Abriendo caminos: mayo 2020

viernes, 22 de mayo de 2020

$$$ Bug Bounty $$$

What is Bug Bounty ?

A bug bounty program, also called a vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for discovering and reporting software bugs. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of an organization's vulnerability management strategy.

Many software vendors and websites run bug bounty programs, paying out cash rewards to software security researchers and white hat hackers who report software vulnerabilities that have the potential to be exploited. Bug reports must document enough information for for the organization offering the bounty to be able to reproduce the vulnerability. Typically, payment amounts are commensurate with the size of the organization, the difficulty in hacking the system and how much impact on users a bug might have.

Mozilla paid out a $3,000 flat rate bounty for bugs that fit its criteria, while Facebook has given out as much as $20,000 for a single bug report. Google paid Chrome operating system bug reporters a combined $700,000 in 2012 and Microsoft paid UK researcher James Forshaw $100,000 for an attack vulnerability in Windows 8.1. In 2016, Apple announced rewards that max out at $200,000 for a flaw in the iOS secure boot firmware components and up to $50,000 for execution of arbitrary code with kernel privileges or unauthorized iCloud access.

While the use of ethical hackers to find bugs can be very effective, such programs can also be controversial. To limit potential risk, some organizations are offering closed bug bounty programs that require an invitation. Apple, for example, has limited bug bounty participation to few dozen researchers.

jueves, 21 de mayo de 2020

Lockdoor-Framework: A PenTesting Framework With Cyber Security Resources

About Lockdoor-Framework
Author: SofianeHamlaoui

Tested on: Kali Linux, Ubuntu, Arch Linux, Fedora, OpenSuse and Windows (Cygwin)

LockDoor is a Framework aimed at helping penetration testers, bug bounty hunters And cyber security engineers. This tool is designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. But containing the favorite and the most used tools by Pentesters. As pentesters, most of us has his personal ' /pentest/ ' directory so this Framework is helping you to build a perfect one. With all of that ! It automates the Pentesting process to help you do the job more quickly and easily.

Lockdoor-Framework installation:
For now, Lockdoor-Framework supports Debian-based Linux distros (Kali Linux, ParrotSec, Ubuntu...), Arch Linux based distros (Manjaro, BlackArch, ArchStrike...), Fedora, OpenSuse, Cygwin on Windows.

Open your Terminal and enter these commands:

You can watch detail here:

Lockdoor Tools contents 🛠️:
* Information Gathering 🔎:

dirsearch: A Web path scanner
brut3k1t: security-oriented bruteforce framework
gobuster: DNS and VHost busting tool written in Go
Enyx: an SNMP IPv6 Enumeration Tool
Goohak: Launchs Google Hacking Queries Against A Target Domain
Nasnum: The NAS Enumerator
Sublist3r: Fast subdomains enumeration tool for penetration testers
wafw00f: identify and fingerprint Web Application Firewall
Photon: ncredibly fast crawler designed for OSINT.
Raccoon: offensive security tool for reconnaissance and vulnerability scanning
DnsRecon: DNS Enumeration Script
Nmap: The famous security Scanner, Port Scanner, & Network Exploration Tool
sherlock: Find usernames across social networks
snmpwn: An SNMPv3 User Enumerator and Attack tool
Striker: an offensive information and vulnerability scanner.
theHarvester: E-mails, subdomains and names Harvester
URLextractor: Information gathering & website reconnaissance
denumerator.py: Enumerates list of subdomains
other: other Information gathering,recon and Enumeration scripts I collected somewhere.
ReconDog: Reconnaissance Swiss Army Knife
RED_HAWK: All in one tool for Information Gathering, Vulnerability Scanning and Crawling
Dracnmap: Info Gathering Framework

* Web Hacking 🌐:

Spaghetti: Spaghetti - Web Application Security Scanner
CMSmap: CMS scanner
BruteXSS: BruteXSS is a tool to find XSS vulnerabilities in web application
J-dorker: Website List grabber from Bing
droopescan: scanner, identify, CMSs, Drupal, Silverstripe.
Optiva: Web Application Scanner
V3n0M: Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
AtScan: Advanced dork Search & Mass Exploit Scanner
WPSeku: Wordpress Security Scanner
WPScan: A simple Wordpress scanner written in python
XSStrike: Most advanced XSS scanner.
SQLMap: automatic SQL injection and database takeover tool
WhatWeb: the Next generation web scanner
joomscan: Joomla Vulnerability Scanner Project
Dzjecter: Server checking Tool

