OpenSourceSecurityTools - UPDATED

Editor's Notes

• #3: Add a key-takeaways slide and a conclusion slide
• #6: Low hanging fruits – very simple vulnerabilities which can be easy to fix but can have disastrous consequences. Requires lower set skills by a malicious user to exploit. Open source advantages: They are FREE! Exploits contributions from all around Flexibility Community support Documentation
• #8: Scanners have the capability to cause disruption. It is safer to run these tools in dev rather than prod. Or configuration must match what the prod can handle (?) We have tuned these scanners to run on prod. Type of vulns found: bad network configurations such as an open telnet port on the main server unpatched host OS and libraries with known exploits data leakage from back end by methods such as brute forcing
• #9: First screen you add a “Task” which is basically a scan that you want to run in next few steps you configure the scan or Task
• #10: Scanners have the capability to cause disruption. It is safer to run these tools in dev rather than prod. Or configuration must match what the prod can handle (?) We have tuned these scanners to run on prod. Choose the configuration wisely If in doubt it is always safe to go easy
• #11: Specify targets – it could be just one web server that is supporting your app or multiple ones
• #12: Once the task is added, you can start the scan by clicking the Play button
• #13: You can track the progress as the scan finishes
• #14: The report variety range from very executive to very techincal type of report can be selected depending on the needs
• #15: Reports are breakdown of individual hosts or vulnerabilities most of these tools offer recommendations on fixing the vulnerabilities found a word of caution here: these recomms are VERY generic taking these recommendation more as a guideline to fix the vulnerability than the fix itself is a safe option
• #16: Talk a little OWASP Open Web Application Security Project (or OWASP for short). The Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. very well contributed organisation Vulns found: web application vunerabilities like XSS, SQLi, CSRF, bad cookie handling such as no secure flag bad session handling All these are generally easy to fix but difficult to spot
• #17: A small demo Enter the URL of your web application (point and attack) Highly customizable – plugins can be written
• #18: Decompiles Android apps to raw source code No rooted device needed Vulns it finds: old unsupported api versions with known exploits activites that can leak data tapjacking - Like ClickJacking on the web, TapJackingoccurs when a malicious application displays a fake user interface that seems like it can be interacted with, but actually passes interaction events such as finger taps to a hidden user interface behind it.
• #19: I will leave the full video available for a more step by step instruction and walk through Due to time contraints I will be skipping some sections here though. Launch and selecting the apk – 0:00 to 0:06 Decompiling the apk – 0:36 Performing basic vulnerability checks - 2:57 Basic report that is generate – 5:28
• #20: Jailbroken device needed!!!!
• #21: The "show modules" command can be used to list all the modules currently available in the framework.
• #22: Once selected, the "info" command can be used to show details of a particular module. Very similar to metasploit 
• #23: When all the options are set as preferred, the "run" command can be used to start the module's execution. If a target app has not been selected yet (with the global option "TARGET_APP" still unset), Needle will first launch a wizard that will help the user in selecting a target.