RedHunt BlackHat US 2018 Arsenal - RedHunt OS (VM)
•Download as PPTX, PDF•
1 like•684 views
RedHUNT OS is a virtual machine for adversary emulation and threat hunting. It contains tools for attack emulation, logging and monitoring, open source intelligence (OSINT), and threat intelligence. The OS is meant to be used by penetration testers, blue teamers, and threat hunters. It aims to consolidate attack data generation, collection, visualization and enrichment capabilities. Users can download the virtual machine from GitHub and contribute by testing, providing feedback, documentation, and suggesting additional tools.
Report
Share
Report
Share
Recommended
PyTest - The Awesome Parts by Josh Grant
The document discusses the benefits of using the Python programming language and Pytest framework for software testing. Some key benefits mentioned include Python being widely used for web and app development, which allows testers to use the same language as developers. Pytest is highlighted as an awesome test automation framework that is flexible for unit, API, and browser testing and has a large plugin ecosystem. Examples are provided showing how Pytest can be used to test weather data.
Matriux Leandros - BSidesLV 2013
Matriux is the first full-fledged Debian-based security distribution designed for penetration testing and forensic investigations. Although it is primarily designed for security enthusiasts and professionals, it can also be used by any Linux user as a desktop system for day-to-day computing. Besides standard Debian software the Matriux Arsenal contains a huge collection of more than 350 most powerful and versatile security and penetration testing tools with around 20-50 more tools being added every release cycle of 6 months. Matriux comes with a custom-built Linux kernel to provide better performance and higher support for hardware to work even with a Pentium IV and 512 MB RAM comfortably.
Matriux was first released in 2009 under code name “lithium” and then followed by versions like “xenon” based on Ubuntu. Matriux “Krypton” then followed in 2011 where we moved our system to Debian. Other versions followed for Matriux “Krypton” with v1.2 and then Ec-Centric in 2012. This year we are working releasing Matriux “Leandros” which is currently in beta testing and a major revamp over the existing system.
Matriux arsenal is divided into sections with a broader classification of tools for Reconnaissance, Scanning, Attack Tools, Frameworks, Radio (Wireless), Digital Forensics, Debuggers, Tracers, Fuzzers and other miscellaneous tool providing a wider approach over the steps followed for a complete penetration testing and forensic scenario. Although there are were many questions raised regarding why there is a need for another security distribution while there is already one. We believed and followed the free spirit of Linux in making one. We always tried to stay updated with the tool and hardware support and so include the latest tools and compile a custom kernel to stay abreast with the latest technologies in the field of information security.
Matriux is also designed to run from a Live environment like a CD/ DVD or USB stick which can be helpful in computer forensics and data recovery for forensic analysis, investigations and retrievals not only from Physical Hard drives but also from Solid state drives and NAND flashes used in smart phones like Android and iPhone. With Matriux we also support and work with the projects and tools that have been discontinued over time and also keep track with the latest tools and applications that have been developed and presented in the recent conferences.
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
In this talk, I'll be discussing my experience developing intelligence-gathering capabilities to track several different independent groups of threat actors on a very limited budget (read: virtually no budget whatsoever). I'll discuss discovering the groups using open source intelligence gathering and honeypots, monitoring attacks, collecting and analyzing malware artifacts to figure out what their capabilities are, and reverse engineering their malware to develop the capability to track their targets in real time. Finally, I'll chat about defensive strategies and provide recommendations for enterprise security analysts and other security researchers.
Nmapper theHarvester OSINT Tool explanation
OSINT for Opensource intelligence is a tool used to examine external threats of and organization. At Nmmapper(https://www.nmmapper.com) We have integrated this OSINT tool online for everyone to test it out at https://www.nmmapper.com/kalitools/theharvester/email-harvester-tool/online/
44CON - So You Want To Red Team?
Talk by Lawrence Munro and Matt Lorentzen from 44CON 2018.
So, you want to be a Red Teamer, but you can’t get into it because you’re not a big enough name, or you lack the opportunities and experience to develop the skill-set? It’s extremely hard to develop your red teaming skills without access to legitimate work within this sphere (or legal, at least!). The skills are advanced and require hours spent in enterprise environments honing your tradecraft, but access to this world can be a chicken and the egg situation.
In this talk, we discuss the skill differences between pen testing and red teaming and how to break into a red team. We approach the topic from both a career / tactical angle as well as how to close the upskilling gap. We introduce a new open source lab (Fortis), which provides a new approach to simulating user interactions (using unique ‘sheeple’) to help you develop the right skillsets without going out-of-scope and staying on the right side of the law.
Malware cryptomining uploadv3
This document summarizes a presentation on malware analysis techniques. It discusses how malware spreads, common types of malware like ransomware and cryptomining malware, and approaches to analyzing malware both statically and dynamically. Static analysis techniques examined include scanning files, searching for strings, and analyzing file headers and dynamic linking. Dynamic analysis involves running malware in a controlled environment to observe its behaviors and network activity. Cryptomining malware is described as using victims' computers to mine cryptocurrency without permission.
