Security.md

Security

Auditing

Automatic Linux auditing (blue team)

sudo apt install -y lynis
sudo lynis audit system

• Automated security auditing
• Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
• Vulnerability detection
• Configuration and asset management
• Software patch management
• System hardening
• Penetration testing (privilege escalation)
• Intrusion detection

Audiences

• System administrators
• Auditors
• Security professionals

Repo

Vuls: Automatic vulnerability lookup

Repo

Scan

• Host install Download scripts from linked repo!!

• Vulsctl

• Manual install

• Docker install

• Also install with Anisble and other methods.

Networking

IP Spoofing w/ iptables

Quizá fuese posible posible recuperar las respuestas por medio de ARP spoofing en LAN. Además, sería necesario otra regla de iptables de forward para rebotar a localhost las tramas destinadas a la IP falsificada.

Address Spoofing with iptables in Linux

Security testing w/ JMeter

Different testing techniques with Apache JMeter.

• Site Spidering
• Regular Expression Extractor
• XPath Extractor
• CSS/JQuery Extractor
• HTML Link Parser
• Fuzzing
• DDoS

Blazemeter - How To Do Security Testing With JMeter

Injection

Bash protection against injection

Interestingly, it does not use a blocklist, instead, it cleverly greps out the path.

Read here Sanitize user input User input validation

Shell script security

Apple's Guide to shell script security

Advanced shell scripting guide

Read here

Logging

Automatic scan for logs:

sudo apt install logcheck
sudo -u logcheck logcheck -o -t

System

Check dependencies and packages (good practice)

sudo apt-cache show [PACKAGE_NAME]

Audit

System audit

Msfvenom

Msfvenom can be used to export Metasploits' payloads.

• In the following cheatsheet, we can find binaries and payload examples for meterpreter and other reverse shells.

  MSFVenom Reverse shell payloads

• In this other article, we can find some parameters to adjust the formats and platforms for the exported payloads

  MSFVenom cheatsheet: Windows Exploitation

• This other article analyzes metasploit shellcodes at low level

  A look at Metasploit's Shellcodes

Shellcode to assembly / binary to ASM

How to convert shellcode to readable assembly code/instructions?

Cryptography

Cipher files with OpenSSL

openssl enc -cipher [-help] [-ciphers] [-in filename] [-out filename] [-pass arg] [-e] [-d] [-a] [-base64] [-A] [-k password] [-kfile filename] [-K key] [-iv IV] [-S salt] [-salt] [-nosalt] [-z] [-md digest] [-iter count] [-pbkdf2] [-p] [-P] [-bufsize number] [-nopad] [-debug] [-none] [-rand file...] [-writerand file] [-engine id]

Example

openssl enc -aes-256-cbc -md sha512 -pbkdf2 -iter 1000000 -salt -in InputFilePath -out OutputFilePath

Decryption is issued simply by adding -d switch to the end of the original command-line.

Read here

Miscellaneous

Docker Daemon Attack Surface

Read here