAS?
25 CONCLUSÃO OWASP OWTF não é “silver-bullet”, ou seja “bala-de-prata” e não substitui o processo manual, inteligente e humano de pentesters, mas ajuda a automatizar um pouco as coisas.
OBRIGADO! Mauro Risonho de Paula Assumpção Email mauro.risonho@gmail.com Twitter @firebitsbr Site https://firebitsbr.wordpress.com

Recommended

OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014
Anant Shrivastava
 
Owasp owtf the offensive (web) testing framework + ptes penetration testing e...
Owasp owtf the offensive (web) testing framework + ptes penetration testing e...Owasp owtf the offensive (web) testing framework + ptes penetration testing e...
Owasp owtf the offensive (web) testing framework + ptes penetration testing e...
Mauro Risonho de Paula Assumpcao
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF
n|u - The Open Security Community
 
Nullcon Hack IM 2011 walk through
Nullcon Hack IM 2011 walk throughNullcon Hack IM 2011 walk through
Nullcon Hack IM 2011 walk through
Anant Shrivastava
 
Django Dev Environment Howto
Django Dev Environment HowtoDjango Dev Environment Howto
Django Dev Environment Howto
Tzu-ping Chung
 
Raptor web application firewall
Raptor web application firewallRaptor web application firewall
Raptor web application firewall
Antonio Costa aka Cooler_
 
Android Tamer BH USA 2016 : Arsenal Presentation
Android Tamer BH USA 2016 : Arsenal PresentationAndroid Tamer BH USA 2016 : Arsenal Presentation
Android Tamer BH USA 2016 : Arsenal Presentation
Anant Shrivastava
 
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeFrida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
NSConclave
 

Recommended

OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014OWASP Bangalore : OWTF demo : 13 Dec 2014
OWASP Bangalore : OWTF demo : 13 Dec 2014
Anant Shrivastava
 
Owasp owtf the offensive (web) testing framework + ptes penetration testing e...
Owasp owtf the offensive (web) testing framework + ptes penetration testing e...Owasp owtf the offensive (web) testing framework + ptes penetration testing e...
Owasp owtf the offensive (web) testing framework + ptes penetration testing e...
Mauro Risonho de Paula Assumpcao
 
How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF How to Setup A Pen test Lab and How to Play CTF
How to Setup A Pen test Lab and How to Play CTF
n|u - The Open Security Community
 
Nullcon Hack IM 2011 walk through
Nullcon Hack IM 2011 walk throughNullcon Hack IM 2011 walk through
Nullcon Hack IM 2011 walk through
Anant Shrivastava
 
Django Dev Environment Howto
Django Dev Environment HowtoDjango Dev Environment Howto
Django Dev Environment Howto
Tzu-ping Chung
 
Raptor web application firewall
Raptor web application firewallRaptor web application firewall
Raptor web application firewall
Antonio Costa aka Cooler_
 
Android Tamer BH USA 2016 : Arsenal Presentation
Android Tamer BH USA 2016 : Arsenal PresentationAndroid Tamer BH USA 2016 : Arsenal Presentation
Android Tamer BH USA 2016 : Arsenal Presentation
Anant Shrivastava
 
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal ShindeFrida Android run time hooking - Bhargav Gajera & Vitthal Shinde
Frida Android run time hooking - Bhargav Gajera & Vitthal Shinde
NSConclave
 
about Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospringabout Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospring
Hideki Yamane
 
Fastlane
FastlaneFastlane
Fastlane
eurosigdoc acm
 
0d1n
0d1n0d1n
0d1n
Antonio Costa aka Cooler_
 
Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?
Hideki Yamane
 
find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)
Hideki Yamane
 
Hacking the Gateways
Hacking the GatewaysHacking the Gateways
Hacking the Gateways
Onur Alanbel
 
Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj Machiraju
Raghunath G
 
Open Platform for NFV: Arno and Beyond
Open Platform for NFV: Arno and BeyondOpen Platform for NFV: Arno and Beyond
Open Platform for NFV: Arno and Beyond
OPNFV
 
Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012
Abraham Aranguren
 
Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011
Abraham Aranguren
 
Django district pip, virtualenv, virtualenv wrapper & more
Django district pip, virtualenv, virtualenv wrapper & moreDjango district pip, virtualenv, virtualenv wrapper & more
Django district pip, virtualenv, virtualenv wrapper & more
Jacqueline Kazil
 
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
gmaran23
 
5 minute intro to virtualenv
5 minute intro to virtualenv5 minute intro to virtualenv
5 minute intro to virtualenvamenasse
 
Automating Security Testing with the OWTF
Automating Security Testing with the OWTFAutomating Security Testing with the OWTF
Automating Security Testing with the OWTF
Jerod Brennen
 
Startup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionStartup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django session
Juraj Michálek
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet
 
PyWPS at COST WPS Workshop
PyWPS at COST WPS WorkshopPyWPS at COST WPS Workshop
PyWPS at COST WPS WorkshopJachym Cepicky
 
Beyond QA
Beyond QABeyond QA
Beyond QA
gilforcada
 
Virtualenv
VirtualenvVirtualenv
Virtualenv
Jon Nials
 
Deploy Python apps in 5 min with a PaaS
Deploy Python apps in 5 min with a PaaSDeploy Python apps in 5 min with a PaaS
Deploy Python apps in 5 min with a PaaS
Appsembler
 
Operating OPNFV: Deploy it, test it, run it
Operating OPNFV: Deploy it, test it, run itOperating OPNFV: Deploy it, test it, run it
Operating OPNFV: Deploy it, test it, run it
OPNFV
 
PyParis2018 - Python tooling for continuous deployment
PyParis2018 - Python tooling for continuous deploymentPyParis2018 - Python tooling for continuous deployment
PyParis2018 - Python tooling for continuous deployment
Arthur Lutz
 

More Related Content

What's hot

about Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospringabout Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospring
Hideki Yamane
 
Fastlane
FastlaneFastlane
Fastlane
eurosigdoc acm
 
0d1n
0d1n0d1n
0d1n
Antonio Costa aka Cooler_
 
Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?
Hideki Yamane
 
find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)
Hideki Yamane
 
Hacking the Gateways
Hacking the GatewaysHacking the Gateways
Hacking the Gateways
Onur Alanbel
 

What's hot (6)

about Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospringabout Debian "squeeze" @201002 OSC Tokyospring
about Debian "squeeze" @201002 OSC Tokyospring
 
Fastlane
FastlaneFastlane
Fastlane
 
0d1n
0d1n0d1n
0d1n
 
Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?Does Cowgirl Dream of Red Swirl?
Does Cowgirl Dream of Red Swirl?
 
find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)find & improve some bottleneck in Debian project (DebConf14 LT)
find & improve some bottleneck in Debian project (DebConf14 LT)
 
Hacking the Gateways
Hacking the GatewaysHacking the Gateways
Hacking the Gateways
 

Similar to 2015 mindthesec mauro risonho de paula assumpcao rev01 firebits

Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj Machiraju
Raghunath G
 
Open Platform for NFV: Arno and Beyond
Open Platform for NFV: Arno and BeyondOpen Platform for NFV: Arno and Beyond
Open Platform for NFV: Arno and Beyond
OPNFV
 
Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012
Abraham Aranguren
 
Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011
Abraham Aranguren
 
Django district pip, virtualenv, virtualenv wrapper & more
Django district pip, virtualenv, virtualenv wrapper & moreDjango district pip, virtualenv, virtualenv wrapper & more
Django district pip, virtualenv, virtualenv wrapper & more
Jacqueline Kazil
 
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
gmaran23
 
5 minute intro to virtualenv
5 minute intro to virtualenv5 minute intro to virtualenv
5 minute intro to virtualenvamenasse
 
Automating Security Testing with the OWTF
Automating Security Testing with the OWTFAutomating Security Testing with the OWTF
Automating Security Testing with the OWTF
Jerod Brennen
 
Startup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionStartup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django session
Juraj Michálek
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet
 
PyWPS at COST WPS Workshop
PyWPS at COST WPS WorkshopPyWPS at COST WPS Workshop
PyWPS at COST WPS WorkshopJachym Cepicky
 