Malware analysis _ Threat Intelligence Morocco
The document discusses two cyber threats that existed in Morocco:
1. A password info stealer malware that was responsible for 90% of attacks. Intelligence tracking detected around 180GB of leaked data related to Moroccan domains and personal information, and over 320 spammers were identified from the data with connections to Morocco.
2. An ATM dispense malware that was gathered from Moroccan internet service providers. Technical details about the ATM malware were presented, but not summarized.
The document ends by stating that preparations are being made for the "next war", but does not clarify the purpose of the two threats.
DefCamp 2013 - MSF Into The Worm Hole
This document provides an overview of using the Metasploit framework for penetration testing web applications. It discusses Metasploit modules like exploits, payloads, and listeners. It describes using direct exploits against hosts and browser exploits like heap spraying. It also covers using Metasploit for information gathering with Nmap and storing scan data in the Metasploit database. The document demonstrates a client-side attack against Internet Explorer using a binary payload and Immunity Debugger.
Recommended
PyTest - The Awesome Parts by Josh Grant
The document discusses the benefits of using the Python programming language and Pytest framework for software testing. Some key benefits mentioned include Python being widely used for web and app development, which allows testers to use the same language as developers. Pytest is highlighted as an awesome test automation framework that is flexible for unit, API, and browser testing and has a large plugin ecosystem. Examples are provided showing how Pytest can be used to test weather data.
Matriux Leandros - BSidesLV 2013
Matriux is the first full-fledged Debian-based security distribution designed for penetration testing and forensic investigations. Although it is primarily designed for security enthusiasts and professionals, it can also be used by any Linux user as a desktop system for day-to-day computing. Besides standard Debian software the Matriux Arsenal contains a huge collection of more than 350 most powerful and versatile security and penetration testing tools with around 20-50 more tools being added every release cycle of 6 months. Matriux comes with a custom-built Linux kernel to provide better performance and higher support for hardware to work even with a Pentium IV and 512 MB RAM comfortably.
Matriux was first released in 2009 under code name “lithium” and then followed by versions like “xenon” based on Ubuntu. Matriux “Krypton” then followed in 2011 where we moved our system to Debian. Other versions followed for Matriux “Krypton” with v1.2 and then Ec-Centric in 2012. This year we are working releasing Matriux “Leandros” which is currently in beta testing and a major revamp over the existing system.
Matriux arsenal is divided into sections with a broader classification of tools for Reconnaissance, Scanning, Attack Tools, Frameworks, Radio (Wireless), Digital Forensics, Debuggers, Tracers, Fuzzers and other miscellaneous tool providing a wider approach over the steps followed for a complete penetration testing and forensic scenario. Although there are were many questions raised regarding why there is a need for another security distribution while there is already one. We believed and followed the free spirit of Linux in making one. We always tried to stay updated with the tool and hardware support and so include the latest tools and compile a custom kernel to stay abreast with the latest technologies in the field of information security.
Matriux is also designed to run from a Live environment like a CD/ DVD or USB stick which can be helpful in computer forensics and data recovery for forensic analysis, investigations and retrievals not only from Physical Hard drives but also from Solid state drives and NAND flashes used in smart phones like Android and iPhone. With Matriux we also support and work with the projects and tools that have been discontinued over time and also keep track with the latest tools and applications that have been developed and presented in the recent conferences.
ShmooCon 2015: No Budget Threat Intelligence - Tracking Malware Campaigns on ...
In this talk, I'll be discussing my experience developing intelligence-gathering capabilities to track several different independent groups of threat actors on a very limited budget (read: virtually no budget whatsoever). I'll discuss discovering the groups using open source intelligence gathering and honeypots, monitoring attacks, collecting and analyzing malware artifacts to figure out what their capabilities are, and reverse engineering their malware to develop the capability to track their targets in real time. Finally, I'll chat about defensive strategies and provide recommendations for enterprise security analysts and other security researchers.
Nmapper theHarvester OSINT Tool explanation
OSINT for Opensource intelligence is a tool used to examine external threats of and organization. At Nmmapper(https://www.nmmapper.com) We have integrated this OSINT tool online for everyone to test it out at https://www.nmmapper.com/kalitools/theharvester/email-harvester-tool/online/
44CON - So You Want To Red Team?
Talk by Lawrence Munro and Matt Lorentzen from 44CON 2018.
So, you want to be a Red Teamer, but you can’t get into it because you’re not a big enough name, or you lack the opportunities and experience to develop the skill-set? It’s extremely hard to develop your red teaming skills without access to legitimate work within this sphere (or legal, at least!). The skills are advanced and require hours spent in enterprise environments honing your tradecraft, but access to this world can be a chicken and the egg situation.