* Privilege Escalation ⚠️:

Linux 🐧:linux_checksec.sh
linux_enum.sh
linux_gather_files.sh
linux_kernel_exploiter.pl
linux_privesc.py
linux_privesc.sh
linux_security_test
Linux_exploits folder
Windows : windows-privesc-check.py
windows-privesc-check.exe
MySql:raptor_udf.c
raptor_udf2.c

* Reverse Engineering ⚡:

Radare2: unix-like reverse engineering framework
VirtusTotal: VirusTotal tools
Miasm: Reverse engineering framework
Mirror: reverses the bytes of a file
DnSpy: .NET debugger and assembly
AngrIo: A python framework for analyzing binaries (Suggested by @Hamz-a)
DLLRunner: a smart DLL execution script for malware analysis in sandbox systems.
Fuzzy Server: a Program That Uses Pre-Made Spike Scripts to Attack VulnServer.
yara: a tool aimed at helping malware researchers toidentify and classify malware samples
Spike: a protocol fuzzer creation kit + audits
other: other scripts collected somewhere

* Exploitation ❗:

Findsploit: Find exploits in local and online databases instantly
Pompem: Exploit and Vulnerability Finder
rfix: Python tool that helps RFI exploitation.
InUrlBr: Advanced search in search engines
Burpsuite: Burp Suite for security testing & scanning.
linux-exploit-suggester2: Next-Generation Linux Kernel Exploit Suggester
other: other scripts I collected somewhere.

* Shells 🐚:

WebShells: BlackArch's Webshells Collection

ShellSum: A defense tool - detect web shells in local directories

Weevely: Weaponized web shell

python-pty-shells: Python PTY backdoors

* Password Attacks ✳️:

crunch : a wordlist generator

CeWL : a Custom Word List Generator

patator : a multi-purpose brute-forcer, with a modular design and a flexible usage

* Encryption - Decryption 🛡️:

Codetective: a tool to determine the crypto/encoding algorithm used
findmyhash: Python script to crack hashes using online services

* Social Engineering 🎭:

scythe: an accounts enumerator

Contributing:

Fork Lockdoor-Framework:
git clone https://github.com/SofianeHamlaoui/Lockdoor-Framework.git

Create your feature branch

Commit your changes

Push to the branch

Create a new Pull Request

Features 📙:

Pentesting Tools Selection 📙:

Tools ?: Lockdoor doesn't contain all pentesting tools (Added value) , let's be honest ! Who ever used all the Tools you find on all those Penetration Testing distributions ? Lockdoor contains only the favorite (Added value) and the most used toolsby Pentesters (Added value).
what Tools ?: the tools contains Lockdoor are a collection from the best tools (Added value) on Kali Linux, ParrotSec and BlackArch. Also some private tools (Added value) from some other hacking teams (Added value) like InurlBr, iran-cyber. Without forgeting some cool and amazing tools I found on Github made by some perfect human beigns (Added value).
Easy customization: Easily add/remove tools. (Added value)
Installation: You can install the tool automatically using the install.sh. Manually or on Docker [COMING SOON]

Resources and cheatsheets 📙 (Added value):

Resources: That's what makes Lockdoor Added value, Lockdoor Doesn't contain only tools! Pentesing and Security Assessment Findings Reports templates (Added value), Pentesting walkthrough examples and tempales (Added value) and more.
Cheatsheets: Everyone can forget something on processing or a tool use, or even some trciks. Here comes the Cheatsheets (Added value) role! there are cheatsheets about everything, every tool on the framework and any enumeration,exploitation and post-exploitation techniques.

Check the Wiki Pages to know more about the tool 📙:

Lockdoor Wiki page Home

Lockdoor Demos

Lockdoor Screenshots

Lockdoor-Framework's screenshots:

First Step

Lockdoor update

ROOT Menu

Information Gathering

Web Hacking

Exploitation

Reverse Engineering

Enc/Dec

Password Attacks

Shells

PrivEsc

Social Engineering

PSAFRT

Walkthroughs

About

Support the author:

On Paypal: Sofiane Hamlaoui

BTC Address:

Download Lockdoor-Framework

How Cybersecurity Enables Government, Health, EduTech Cope With COVID-19

The advent of the Covid-19 pandemic and the impact on our society has resulted in many dramatic changes to how people are traveling, interacting with each other, and collaborating at work. There are several trends taking place as a consequence of the outbreak, which has only continued to heighten the need for the tightest possible cybersecurity. Tools for Collaboration There has been a

via The Hacker News

Android SSHControl V1.0 Relased!!!

