open source security tool turbo talks
play

Open Source Security Tool Turbo Talks Wireshark Sharkfest 2011 - PowerPoint PPT Presentation

Sep 17, 2022 •166 likes •279 views

Insecure.Org Insecure.Org Open Source Security Tool Turbo Talks Wireshark Sharkfest 2011 Gordon Fyodor Lyon Nmap Security Scanner Project Tod Beardsley Metasploit Project (Rapid7) Thomas D'Otreppe Aircrack-ng Insecure.Org

  1. Insecure.Org Insecure.Org Open Source Security Tool Turbo Talks Wireshark Sharkfest 2011 Gordon “Fyodor” Lyon Nmap Security Scanner Project Tod Beardsley Metasploit Project (Rapid7) Thomas D'Otreppe Aircrack-ng

  2. Insecure.Org Insecure.Org Nmap Security Scanner

  3. Insecure.Org Insecure.Org Outline • Nmap Scripting Engine • IPv6 • Zenmap GUI • Nmap Suite • Final Notes & Q&A

  4. Insecure.Org Insecure.Org Nmap Scripting Engine # nmap -A -T4 www.wireshark.org [...] 21/tcp open ftp vsftpd 2.0.8 or later | ftp-anon: Anonymous FTP login allowed (FTP code 230) | drwxrwxr-x 3 ftp ftp 4096 Jun 07 17:37 osx | drwxrwxr-x 2 ftp ftp 36864 Jun 13 10:01 prerelease | drwxrwxr-x 3 ftp ftp 4096 Jun 07 17:35 src 22/tcp open ssh OpenSSH 5.3p1 Debian 3ubuntu6 (protocol 2.0) | ssh-hostkey: 1024 79:d7:cc:0c:8f:03:20:0d:75:39:09:7f:09:42:9c:25 (DSA) |_2048 1c:6a:6d:94:5e:9b:60:ac:7e:15:f9:c7:24:85:4b:42 (RSA) 80/tcp open http Apache httpd 2.2.14 ((Ubuntu)) | http-robots.txt: 3 disallowed entries |_/awstats/ /cgi-bin/ /mailman/ |_http-title: Wireshark · Go deep. 443/tcp open ssl/http Apache httpd 2.2.14 ((Ubuntu)) |_http-title: Wireshark · Go deep. | http-robots.txt: 3 disallowed entries |_/awstats/ /cgi-bin/ /mailman/

  5. Insecure.Org Insecure.Org Script Collection Growth 250 200 150 100 50 0 2007-1 2007-2 2008-1 2008-2 2009-1 2009-2 2010-1 2010-2 2011-1 2011-2

  6. Insecure.Org Insecure.Org IPv6 • Current status • World IPv6 Day Commemorative Release: http://bit.ly/nmapv6 • Future plans • Demo

  7. Insecure.Org Insecure.Org Zenmap GUI

  8. Insecure.Org Insecure.Org Ndiff # ndiff facebook-072410.xml facebook-072510.xml 69.63.176.68: PORT STATE SERVICE VERSION -80/tcp open http lighttpd 1.5.0 +80/tcp open http nginx video-ssl-03-06-ash1.fbcdn.net (69.63.186.53): PORT STATE SERVICE VERSION -443/tcp open ssl/http lighttpd 1.5.0 +443/tcp open ssl/http nginx legacymail.thefacebook.com (66.220.144.49): PORT STATE SERVICE VERSION 443/tcp open ssl/http Microsoft IIS httpd 6.0 | html-title: Document Moved -|_ Did not follow redirect to https://mail.thefacebook.com/exchange +|_ Did not follow redirect to https://mail.thefacebook.com/exchange/

  9. Insecure.Org Insecure.Org Ncat http://nmap.org/ncat/

  10. Insecure.Org Insecure.Org

  11. Insecure.Org Insecure.Org Resources: Download Nmap for free: http://nmap.org Contact me: fyodor@insecure.org Slides for this talk: http://nmap.org/presentations Questions?