In this talk, we discuss the skill differences between pen testing and red teaming and how to break into a red team. We approach the topic from both a career / tactical angle as well as how to close the upskilling gap. We introduce a new open source lab (Fortis), which provides a new approach to simulating user interactions (using unique ‘sheeple’) to help you develop the right skillsets without going out-of-scope and staying on the right side of the law.
Malware cryptomining uploadv3
This document summarizes a presentation on malware analysis techniques. It discusses how malware spreads, common types of malware like ransomware and cryptomining malware, and approaches to analyzing malware both statically and dynamically. Static analysis techniques examined include scanning files, searching for strings, and analyzing file headers and dynamic linking. Dynamic analysis involves running malware in a controlled environment to observe its behaviors and network activity. Cryptomining malware is described as using victims' computers to mine cryptocurrency without permission.
Malware analysis _ Threat Intelligence Morocco
The document discusses two cyber threats that existed in Morocco:
1. A password info stealer malware that was responsible for 90% of attacks. Intelligence tracking detected around 180GB of leaked data related to Moroccan domains and personal information, and over 320 spammers were identified from the data with connections to Morocco.
2. An ATM dispense malware that was gathered from Moroccan internet service providers. Technical details about the ATM malware were presented, but not summarized.
The document ends by stating that preparations are being made for the "next war", but does not clarify the purpose of the two threats.
DefCamp 2013 - MSF Into The Worm Hole
This document provides an overview of using the Metasploit framework for penetration testing web applications. It discusses Metasploit modules like exploits, payloads, and listeners. It describes using direct exploits against hosts and browser exploits like heap spraying. It also covers using Metasploit for information gathering with Nmap and storing scan data in the Metasploit database. The document demonstrates a client-side attack against Internet Explorer using a binary payload and Immunity Debugger.
From OSINT to Phishing presentation
This document describes how the author conducted an OSINT investigation and subsequent phishing campaign. It begins by explaining what OSINT is and some common tools used for open source intelligence gathering like Maltego, Shodan, and Google dorks. Next, it discusses how to use the information found through OSINT to craft a targeted phishing email. The document walks through setting up a phishing site using tools like Modlishka and GoPhish. It then tells a story of a actual phishing campaign the author conducted, changing details to protect privacy. The document concludes by emphasizing the importance of managing one's online presence and digital footprint.
The Background Noise of the Internet
The last five to ten years has seen massive advancements in open source Internet-wide mass-scan tooling, on-demand cloud computing, and high speed Internet connectivity. This has lead to a massive influx of different groups mass-scanning all four billion IP address in the IPv4 space on a constant basis. Information security researchers, cyber security companies, search engines, and criminals scan the Internet for various different benign and nefarious reasons (such as the WannaCry ransomware and multiple MongoDB, ElasticSearch, and Memcached ransomware variants). It is increasingly difficult to differentiate between scan/attack traffic targeting your organization specifically and opportunistic mass-scan background radiation packets.
Grey Noise is a system that records and analyzes all the collective omnidirectional background noise of the Internet, performs enrichments and analytics, and makes the data available to researchers for free. Traffic is collected by a large network of geographically and logically diverse “listener” servers distributed around different data centers belonging to different cloud providers and ISPs around the world.
In this talk I will candidly discuss motivations for developing the system, a technical deep dive on the architecture, data pipeline, and analytics, observations and analysis of the traffic collected by the system, business impacts for network operators, pitfalls and lessons learned, and the vision for the system moving forward.
Where to Start When Your Environment is Fucked
This document provides recommendations for improving security in an environment where protections are currently lacking. It begins by explaining that unprotected systems can be used to launch attacks on other systems, and outlines the business risks of failing to implement basic security practices. The document then provides several free and low-cost actions organizations can take to strengthen their security posture, including using open source reconnaissance and vulnerability scanning tools, disabling unused services, improving password policies and login security, segmentation of networks, and asset management. It emphasizes starting security improvements early, and that while making some changes is better than none, more advanced protections may still be needed.
Using Canary Honeypots for Network Security Monitoring
In this presentation I talk about how honeypots that have more traditionally been used for research purposes can also be used as an effective part of a network security monitoring strategy.
Introduction to Git and GitHub #git_nyan
This document provides an introduction to Git and GitHub. It discusses the history and advantages of Git, including how it was created by Linus Torvalds to support the development of Linux. Key features of Git like reliability, speed, distributed nature, and content management are highlighted. GitHub is introduced as a hosting site for Git repositories. Best practices for Git like separate commits, good commit messages, and GitHub flow are covered. Open source licensing and community aspects are also discussed.
Hacking the Gateways
This document outlines a plan to hack routers by exploiting vulnerabilities. The plan involves deciding targets, finding vulnerabilities in routers like the AirTies RT series, writing exploits in MIPS assembly to achieve remote code execution, writing scripts for mass exploitation, running attacks on targets in Turkey, and analyzing results. Routers are attractive targets because they are directly internet accessible, can control all traffic once compromised, have limited logging capabilities, and rarely receive security updates.