Hoy sabado 15, he subido al Market de Android la versión 1.0 de SSHControl, con nuevas funcionalades y la esperada opción "Custom Commands".

Esta aplicación permite controlar tus servidores linux, bsd y unix con solo un dedo, mediante esta app Android.
Y soluciona las siguientes problemáticas:
- Manejar una shell desde el pequeño teclado de un móvil es engorroso.
- Leer todos los resultados de un comando en la pantalla del móvil, nos dejamos la vista.

Esta app permite interactuar con servidores remotos simplemente haciendo pulsaciones en la pantalla, mediante un explorador de ficheros, de conexiones, etc..

Las funcionalidades nuevas de esta versión 1.0 son:

- Administración del Firewall Iptables.
- Opción de Custom Commands, tal como había prometido.

Las funcionalidades ya presentes en la v0.8 son:

- escalada a root mediante su y sudo
- gestor de procesos
- explorador de ficheros, editor de ficheros, editor de permisos.
- monitorización y baneo de conexiones
- Visualizadores de logs
- administrador de drivers
- estadisticas de disco

Para la versión 2.0 preveo:

- Escuchar música remota
- Descarga de ficheros (wget)
- Transferencia segura de ficheros entre servidores (scp)
- Gestures, para administrar los sitemas en plan minority report :)

App disponible en el market para 861 tipos de dispositivos y pronto disponible en tablets.

https://market.android.com/details?id=net.ssh.SSHControl

Cualquier sugerencia de mejora: sha0 [4t] badchecksum [d0t] net

Related posts

miércoles, 20 de mayo de 2020

OWASP May Connector 2019

OWASP
Connector

May 2019

Communications | Projects | Events | Community | Membership

COMMUNICATIONS

Letter from the Vice Chairman:

Dear OWASP Community,

Since last month the foundation has been busy working towards enabling our project leaders and community members to utilize funds to work on nurturing and developing projects. So far there has been huge uptake on this initiative. It's great to see so many people passionate about collaborating at project summits.

Our Global AppSec Tel-Aviv is nearly upon us, for members, there is an extra incentive for attending this conference, in the form of a significant discount. This and the sandy beaches and beautiful scenery, not to mention the great speakers and trainers we have lined up, is a great reason to attend. If you have not done so we would encourage you to attend this great conference - https://telaviv.appsecglobal.org.

One of the key things I've noticed in my Board of Director tenure is the passion our community emits, sometimes this passion aids in growing the foundation, but sometimes it also forces us to take a step back and look at how we do things within the foundation. With Mike, our ED and staff we have seen a lot of good change from an operations perspective, with more in the pipeline. Mike's appointment has allowed the Board of Directors to take a step back from operations and enable us to work on more strategic goals. To this end at a recent Board meeting we discussed each Board member taking up one of the following strategic goals, as set out at the start of the year:

1.Marketing the OWASP brand
2.Membership benefits
3.Developer outreach

Improve benefits
Decrease the possibility of OWASP losing relevance
Reaching out to management and Risk levels
Increase involvement in new tech/ ways of doing things – dev ops

4.Project focus

Get Universities involved
Practicum sponsored ideas
Internships

5.Improve finances
6.Improve OWAP/ Board of Directors Perception
7.Process improvement
8. Get consistent ED
9.Community empowerment

I would encourage the community to come forward if you have any ideas on the above and are happy to work with one of the 7 Board of Directors and community members on one of these initiatives.

Thanks and best wishes,
Owen Pendlebury
Vice Chair

OWASP FOUNDATION UPDATE FROM INTERIM EXECUTIVE DIRECTOR:

OWASP Foundation welcomes aboard Emily Berman as Events Director. Emily was most recently with the Scrum Alliance where she planned high-profile functions for upwards of 2,000 guests. Emily brings a fresh approach to events planning and her 12 years of experience planning and organizing large-scale events worldwide well in advance will greatly benefit our Global AppSecs.

Did you Register yet?