Recommend

Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat

Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat

Trends in Open Source Security FOSDEM 2013 Florian Weimer fweimer@redhat.com Red Hat Product Security Team 2013-02-02 Overview Vulnerability tracking Tool-chain hardening Distribution-wide defect analysis 2 TRENDS IN OPEN

462 views • 31 slides
TURBO PARTS Technical Information Brochure www.meat-doria.com TURBO TURBO introduction As the

TURBO PARTS Technical Information Brochure www.meat-doria.com TURBO TURBO introduction As the

TURBO PARTS Technical Information Brochure www.meat-doria.com TURBO TURBO introduction As the number of modern turbo diesel vehicles in circulation grows and manufacturers turn into small turbocharged gasoline engines, the so-called

634 views • 14 slides
How to run Linux on RISC-V with open hardware and open source FPGA tools FOSDEM (2020-02-02)

How to run Linux on RISC-V with open hardware and open source FPGA tools FOSDEM (2020-02-02)

Slides: https://github.com/pdp7/talks/blob/master/fosdem20.pdf How to run Linux on RISC-V with open hardware and open source FPGA tools FOSDEM (2020-02-02) Drew Fustini drew@oshpark.com Twitter: @pdp7 Open Source Hardware designer at OSH

1.02k views • 82 slides
Automating the Development of Information Systems with the MOSKitt Open Source Tool Vicente

Automating the Development of Information Systems with the MOSKitt Open Source Tool Vicente

http://www.moskitt.org Automating the Development of Information Systems with the MOSKitt Open Source Tool Vicente Pelechano Universidad Politcnica de Valencia viernes 18 de mayo de 12 Content PART I: About the Project and the Tool

1.07k views • 80 slides
An Open Source tool helps a global community of professionals

An Open Source tool helps a global community of professionals

An Open Source tool helps a global community of professionals shift from traditional contacts and annual meetings to continuous interaction on the web

505 views • 37 slides
Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
Adventures in Open Source Software: Dealing with Security Life in the pkgsrc security team By

Adventures in Open Source Software: Dealing with Security Life in the pkgsrc security team By

Adventures in Open Source Software: Dealing with Security Life in the pkgsrc security team By Sevan Janiyan What is pkgsrc Cross platform packaging system 23 listed platforms in 2015Q3 release notes Strive to keep local changes minimal

563 views • 44 slides
Here's where we are with open source security and here's what we need to do about it Nicko

Here's where we are with open source security and here's what we need to do about it Nicko

Here's where we are with open source security and here's what we need to do about it Nicko van Someren, Core Infrastructure Initiative 2014 was a bad year for FOSS security The Linux Foundation created the Core Infrastructure Initiative

931 views • 25 slides
LCT: An Open Source Concolic Testing Tool for Java Programs Kari Khknen, Tuomas Launiainen,

LCT: An Open Source Concolic Testing Tool for Java Programs Kari Khknen, Tuomas Launiainen,

LCT: An Open Source Concolic Testing Tool for Java Programs Kari Khknen, Tuomas Launiainen, Olli Saarikivi, Janne Kauttio, Keijo Heljanko and Ilkka Niemel BYTECODE 2011 Overview Concolic Testing Tool Overview Experiments

395 views • 13 slides
A web-based open-source geoinformation tool for regional water resources assessment Susanna

A web-based open-source geoinformation tool for regional water resources assessment Susanna

A web-based open-source geoinformation tool for regional water resources assessment Susanna Grasso, Pierluigi Claps, Daniele Ganora, Andrea Libertino Politecnico di Torino Department of Environment, Land and Infrastructure Engineering 3rd

408 views • 20 slides
An Open-Source Tool for Automated Generation of Black-box xUnit Test Code and its Industrial

An Open-Source Tool for Automated Generation of Black-box xUnit Test Code and its Industrial

An Open-Source Tool for Automated Generation of Black-box xUnit Test Code and its Industrial Evaluation Christian Wiederseiner, Shahnewaz A. Jolly Matt M. Eskandar Vahid Garousi MR Control Systems International Inc., Calgary, Software

294 views • 17 slides
OpenSoC Fabric An open source, parameterized, CoDEx CoD Ex network generation tool Farzad

OpenSoC Fabric An open source, parameterized, CoDEx CoD Ex network generation tool Farzad

OpenSoC Fabric An open source, parameterized, CoDEx CoD Ex network generation tool Farzad Fatollahi-Fard, Dave Donofrio, George Michelogiannakis, John Shalf 8th International Symposium on Networks-on-Chip (NOCS) September 17-19, 2014. Ferrara,

1.1k views • 83 slides
An Open-Source Library and Tool for AMR Graphs Michael Wayne Goodman Nanyang Technological

An Open-Source Library and Tool for AMR Graphs Michael Wayne Goodman Nanyang Technological