Burp suite
This document provides an overview of Burp Suite and how to use its features to perform vulnerability assessments. It discusses Burp Suite's key components like the proxy, scanner, intruder, repeater, collaborator, and extender. It also covers techniques like bypassing filters, server-side request forgery, XML external entities, and common vulnerabilities to target like open redirects, insufficient entropy, and insecure deserialization.
The ultimate guide for Elasticsearch plugins
This document discusses Elasticsearch plugins, including:
- The different types of plugins like analysis, scripting, and site plugins
- Integration points in Elasticsearch that can be extended by plugins
- Examples of plugins like custom analyzers and percolators
- Considerations for writing plugins like maintenance, versioning, and testing
- How to package and install plugins within Elasticsearch
Metasploitation part-1 (murtuja)
This document provides an overview of metasploitation and using the Metasploit framework. It discusses basics like vulnerabilities, exploits, payloads and encoders. It then covers using the msfconsole interface, exploit modules, auxiliary modules like scanners, databases integration, automation, client-side exploits, payload generation, backdooring files, Linux backdoors, Meterpreter, pivoting, and post-exploitation techniques. The document includes several screenshots and links resources for further information.
Python-Assisted Red-Teaming Operation
Slide yang kupresentasikan di PyCon 2019 (Surabaya, 23/11/2019)
Red-Teaming is a simulation of real world hacking against organization. It has little to no limit of time, location, and method to attack. Only results matter. This talk gives insight about how “hacker” works and how python can be used for sophisticated series of attack.
Honeypots for Active Defense
InfoSec analysts are all somewhat familiar with Honeypots. When they are given the proper attention, care and feeding, they produce invaluable information and can be a critical asset when it comes to defending the network. This intel has been primarily used by security researchers and organizations with advanced defensive capabilities to study their adversaries and learn from their actions. But what about the rest of us? Honeypots are a lot of work to configure, maintain, and monitor, right? Not exactly; when deployed and monitored properly, Honeypots and Honey Tokens are a simple way to alert on anomalous activity inside the network. But how can an organization that is not focused on research gain valuable threat intelligence using Honeypots and actively defend their network using indicators generated from an internal Honeynet?
The answer is Honeypots for Active Defense. There are currently many open source security tool distributions that come pre-loaded with Honeypots among other useful tools, however the Honeypot software is often not deployed in an effective manner. This session will discuss techniques to leverage Honeypots in ways that will not overburden the security team with massive logs to sift through and focuses efforts on correlating active threat data observed in the Honeypots with the production environment. When deploying Honeypots effectively, this can give security analysts one additional mechanism to tip them off to nefarious activity within their network before they become the next headline.
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
The process of penetration testing starts with the "Reconnaissance Phase". This phase, if performed carefully, always provides a winning situation. However, Often in the application security and bug bounty hunting, recon is mapped to finding some assets and uncovering hidden endpoints only & is somewhat under-utilized. Recon is the most crucial thing in application security and bug bounties which always keeps you separated from a competing crowd and gives easy wins.
In "Weaponizing Recon - Weaponizing Recon - Shamshing Applications for Security Vulnerabilities & Profit", will cover the deepest and most interesting recon methodologies to be one step ahead of your competition and how to utilize the tools and publicly available information to map your attack surface & maximize the profit. During the talk, we will cover:
1. Introduction to Recon
2. Basic Recon 101
3. Mapping Attack Surface with Basic Recon
4. Weaponizing Recon to Hit Attack Surface
5. Recon Hacks 101
6. Practical Offensive Recon
7. Automating Recon for Profit
8. Finding Vulnerabilities with Recon
9. Creating your own Recon Map
10. Practical Examples & Demonstrations
Apache Solr for TYPO3 what's new 2018
This document provides an overview of new features and changes in Apache Solr for TYPO3 in 2018. Key highlights include improved user experience in EXT:solr 8.0.0 with updated frontend markup, new suggest and facet features. Other extensions like EXT:solrfluidgrouping and EXT:solrmlt were updated to enhance related content and grouping capabilities. Future plans include additional extensions, TYPO3 9 compatibility, and migrating to the Solarium API for improved Solr integration.
BlueHat v18 || The matrix has you - protecting linux using deception
Ross Bevington, Microsoft
In ‘The Matrix’ sentient machines subdue the population by developing a highly sophisticated simulation. High interaction honeypots are a lot like The Matrix, designed to convince an attacker to execute an attack so we can monitor them. But these honeypots are flawed!
Attackers are continually adapting in order to evade our defenses - meaning that it’s often not enough to just set up a honeypot and watch the results roll in. Is a new approach better?
Did you know that 40% of IaaS VMs in Azure are Linux? For Microsoft to protect itself and its customers Linux is a priority.