Beyond QA
Beyond QABeyond QA
Beyond QA
gilforcada
 
Virtualenv
VirtualenvVirtualenv
Virtualenv
Jon Nials
 
Deploy Python apps in 5 min with a PaaS
Deploy Python apps in 5 min with a PaaSDeploy Python apps in 5 min with a PaaS
Deploy Python apps in 5 min with a PaaS
Appsembler
 
Operating OPNFV: Deploy it, test it, run it
Operating OPNFV: Deploy it, test it, run itOperating OPNFV: Deploy it, test it, run it
Operating OPNFV: Deploy it, test it, run it
OPNFV
 
PyParis2018 - Python tooling for continuous deployment
PyParis2018 - Python tooling for continuous deploymentPyParis2018 - Python tooling for continuous deployment
PyParis2018 - Python tooling for continuous deployment
Arthur Lutz
 
Sai devops - the art of being specializing generalist
Sai devops - the art of being specializing generalistSai devops - the art of being specializing generalist
Sai devops - the art of being specializing generalistOdd-e
 
Shall we play a game?
Shall we play a game?Shall we play a game?
Shall we play a game?
Maciej Lasyk
 
PyQt Application Development On Maemo
PyQt Application Development On MaemoPyQt Application Development On Maemo
PyQt Application Development On Maemo
achipa
 
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
NETWAYS
 

Similar to 2015 mindthesec mauro risonho de paula assumpcao rev01 firebits (20)

Null July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj MachirajuNull July - OWTF - Bharadwaj Machiraju
Null July - OWTF - Bharadwaj Machiraju
 
Open Platform for NFV: Arno and Beyond
Open Platform for NFV: Arno and BeyondOpen Platform for NFV: Arno and Beyond
Open Platform for NFV: Arno and Beyond
 
Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012Introducing OWASP OWTF Workshop BruCon 2012
Introducing OWASP OWTF Workshop BruCon 2012
 
Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011Silent web app testing by example - BerlinSides 2011
Silent web app testing by example - BerlinSides 2011
 
Django district pip, virtualenv, virtualenv wrapper & more
Django district pip, virtualenv, virtualenv wrapper & moreDjango district pip, virtualenv, virtualenv wrapper & more
Django district pip, virtualenv, virtualenv wrapper & more
 
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
Automating Web Application Security Testing With OWASP ZAP DOT NET API - Tech...
 
5 minute intro to virtualenv
5 minute intro to virtualenv5 minute intro to virtualenv
5 minute intro to virtualenv
 
Automating Security Testing with the OWTF
Automating Security Testing with the OWTFAutomating Security Testing with the OWTF
Automating Security Testing with the OWTF
 
Startup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django sessionStartup Camp - Git, Python, Django session
Startup Camp - Git, Python, Django session
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
 
PyWPS at COST WPS Workshop
PyWPS at COST WPS WorkshopPyWPS at COST WPS Workshop
PyWPS at COST WPS Workshop
 
Beyond QA
Beyond QABeyond QA
Beyond QA
 
Virtualenv
VirtualenvVirtualenv
Virtualenv
 
Deploy Python apps in 5 min with a PaaS
Deploy Python apps in 5 min with a PaaSDeploy Python apps in 5 min with a PaaS
Deploy Python apps in 5 min with a PaaS
 
Operating OPNFV: Deploy it, test it, run it
Operating OPNFV: Deploy it, test it, run itOperating OPNFV: Deploy it, test it, run it
Operating OPNFV: Deploy it, test it, run it
 
PyParis2018 - Python tooling for continuous deployment
PyParis2018 - Python tooling for continuous deploymentPyParis2018 - Python tooling for continuous deployment
PyParis2018 - Python tooling for continuous deployment
 
Sai devops - the art of being specializing generalist
Sai devops - the art of being specializing generalistSai devops - the art of being specializing generalist
Sai devops - the art of being specializing generalist
 
Shall we play a game?
Shall we play a game?Shall we play a game?
Shall we play a game?
 