Global AppSec DC September 9-13, 2019
submit to the Call for Papers and Call for Training
Check out Sponsorship Opportunities while they are still available.

Save the Date for Global AppSec Amsterdam Sept 23-27, 2019
Sponsorship Opportunities are available

EVENTS

You may also be interested in one of our other affiliated events:

REGIONAL AND LOCAL EVENTS

Event	Date	Location
Latam Tour 2019	Starting April 4, 2019	Latin America
OWASP Portland Training Day	September 25, 2019	Portland, OR
OWASP Italy Day Udine 2019	September 27,2019	Udine, Italy
OWASP Portland Day	October 16,2019	Wroclaw, Poland
LASCON X	October 24-25,2019	Austin, TX
OWASP AppSec Day 2019	Oct 30 - Nov 1, 2019	Melbourne, Australia

PARTNER AND PROMOTIONAL EVENTS

Event	Date	Location
Open Security Summit	June 3-7,2019	Woburn Forest Center Parcs, Bedfordshire
Hack in Paris 2019	June 16-20, 2019	Paris
Cyber Security and Cloud Expo Europe	June 19-20, 2019	Amsterdam
IoT Tech Expo Europe	June 19-20, 2019	Amsterdam
BlackHat USA 2019	August 3-8,2019	Las Vegas, Nevada
DefCon 27	August 8-11,2019	Las Vegas, Nevada
it-sa-IT Security Expo and Congress	October 8-10, 2019	Germany

PROJECTS

We have had the following projects added to the OWASP inventory. Please congratulate these leaders and check out the work they have done:

Project	Type	Leader(s)
Risk Assessment Framework	Documentation	Ade Yoseman Putra, Rejah Rehim
QRLJacker	Tool	Mohammed Baset
Container Security Verification Standard	Documentation	Sven Vetsch
Find Security Bugs	Code	Philippe Arteau
Vulnerable Web Application	Code	Fatih Çelik
D4N155	Tool	Julio Pedro de Lira Neto
Jupiter	Tool	Matt Stanchek
Top 10 Card Game	Documentation	Dennis Johnson
Samurai WTF	Code	Kevin Johnson
DevSecOps Maturity Model	Documentation	Timo Pagel

Also, we will have the following projects presenting at the Project Showcase Global AppSec Tel Aviv:

Final Schedule
Wednesday, May 29th				Thursday, May 30th
Time	Project	Presenter(s)	Confirmed	Time	Project	Presenter(s)	Confirmed
10:45 a.m.	Glue Tool	Omer Levi Hevroni	Yes	10:30 a.m.	API Security	Erez Yalon, Inon Shkedy	Yes
			7

11:55 a.m.	IoT & Embedded AppSec	Aaron Guzman	Yes	11:50 a.m.	Mod Security Core Rule Set	Tin Zaw	Yes
				12:25 p.m.	Automated Threats	Tin Zaw	Yes
12:30 p.m. Lunch Break				12:55 p.m. Lunch Break
2:35 p.m.	SAMM	John DiLeo	Yes
3:10 p.m.	Application Security Curriculum	John DiLeo	Yes	3:10 p.m.	Damned Vulnerable Serveless Application	Tal Melamed	Yes

Finally, if you are able to help participate in the Project Reviews at the Conference, please send me an email at harold.blankenship@owasp.com. We have a large line-up of projects to review this time around:

Project	To Level	Leader(s)
Snakes and Ladders	Flagship	Katy Anton, Colin Watson
Cheat Sheet Series	Flagship	Dominique Righetto, Jim Manico
Mobile Security Testing Guide	Flagship	Jeroen Willemsen, Sven Schleier
Amass	Lab	Jeff Foley
Attack Surface Detector	Lab	Ken Prole
SecureTea	Lab	Ade Yoseman Putra, Bambang Rahmadi K.P, Rejah Rehim.A.A
Serverless Goat	Lab	Ory Segal

Google Summer of Code Update:
We were allocated 13 students this year! The current timeline is as follows:

Google Season of Docs:
We were accepted into the Google Season of Docs. There will be a single technical writer resource. The current timeline is as follows:

COMMUNITY

New OWASP Chapters
Riyadh, Saudi Arabia
Guayaquil, Equador
Lome, Togo
Natal, Brazil
Nashua, New Hampshire
Gwalior, India
Louisville, Kentucky
Nainital, India
Liverpool, United Kingdom
Syracuse, New York