At MSTIC we’ve developed a new type of Linux honeypot that allows us to deceive and control the behavior of an attacker. We are using this to understand the person behind the attack, examining them as they examine us. Using these techniques, we are able to better track the person behind the threat, build better protections and ultimately protect more Linux users - whether they are using Azure or not.
In this presentation I’ll show some of the successes of running a Matrix like environment, failures where a glitch was spotted as well as deception approaches that could be applied to other domains. Finally I’ll show how easy it is to leverage Azure’s big data capabilities to build and ultimately query all this data at scale as well as how you can immediately reap the benefits of this work by connecting your Linux box to Azure Security Center.
How to jump start a career in open source
It's not magic. It's not luck. It's not going to happen by itself, so what's the secret sauce? Understanding what makes a career in open source grow, what choices are crucial, and what actions accelerate or damage your open source future are sometimes hard to grasp. Learning to position, expand and grow your personal brand in the open source world is what this session provides. Be ready for your next step in open source. Join me for 30 minutes of power where you'll be given a clear and easy to use plan for jump starting your open source career immediately.
Youtube video link: https://youtu.be/-_ZgfmnL9bM
Slides Red Hat internal link: https://docs.google.com/presentation/d/1RQg7zfP4WsG76gfj_CmrBPGW6na49q72NgAJvxXaBs4
Automation Attacks At Scale
Automation attacks are currently plaguing organizations in industries ranging from financial to retail, to gaming & entertainment. These attacks exploit stolen credential leaks, black market & custom attack toolkits, and massively scalable infrastructure to launch widely distributed attacks that are extremely difficult to detect, let alone attribute. In this presentation we will inform the audience of the scale of this problem, discuss a detection methodology to counter these attacks, and walk through 3 real-world examples of how attackers created and monetized the distributed infrastructure they require to launch these attacks.
The_Pentester_Blueprint.pdf
This document provides an overview of becoming a penetration tester or pentester. It discusses Phillip Wylie's background and experience in information security. It defines pentesting and explains why organizations use pentesting for security assessments and regulatory compliance. It outlines the skills, knowledge, and mindset needed to become a pentester including technological knowledge, hacking skills, and developing a "hacker mindset". It provides recommendations for building a home lab, recommended reading, learning resources, certifications, and tips for getting pentester jobs.
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
This presentation part of Prisma CSI's Practical White Hat Hacker Training v1
PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com
This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
Hunting for the secrets in a cloud forest
Have you ever wonder if the access to your cloud kingdom is secure? Have you ever thought how cyber criminals are hunting for your secrets? How can you be sure that your secret is not "mistakenly" available to the public?
In my presentation I'm going to present you hackish methods used by cyber criminals to find access keys, credentials and other secrets in the public Internet. How can Shannon Entropy help you to do that? This is a presentation about my tool the DumpsterDiver (https://github.com/securing/DumpsterDiver) and the BucketScanner (https://github.com/securing/BucketScanner).
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
Have you ever wonder if the access to your cloud kingdom is secure? Have you ever thought how cyber criminals are hunting for your secrets? How can you be sure that your secret is not "mistakenly" available to the public? In my presentation I'm going to present you hackish methods used by cyber criminals to find access keys, credentials and other secrets in the public Internet. How can Shannon Entropy help you to do that? During the presentation, I'll release my own scanners to search AWS space and in the end I will demonstrate my own tool to analyse big amounts of data in search for sensitive data. Lots of demos, technical stuff and educating moral for unaware specialists in the end. It's gonna be fun!
Mind map of terminologies used in context of Generative AI
Mind map of common terms used in context of Generative AI.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
More Related Content
Similar to RedHunt BlackHat US 2018 Arsenal - RedHunt OS (VM)
From OSINT to Phishing presentation
This document describes how the author conducted an OSINT investigation and subsequent phishing campaign. It begins by explaining what OSINT is and some common tools used for open source intelligence gathering like Maltego, Shodan, and Google dorks. Next, it discusses how to use the information found through OSINT to craft a targeted phishing email. The document walks through setting up a phishing site using tools like Modlishka and GoPhish. It then tells a story of a actual phishing campaign the author conducted, changing details to protect privacy. The document concludes by emphasizing the importance of managing one's online presence and digital footprint.
The Background Noise of the Internet
The last five to ten years has seen massive advancements in open source Internet-wide mass-scan tooling, on-demand cloud computing, and high speed Internet connectivity. This has lead to a massive influx of different groups mass-scanning all four billion IP address in the IPv4 space on a constant basis. Information security researchers, cyber security companies, search engines, and criminals scan the Internet for various different benign and nefarious reasons (such as the WannaCry ransomware and multiple MongoDB, ElasticSearch, and Memcached ransomware variants). It is increasingly difficult to differentiate between scan/attack traffic targeting your organization specifically and opportunistic mass-scan background radiation packets.