PyQt Application Development On Maemo
PyQt Application Development On MaemoPyQt Application Development On Maemo
PyQt Application Development On Maemo
 
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
 

More from Mauro Risonho de Paula Assumpcao

Árvores de decisão no FreeBSD com R - PagSeguro
Árvores de decisão no FreeBSD com R - PagSeguroÁrvores de decisão no FreeBSD com R - PagSeguro
Árvores de decisão no FreeBSD com R - PagSeguro
Mauro Risonho de Paula Assumpcao
 
BSDDAY 2019 - Data Science e Artificial Intelligence usando Freebsd
BSDDAY 2019 - Data Science e Artificial Intelligence usando FreebsdBSDDAY 2019 - Data Science e Artificial Intelligence usando Freebsd
BSDDAY 2019 - Data Science e Artificial Intelligence usando Freebsd
Mauro Risonho de Paula Assumpcao
 
Tendências, Tecnicas e soluções no combate aos ataques de APTs e AVTs
Tendências, Tecnicas e soluções no combate aos ataques de APTs e AVTsTendências, Tecnicas e soluções no combate aos ataques de APTs e AVTs
Tendências, Tecnicas e soluções no combate aos ataques de APTs e AVTs
Mauro Risonho de Paula Assumpcao
 
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Mauro Risonho de Paula Assumpcao
 
OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)
OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)
OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)
Mauro Risonho de Paula Assumpcao
 
UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01
UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01
UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01
Mauro Risonho de Paula Assumpcao
 
Site blindado - Como tornar loja virtual mais segura e vender mais
Site blindado - Como tornar loja virtual mais segura e vender maisSite blindado - Como tornar loja virtual mais segura e vender mais
Site blindado - Como tornar loja virtual mais segura e vender mais
Mauro Risonho de Paula Assumpcao
 
Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013
Mauro Risonho de Paula Assumpcao
 
Skyfall flisol-campinas-2013
Skyfall flisol-campinas-2013Skyfall flisol-campinas-2013
Skyfall flisol-campinas-2013
Mauro Risonho de Paula Assumpcao
 
Nessus Scanner Vulnerabilidades
Nessus Scanner VulnerabilidadesNessus Scanner Vulnerabilidades
Nessus Scanner Vulnerabilidades
Mauro Risonho de Paula Assumpcao
 
OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...
OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...
OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...
Mauro Risonho de Paula Assumpcao
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Mauro Risonho de Paula Assumpcao
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Mauro Risonho de Paula Assumpcao
 
Oficina de Análise em Vulnerabilidades - Openvas4 - GaroaHC
Oficina de Análise em Vulnerabilidades - Openvas4 - GaroaHCOficina de Análise em Vulnerabilidades - Openvas4 - GaroaHC
Oficina de Análise em Vulnerabilidades - Openvas4 - GaroaHC
Mauro Risonho de Paula Assumpcao
 
Backtrack 4 rc1 fatec mogi-mirim
Backtrack 4 rc1 fatec mogi-mirimBacktrack 4 rc1 fatec mogi-mirim
Backtrack 4 rc1 fatec mogi-mirim
Mauro Risonho de Paula Assumpcao
 
Backtrack 4 Rc1 Volcon2
Backtrack 4 Rc1 Volcon2Backtrack 4 Rc1 Volcon2
Backtrack 4 Rc1 Volcon2
Mauro Risonho de Paula Assumpcao
 
Backtrack 4 nessus
Backtrack 4 nessusBacktrack 4 nessus
Backtrack 4 nessus
Mauro Risonho de Paula Assumpcao
 
Backtrack4 inguma
Backtrack4 ingumaBacktrack4 inguma
Backtrack4 inguma
Mauro Risonho de Paula Assumpcao
 

More from Mauro Risonho de Paula Assumpcao (20)

Árvores de decisão no FreeBSD com R - PagSeguro
Árvores de decisão no FreeBSD com R - PagSeguroÁrvores de decisão no FreeBSD com R - PagSeguro
Árvores de decisão no FreeBSD com R - PagSeguro
 
BSDDAY 2019 - Data Science e Artificial Intelligence usando Freebsd
BSDDAY 2019 - Data Science e Artificial Intelligence usando FreebsdBSDDAY 2019 - Data Science e Artificial Intelligence usando Freebsd
BSDDAY 2019 - Data Science e Artificial Intelligence usando Freebsd
 
Tendências, Tecnicas e soluções no combate aos ataques de APTs e AVTs
Tendências, Tecnicas e soluções no combate aos ataques de APTs e AVTsTendências, Tecnicas e soluções no combate aos ataques de APTs e AVTs
Tendências, Tecnicas e soluções no combate aos ataques de APTs e AVTs
 
