Hacker workshop

Noter fra Hacker workshop

May 2015

Warning: post not ready to be read yet!!!

Tools

Tjekke servere mv. for sårbarheder /vulnarabilities Linux Kali: Metasploitable, Armitage Husk – du må ikke scanne ud i verden med mindre du har fået tilladelse!

  1. service postgresql start – console
  2. launch metaslpoit framework – menu
  3. armitage – from console
  4. gui is now launched.

Web scanner:

w3af_gui – Kali console. Scan fx. owasp_top10. mod et website. har kørt mod mit eget website…

Kali linux: apt-get update

Med virtualbox. To get guest additions to work: http://docs.kali.org/general-use/kali-linux-virtual-box-guest –> apt-get update && apt-get install -y linux-headers-$(uname -r)


IDS

https://en.wikipedia.org/wiki/Intrusion_detection_system

Suricata
Open Source IDS / IPS / NSM engine.
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF).

http://www.emergingthreats.net/

www.bro.com – kan bruges til at lave et IDS. Indbygget et antal scripts.

    • Logger. fx. dns traffik.
    • certifikat…

standard installation af bro. /usr/local/bro/


ELK: Elastic Logstash Kibane https://www.elastic.co/

Burp: (…)
koster penge. men prøveversion. http://portswigger.net/burp/



WebGoat
lab til at beskytte sine websites https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project http://overthewire.org/wargames/bandit/

http://webappsecmovies.sourceforge.net/webgoat/


Diverse links:

https://www.ripe.net/     . .

https://addons.mozilla.org/en-us/firefox/addon/tamper-data/

https://addons.mozilla.org/en-US/firefox/collections/yehgdotnet/webhacker/ – har ikke prøvet endnu.

http://www.kramse.org/home

http://webgoat.github.io/

https://www.whonix.org/Whonix is an operating system focused on anonymity, privacy and security. It’s based on the Tor anonymity network[1], Debian GNU/Linux[2] and security by isolation.



Navne: Edward Snowden, William Binney

Books

Advertisements
This entry was posted in security, sikkerhed and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s