Grey Noise is a system that records and analyzes all the collective omnidirectional background noise of the Internet, performs enrichments and analytics, and makes the data available to researchers for free. Traffic is collected by a large network of geographically and logically diverse “listener” servers distributed around different data centers belonging to different cloud providers and ISPs around the world.
In this talk I will candidly discuss motivations for developing the system, a technical deep dive on the architecture, data pipeline, and analytics, observations and analysis of the traffic collected by the system, business impacts for network operators, pitfalls and lessons learned, and the vision for the system moving forward.
Where to Start When Your Environment is Fucked
This document provides recommendations for improving security in an environment where protections are currently lacking. It begins by explaining that unprotected systems can be used to launch attacks on other systems, and outlines the business risks of failing to implement basic security practices. The document then provides several free and low-cost actions organizations can take to strengthen their security posture, including using open source reconnaissance and vulnerability scanning tools, disabling unused services, improving password policies and login security, segmentation of networks, and asset management. It emphasizes starting security improvements early, and that while making some changes is better than none, more advanced protections may still be needed.
Using Canary Honeypots for Network Security Monitoring
In this presentation I talk about how honeypots that have more traditionally been used for research purposes can also be used as an effective part of a network security monitoring strategy.
Introduction to Git and GitHub #git_nyan
This document provides an introduction to Git and GitHub. It discusses the history and advantages of Git, including how it was created by Linus Torvalds to support the development of Linux. Key features of Git like reliability, speed, distributed nature, and content management are highlighted. GitHub is introduced as a hosting site for Git repositories. Best practices for Git like separate commits, good commit messages, and GitHub flow are covered. Open source licensing and community aspects are also discussed.
Hacking the Gateways
This document outlines a plan to hack routers by exploiting vulnerabilities. The plan involves deciding targets, finding vulnerabilities in routers like the AirTies RT series, writing exploits in MIPS assembly to achieve remote code execution, writing scripts for mass exploitation, running attacks on targets in Turkey, and analyzing results. Routers are attractive targets because they are directly internet accessible, can control all traffic once compromised, have limited logging capabilities, and rarely receive security updates.
Burp suite
This document provides an overview of Burp Suite and how to use its features to perform vulnerability assessments. It discusses Burp Suite's key components like the proxy, scanner, intruder, repeater, collaborator, and extender. It also covers techniques like bypassing filters, server-side request forgery, XML external entities, and common vulnerabilities to target like open redirects, insufficient entropy, and insecure deserialization.
The ultimate guide for Elasticsearch plugins
This document discusses Elasticsearch plugins, including:
- The different types of plugins like analysis, scripting, and site plugins
- Integration points in Elasticsearch that can be extended by plugins
- Examples of plugins like custom analyzers and percolators
- Considerations for writing plugins like maintenance, versioning, and testing
- How to package and install plugins within Elasticsearch
Metasploitation part-1 (murtuja)
This document provides an overview of metasploitation and using the Metasploit framework. It discusses basics like vulnerabilities, exploits, payloads and encoders. It then covers using the msfconsole interface, exploit modules, auxiliary modules like scanners, databases integration, automation, client-side exploits, payload generation, backdooring files, Linux backdoors, Meterpreter, pivoting, and post-exploitation techniques. The document includes several screenshots and links resources for further information.
Python-Assisted Red-Teaming Operation
Slide yang kupresentasikan di PyCon 2019 (Surabaya, 23/11/2019)
Red-Teaming is a simulation of real world hacking against organization. It has little to no limit of time, location, and method to attack. Only results matter. This talk gives insight about how “hacker” works and how python can be used for sophisticated series of attack.
Honeypots for Active Defense
InfoSec analysts are all somewhat familiar with Honeypots. When they are given the proper attention, care and feeding, they produce invaluable information and can be a critical asset when it comes to defending the network. This intel has been primarily used by security researchers and organizations with advanced defensive capabilities to study their adversaries and learn from their actions. But what about the rest of us? Honeypots are a lot of work to configure, maintain, and monitor, right? Not exactly; when deployed and monitored properly, Honeypots and Honey Tokens are a simple way to alert on anomalous activity inside the network. But how can an organization that is not focused on research gain valuable threat intelligence using Honeypots and actively defend their network using indicators generated from an internal Honeynet?
The answer is Honeypots for Active Defense. There are currently many open source security tool distributions that come pre-loaded with Honeypots among other useful tools, however the Honeypot software is often not deployed in an effective manner. This session will discuss techniques to leverage Honeypots in ways that will not overburden the security team with massive logs to sift through and focuses efforts on correlating active threat data observed in the Honeypots with the production environment. When deploying Honeypots effectively, this can give security analysts one additional mechanism to tip them off to nefarious activity within their network before they become the next headline.