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
Owasp IoT top 10 + IoTGOAT Cyber Security Meeting Brazil 3rd 2015
 
OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)
OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)
OpenVAS - Scanner em Vulnerabilidades Open Source (fork Nessus GPL2)
 
UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01
UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01
UNICAMP-DevCamp-2014-OpenVAS-ICTS-PROTIVIT-firebits-rev01
 
Site blindado - Como tornar loja virtual mais segura e vender mais
Site blindado - Como tornar loja virtual mais segura e vender maisSite blindado - Como tornar loja virtual mais segura e vender mais
Site blindado - Como tornar loja virtual mais segura e vender mais
 
Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013Skyfall b sides-c00-l-ed5-sp-2013
Skyfall b sides-c00-l-ed5-sp-2013
 
Skyfall flisol-campinas-2013
Skyfall flisol-campinas-2013Skyfall flisol-campinas-2013
Skyfall flisol-campinas-2013
 
2013 - 4 Google Open Source Jam
2013 - 4 Google Open Source Jam2013 - 4 Google Open Source Jam
2013 - 4 Google Open Source Jam
 
Nessus Scanner Vulnerabilidades
Nessus Scanner VulnerabilidadesNessus Scanner Vulnerabilidades
Nessus Scanner Vulnerabilidades
 
OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...
OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...
OWASP AppSec 2010 BRAZIL Information Extraction Art of Testing Network Periph...
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
 
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTONullcon 2011 RFID - NÂO ENVIADO AO EVENTO
Nullcon 2011 RFID - NÂO ENVIADO AO EVENTO
 
Oficina de Análise em Vulnerabilidades - Openvas4 - GaroaHC
Oficina de Análise em Vulnerabilidades - Openvas4 - GaroaHCOficina de Análise em Vulnerabilidades - Openvas4 - GaroaHC
Oficina de Análise em Vulnerabilidades - Openvas4 - GaroaHC
 
3 google open souce jam- a - hardening
3 google open souce jam- a - hardening3 google open souce jam- a - hardening
3 google open souce jam- a - hardening
 
Backtrack 4 rc1 fatec mogi-mirim
Backtrack 4 rc1 fatec mogi-mirimBacktrack 4 rc1 fatec mogi-mirim
Backtrack 4 rc1 fatec mogi-mirim
 
Backtrack 4 Rc1 Volcon2
Backtrack 4 Rc1 Volcon2Backtrack 4 Rc1 Volcon2
Backtrack 4 Rc1 Volcon2
 
Backtrack 4 nessus
Backtrack 4 nessusBacktrack 4 nessus
Backtrack 4 nessus
 
Backtrack4 inguma
Backtrack4 ingumaBacktrack4 inguma
Backtrack4 inguma
 

Recently uploaded

In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
Globus
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
Tendenci - The Open Source AMS (Association Management Software)
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfEnhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Jay Das
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
Philip Schwarz
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
Ortus Solutions, Corp
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Globus
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 

Recently uploaded (20)

In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Understanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSageUnderstanding Globus Data Transfers with NetSage
Understanding Globus Data Transfers with NetSage
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Corporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMSCorporate Management | Session 3 of 3 | Tendenci AMS
Corporate Management | Session 3 of 3 | Tendenci AMS
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdfEnhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
Enhancing Project Management Efficiency_ Leveraging AI Tools like ChatGPT.pdf
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
A Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of PassageA Sighting of filterA in Typelevel Rite of Passage
A Sighting of filterA in Typelevel Rite of Passage
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024BoxLang: Review our Visionary Licenses of 2024
BoxLang: Review our Visionary Licenses of 2024
 