An Open-Source Library and Tool for AMR Graphs Michael Wayne Goodman Nanyang Technological University Introduction If you work with Abstract Meaning Representation, consider the Penman package for both Python and command-line usage: Reads

339 views • 19 slides
TURBO PARTS Technical Information Brochure www.hoffer-products.com TURBO introduction As the

TURBO PARTS Technical Information Brochure www.hoffer-products.com TURBO introduction As the

TURBO PARTS Technical Information Brochure www.hoffer-products.com TURBO introduction As the number of modern turbo diesel vehicles in circulation grows and manufacturers turn into small turbocharged gasoline engines, the so-called DOWNSIZING,

262 views • 14 slides
Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open

Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open

Open Source HDL Synthesis and Verification with Yosys Clifford Wolf Abstract Yosys (Yosys Open Synthesis Suite) is an open source project aiming at creating a fully-featured HDL synthesis tool, and more. Lately a lot of features related to

302 views • 28 slides
Raising The Security Bar with Guardr Mediacurrent Mark Shropshire Open Source Security Lead

Raising The Security Bar with Guardr Mediacurrent Mark Shropshire Open Source Security Lead

Raising The Security Bar with Guardr Mediacurrent Mark Shropshire Open Source Security Lead Mark is the lead maintainer of Guardr, a suite of modules predicated around Drupal security. He is passionate about architecting systems to solve

812 views • 38 slides
Web Security CSP and Web Cryptography Habib Virji Samsung Open Source Group

Web Security CSP and Web Cryptography Habib Virji Samsung Open Source Group

Web Security CSP and Web Cryptography Habib Virji Samsung Open Source Group habib.virji@samsung.com FOSDEM 2015 Agenda Why Web Security Cross site scripting Content security policy (CSP) CSP Directives and reporting

718 views • 44 slides
Applications & Tools Demo Technology Open-source, text-mining tool.

Applications & Tools Demo Technology Open-source, text-mining tool.

Applications & Tools Demo Technology Open-source, text-mining tool. Machine Learning Made Easy (We shall see) Technology Applied Writing support for students and

371 views • 19 slides
an Open Source MATLAB- Based Optimization Tool By Amila Tharaperiya Gamage Winter 2012 1

an Open Source MATLAB- Based Optimization Tool By Amila Tharaperiya Gamage Winter 2012 1

CVX an Open Source MATLAB- Based Optimization Tool By Amila Tharaperiya Gamage Winter 2012 1 About CVX CVX is an open source MATLAB-based modeling tool. The optimization problem has to be a convex optimization problem. E.g.,

321 views • 11 slides
OSSAMS Open Source Security Assessment Management System

OSSAMS Open Source Security Assessment Management System

OSSAMS Open Source Security Assessment Management System System Overview Purpose To provide a framework for security assessors to correlate and

438 views • 12 slides
Chips4Makers Toolchain Is an ASIC made with fully open source tool chain possible ? Is it

Chips4Makers Toolchain Is an ASIC made with fully open source tool chain possible ? Is it

Chips4Makers Toolchain Is an ASIC made with fully open source tool chain possible ? Is it affordable ? Staf Verhaegen Overview Chips want to be free I have a dream Pilot Project: Retro-uC ASIC toolchain PCB toolchain

370 views • 25 slides
Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and

Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and

The State of Open Source Databases Peter Zaitsev, CEO Percona What a Year! Huge changes for Open Source and Open Source databases RedHat Acquired by IBM Image Source: https://techcrunch.com/story/ibm-acquires-red-hat/ Open Source

663 views • 29 slides
Hassle Free Security Automation with Free and Open Source tools Anderson Dadario

Hassle Free Security Automation with Free and Open Source tools Anderson Dadario

Hassle Free Security Automation with Free and Open Source tools Anderson Dadario https://dadario.com.br - - - - - - - - - - - - - - Source: https://blog.ripstech.com/2016/the-state-of-wordpress-security/ [1] Source:

752 views • 71 slides
Hector Open Source Security Intelligence Platform University of Pennsylvania School of Arts &

Hector Open Source Security Intelligence Platform University of Pennsylvania School of Arts &

Hector Open Source Security Intelligence Platform University of Pennsylvania School of Arts & Sciences Ubani A Balogun & Justin Klein Keane Security Intelligence HECTOR was developed out of a desire to leverage security

751 views • 25 slides

More recommend