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
The process of penetration testing starts with the "Reconnaissance Phase". This phase, if performed carefully, always provides a winning situation. However, Often in the application security and bug bounty hunting, recon is mapped to finding some assets and uncovering hidden endpoints only & is somewhat under-utilized. Recon is the most crucial thing in application security and bug bounties which always keeps you separated from a competing crowd and gives easy wins.
In "Weaponizing Recon - Weaponizing Recon - Shamshing Applications for Security Vulnerabilities & Profit", will cover the deepest and most interesting recon methodologies to be one step ahead of your competition and how to utilize the tools and publicly available information to map your attack surface & maximize the profit. During the talk, we will cover:
1. Introduction to Recon
2. Basic Recon 101
3. Mapping Attack Surface with Basic Recon
4. Weaponizing Recon to Hit Attack Surface
5. Recon Hacks 101
6. Practical Offensive Recon
7. Automating Recon for Profit
8. Finding Vulnerabilities with Recon
9. Creating your own Recon Map
10. Practical Examples & Demonstrations
Apache Solr for TYPO3 what's new 2018
This document provides an overview of new features and changes in Apache Solr for TYPO3 in 2018. Key highlights include improved user experience in EXT:solr 8.0.0 with updated frontend markup, new suggest and facet features. Other extensions like EXT:solrfluidgrouping and EXT:solrmlt were updated to enhance related content and grouping capabilities. Future plans include additional extensions, TYPO3 9 compatibility, and migrating to the Solarium API for improved Solr integration.
BlueHat v18 || The matrix has you - protecting linux using deception
Ross Bevington, Microsoft
In ‘The Matrix’ sentient machines subdue the population by developing a highly sophisticated simulation. High interaction honeypots are a lot like The Matrix, designed to convince an attacker to execute an attack so we can monitor them. But these honeypots are flawed!
Attackers are continually adapting in order to evade our defenses - meaning that it’s often not enough to just set up a honeypot and watch the results roll in. Is a new approach better?
Did you know that 40% of IaaS VMs in Azure are Linux? For Microsoft to protect itself and its customers Linux is a priority.
At MSTIC we’ve developed a new type of Linux honeypot that allows us to deceive and control the behavior of an attacker. We are using this to understand the person behind the attack, examining them as they examine us. Using these techniques, we are able to better track the person behind the threat, build better protections and ultimately protect more Linux users - whether they are using Azure or not.
In this presentation I’ll show some of the successes of running a Matrix like environment, failures where a glitch was spotted as well as deception approaches that could be applied to other domains. Finally I’ll show how easy it is to leverage Azure’s big data capabilities to build and ultimately query all this data at scale as well as how you can immediately reap the benefits of this work by connecting your Linux box to Azure Security Center.
How to jump start a career in open source
It's not magic. It's not luck. It's not going to happen by itself, so what's the secret sauce? Understanding what makes a career in open source grow, what choices are crucial, and what actions accelerate or damage your open source future are sometimes hard to grasp. Learning to position, expand and grow your personal brand in the open source world is what this session provides. Be ready for your next step in open source. Join me for 30 minutes of power where you'll be given a clear and easy to use plan for jump starting your open source career immediately.
Youtube video link: https://youtu.be/-_ZgfmnL9bM
Slides Red Hat internal link: https://docs.google.com/presentation/d/1RQg7zfP4WsG76gfj_CmrBPGW6na49q72NgAJvxXaBs4
Automation Attacks At Scale
Automation attacks are currently plaguing organizations in industries ranging from financial to retail, to gaming & entertainment. These attacks exploit stolen credential leaks, black market & custom attack toolkits, and massively scalable infrastructure to launch widely distributed attacks that are extremely difficult to detect, let alone attribute. In this presentation we will inform the audience of the scale of this problem, discuss a detection methodology to counter these attacks, and walk through 3 real-world examples of how attackers created and monetized the distributed infrastructure they require to launch these attacks.
The_Pentester_Blueprint.pdf
This document provides an overview of becoming a penetration tester or pentester. It discusses Phillip Wylie's background and experience in information security. It defines pentesting and explains why organizations use pentesting for security assessments and regulatory compliance. It outlines the skills, knowledge, and mindset needed to become a pentester including technological knowledge, hacking skills, and developing a "hacker mindset". It provides recommendations for building a home lab, recommended reading, learning resources, certifications, and tips for getting pentester jobs.
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
This presentation part of Prisma CSI's Practical White Hat Hacker Training v1
PRISMA CSI • Cyber Security and Intelligence www.prismacsi.com
This document can be shared or used by quoted and used for commercial purposes, but can not be changed. Detailed information is available at https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode.
Hunting for the secrets in a cloud forest
Have you ever wonder if the access to your cloud kingdom is secure? Have you ever thought how cyber criminals are hunting for your secrets? How can you be sure that your secret is not "mistakenly" available to the public?