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 

2015 mindthesec mauro risonho de paula assumpcao rev01 firebits

  • 1. OWASP OWTF THE OFFENSIVE (WEB) TESTING FRAMEWORK + PTES PENETRATION TESTING EXECUTION STANDARD = KALI POWER AUTO WEB PENTESTS Mauro Risonho de Paula Assumpção
  • 2. PENSAMENTO Nosso Presente; é o Passado de alguma Civilização no Futuro. Mauro Risonho de Paula Assumpção
  • 3. AGENDA ● OWTF Intro – Instalando OWTF com o Kali (apenas tools web) ● Executando OWTF – Parte 1: OWTF Passive + Semi-passive Web analysis – Parte 2: OWTF Active Web analysis – Parte 3: OWTF aux plugins – SE, IDs testing ● Conclusão ● Q&A
  • 4. WHO I AM? ● Mauro Risonho de Paula Assumpção aka firebits ● Nerd/Autodidata/Entusiasta/Pentester/Analista em Vulnerabilidades/ Security Researcher/Instrutor/Palestrante e Eterno Aprendiz de Conhecimentos ● Analista em Segurança (R&D) pela Agility Networks, focado no sistema SIS (RE de Malwares, Deep Web e Pentest)
  • 6. 6 OWASP OWTF OWASP OWTF https://www.owasp.org/index.php/OWASP_OWTF Email de contato (2014) de Abraham Aranguren, Leader OWASP OWTF Project
  • 7. 7 OWTF - Offensive (Web) Testing Framework OWTF Test Separation Start Without permission Automation Unite Tools, Knowledge, Standards, (OWASP and PTES) Test Separation Start Without permission
  • 8. 8 OWTF Chess-like approach OWTF Run Tools theHarvester ● Nikto ● Arachini ● W3af, etc Run Tests directly ● Header Searches ● HTML Body searches ● Craftled requests, etc Knowledge Repository ● PoCs Links ● Resource Links ● OWASP mapping Help Human analysis Flag importance ● Tool Output manager ● Screenshot manager ● Notes Manager ● Report Assistant Pentester OWTF
  • 9. 9 OWTF - Install Kali 1.1.0 ou Kali 2 - tests (conforme o caso) http://cdimage.kali.org/kali-1.1.0/kali-linux-1.1.0-amd64.iso http://docs.kali.org/network-install/kali-linux-network-mini-iso-install https://www.owasp.org/index.php/OWASP_OWTF kali-linux-web = Kali Linux web app assessment tools (group install) apt-get install kali-linux-web -y github git clone git://github.com/owtf/owtf.git OWTF 1.0.1 Lionheart wget https://github.com/owtf/owtf/archive/v1.0.1.tar.gz tar -xvvf https://github.com/owtf/owtf/archive/v1.0.1.tar.gz
  • 10. 10 OWTF - Install #git clone https://github.com/owtf/owtf.git #cd /root/owtf/install #python install.py #YES, YES, YES...FOREVER!:) ou pip install --upgrade -r install/owtf.pip
  • 11. PTES
  • 12. 12 PTES Penetration Testing Execution Standard PTES – MindMap (FreeMind) http://www.pentest-standard.org/index.php/FAQ http://iamit.org/docs/Penetration_Testing_Execution_Standard.mm 1) Pre-engagement Interactions 2) Intelligence Gathering 3) Threat Modeling 4) Vulnerability Analysis 5) Exploitation 6) Post Exploitation 7) Reporting
  • 13. KALI
  • 17. 17 Acabou de instalar com sucesso! :) KALI
  • 18. 18 python owtf.py -h|more OWASP OWTF + PTES = KALI OWTF Comandos em CLI
  • 19. 19 python owtf.py -l web Listar plugins OWTF - Web Attacks OWASP OWTF + PTES = KALI
  • 20. 20 Simulation mode “-s ”: 1) SIMULATES what OWTF will do (so it does not do it!): 2) Is useful to check the effect of a command before running it #python owtf.py -s https://accounts.google.com | more Simulation mode OWASP OWTF + PTES = KALI
  • 23. 23 DEMOS Parte 1: OWTF Passive + Semi-passive Web analysis Parte 2: OWTF Active Web analysis Parte 3: OWTF aux plugins – SE, IDs testing
  • 25. 25 CONCLUSÃO OWASP OWTF não é “silver-bullet”, ou seja “bala-de-prata” e não substitui o processo manual, inteligente e humano de pentesters, mas ajuda a automatizar um pouco as coisas.
  • 26. OBRIGADO! Mauro Risonho de Paula Assumpção Email mauro.risonho@gmail.com Twitter @firebitsbr Site https://firebitsbr.wordpress.com