nmap -sV --script vulners [--script-args mincvss=<arg_val>] <target>Thursday, September 19, 2019
Nmap as a vulnerability scanner
How do you discover vulnerabilities in your network? It is clear that some vulnerabilities (e.g., network design vulnerabilities) need more than a scanner to be identified. There are various commercial and free tools to scan your assets and determine if they are up-to-date and if they are properly configured. Nmap is one of those tools that can be used as a vulnerability scanner. The NSE (Nmap Scanning engine) provides various scripts to check operating systems, services and devices for a specific vulnerability. There are also scripts such as vulners which check the target against a number of vulnerabilities. According to the project page you can use it as follows:
Friday, September 13, 2019
OWASP API Security Top 10 Release Candidate
OWASP, the defacto reference for web applications security standards, has published information about Top 10 Release Candidate for API Security. From the official project page:
"By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs)."
The proposed domains are as follows:
A1: Broken Object Level Authorization
A2: Broken Authentication
A3: Excessive Data Exposure
A4: Lack of Resources & Rate Limiting
A5: Broken Function Level Authorization
A6: Mass Assignment
A7: Security Misconfiguration
A8: Injection
A9: Improper Assets Management
A10: Insufficient Logging & Monitoring
According to the project roadmap, the cheatsheet is expected to be published in 2019 Q4. These domains can be used to derive basic security requirements for API-based applications.
"By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs)."
The proposed domains are as follows:
A1: Broken Object Level Authorization
A2: Broken Authentication
A3: Excessive Data Exposure
A4: Lack of Resources & Rate Limiting
A5: Broken Function Level Authorization
A6: Mass Assignment
A7: Security Misconfiguration
A8: Injection
A9: Improper Assets Management
A10: Insufficient Logging & Monitoring
According to the project roadmap, the cheatsheet is expected to be published in 2019 Q4. These domains can be used to derive basic security requirements for API-based applications.
Tuesday, September 10, 2019
Open-source Network Intrusion Detection Systems
Network visibility is essential to security monitoring. You can not secure what you can not see or you are not aware of. In this sense, Network-based Intrusion Detection Systems (aka NIDS) help to identify and assess what is happening between network entities. Even by a simple signature-based IDS, you can receive useful information of what is happening behind your firewalls, for example, a vulnerable service which needs an update, or a compromised node that is generating malicious network traffic. Besides, NIDS is a valuable source of information for your SIEM and SOC.
For a long time, Snort was the only option for those wish to try an open-source IDS. I've worked with Snort years ago, and also used it in conjunction with Linux Iptables to build a NIPS. I also have experienced the Suricata NIDS. It is a great open-source IDS, especially when it is used with ELK stack. SELKS provides such a platform, in which you have the Suricata engine and ELKS to store logs, manage Suricata rules and enjoy built-in dashboards as well as create custom ones.
Now I want to try other open-source NIDS tools. A quick google search reveals these ones:
So it seems there are interesting options to try.
Subscribe to:
Comments (Atom)