In my presentation I'm going to present you hackish methods used by cyber criminals to find access keys, credentials and other secrets in the public Internet. How can Shannon Entropy help you to do that? This is a presentation about my tool the DumpsterDiver (https://github.com/securing/DumpsterDiver) and the BucketScanner (https://github.com/securing/BucketScanner).
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
Have you ever wonder if the access to your cloud kingdom is secure? Have you ever thought how cyber criminals are hunting for your secrets? How can you be sure that your secret is not "mistakenly" available to the public? In my presentation I'm going to present you hackish methods used by cyber criminals to find access keys, credentials and other secrets in the public Internet. How can Shannon Entropy help you to do that? During the presentation, I'll release my own scanners to search AWS space and in the end I will demonstrate my own tool to analyse big amounts of data in search for sensitive data. Lots of demos, technical stuff and educating moral for unaware specialists in the end. It's gonna be fun!
Similar to RedHunt BlackHat US 2018 Arsenal - RedHunt OS (VM) (20)
Using Canary Honeypots for Network Security Monitoring
Using Canary Honeypots for Network Security Monitoring
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
Weaponizing Recon - Smashing Applications for Security Vulnerabilities & Profits
BlueHat v18 || The matrix has you - protecting linux using deception
BlueHat v18 || The matrix has you - protecting linux using deception
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
CONFidence 2018: Hunting for the secrets in a cloud forest (Paweł Rzepa)
Recently uploaded
Mind map of terminologies used in context of Generative AI
Mind map of common terms used in context of Generative AI.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
UiPath Test Automation using UiPath Test Suite series, part 6
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Full-RAG: A modern architecture for hyper-personalization
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Building Production Ready Search Pipelines with Spark and Milvus
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
How to Get CNIC Information System with Paksim Ga.pptx
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
20240609 QFM020 Irresponsible AI Reading List May 2024
Everything I found interesting about the irresponsible use of machine intelligence in May 2024
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
National Security Agency - NSA mobile device best practices
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Recently uploaded (20)
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
20240609 QFM020 Irresponsible AI Reading List May 2024
20240609 QFM020 Irresponsible AI Reading List May 2024
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
RedHunt BlackHat US 2018 Arsenal - RedHunt OS (VM)
- 1. http://redhuntlabs.com | @redhuntlabs RedHUNT OS - Adversary Emulation and Threat Hunting https://github.com/redhuntlabs/RedHunt-OS
- 2. # whoami • Just another Pen-tester with interest in OSINT and Threat HUNTing. • Associate Director @ NotSoSecure • 5+ Years of Experience • Co-Author ‘Hacking Web Intelligence’ • Co-Organizer ‘Recon Village’ @DEF CON • Twitter - @Sudhanshu_C • Email – sudhanshu@redhuntlabs.com
- 3. What’s RedHUNT OS? Attack Emulation • Caldera • Atomic Red Team • DumpsterFire • Metta • RTA • Nmap • CrackMapExec • MSF • Responder • Zap Logging and Monitoring • Kolide Fleet • ELK (Elasticsearch, Logstash, and Kibana) Stack Open Source Intelligence (OSINT) • Maltego • Recon-ng • Datasploit • theHarvestor Threat Intelligence • Yeti • Harpoon
- 4. What’s RedHUNT OS? • Virtual Machine for Adversary Emulation and Threat Hunting. • Based on Lubuntu-18.04 x64 bit. • Customized for Pen-testers / Blue Teamers / Threat Hunter. • Tool Categories: • Attack Emulation • Logging and Monitoring • Open Source Intelligence (OSINT) • Threat Intelligence
- 5. Why RedHUNT OS? • One-stop shop for Adversary Emulation and Threat HUNTing. • Can be used for Offensive as well as Defensive security. • Gives Red/Blue teamers capabilities to generate, collect, visualize and enrich attack data. • Makes it easier to consolidate attack information and analyze it.
- 6. • Download the latest OVA file from https://github.com/redhuntlabs/RedHunt-OS • Import the OVA in VirtualBox (default credential : hunter/hunter) Setting it up…
- 10. • Integrate Memory Forensics Frameworks • Integrate Data Analysis Frameworks • Tool documentation and usage guide Roadmap
- 11. • Help us in testing the OS • Expand: Write/Suggest additional tools • Give Feedback: Raise issues, tweet, drop an email. • Use/Promote/Write about the OS. • Write Threat Emulation and HUNTing blogs/OS walkthrough(s) etc. • Report issues at https://github.com/redhuntlabs/RedHunt-OS/issues How to Contribute
- 12. • Sudhanshu (@sudhanshu_c) • Kudos to • @anantshri for mentoring. • @upgoingstar for testing, feedbacks and suggestions. • @aggkunal for setup tweaks. Core Contributor
- 13. Thanks. g0t questions? https://github.com/redhuntlabs/RedHunt-OS Follow @redhuntlabs for news and updates. Tweet / DM to @redhuntlabs sudhanshu@redhuntlabs.com
Editor's Notes
- Problem statement solution