Termux ID: Reporting

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans.
On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or when their output changes.
Seccubus 2.x is the only actively developed and maintained branch and all support for Seccubus V1 has officially been dropped.

Seccubus V2 works with the following scanners:

Nessus
OpenVAS
Skipfish
Medusa (local and remote)
Nikto (local and remote)
NMap (local and remote)
OWASP-ZAP (local and remote)
SSLyze
Medusa
Qualys SSL labs
testssl.sh (local and remote)

For more information visit [www.seccubus.com]

Seccubus Docker container

Usage

Running a full stack (db/app/frontend) in a single container. And get an interactive shell

docker run -it seccubus/seccubus /bin/bash

By default the container holds a mysql server that runs and stores data locally. If you want data persistency there are two options:
Connect the container to a remote mysql/MariaDB database with environment viariables:

docker run -ti seccubus/seccubus -e DBHOST=dns.name.of.db.host \
-e DBPOSRT=3306 \
-e DBNAME=name.of.database \
-e DBUSER=db.username \
-e DBPASS=password \
/bin/bash

Or, mount a data volume with a db directory on it

mkdir data
mmdir data/db
docker run -it seccubus/seccubus -v ($pwd)/data:/opt/seccubus/data /bin/bash

Please be aware that you can only run one container at a time if you mount a local directory on /var/lib/mysql.

Running a scan
Run the following command to start the scan 'ssllabs' in workspace 'Example' (this workspace is created by default if you use the local mysql database)

docker run -ti seccubus/seccubus scan Example ssllabs

Please be aware that you need soem data persistency here or the data will be stored in a local database that will be deleted whent he container terminates

Running a scheduler
You can run a docker container as a scheduler. This will make it run cron and allow your crontab to execute scans.You can populate the crontab by either placing a file called crontab in the /opt/seccubus/data volume or puting the lines of you crontab in evironement variables starting with CRON_

docker run -e "STACK=cron" -e "CRON_1=* 0 * * * bin/do-scan -w Example -s ssllabs" -ti seccubus/seccubus

This will spin up a container that executes scan ssllabs from workspace Example at midnight every night.
You can set the TZ vairable to control the timezone.

Controlling TLS certificates
The Seccubus container is TLS enabled by default. The environment variable TLS controls this behaviour. Of it is set to anything other then yes, TLS is turned off.
There are three ways to control the certificate:

Do nothing : Self signed certificates will be generated for you
Populate the variables TLSCERT and TLSKEY : The contents will be placed in /opt/seccubus/data/seccubus.pem and /opt/seccubus/data/seccubus.key and used
Put the certificates in the files seccubus.pem and seccubus.key on a data volume and mount it on /opt/seccubus/data

Show this help message

docker run -ti seccubus/seccubus help

Default command
If you don't specify a command to docker run

docker run seccubus/seccubus

The web server access log and error log will be tailed to the screen.

Other options
You can set the following environment variables:

STACK - Determines which part of the stack is run
- full - Run everything
- front - Start apache to serve the html/javascript frontend (this requires that the APIURL variable is set too)
- api - Start apache to serve the json api at / (starts MariaDB too if required)
- web - Start apache to serve both the html/javascript frontend and the json
- perl - Do not start apache, just use this container as an perl backend
DBHOST, DBPORT, DBNAME, DBUSER, DBPASS - Database connection parameters
- If DBHOST/DBPORT are set to 127.0.0.1/3306 the local MariaDB instance is started
APIURL - Path to the API url
- Set this if your set STACK to front to redirect the API calls to an alternative relative or absolute URL.
BASEURI - Base URI for seccubus
- Server the application at the value provided
SMTPSERVER - IP address or host name of an SMTP server to be used for notifications
SMTPFROM - From address used in notifications
TICKETURL_HEAD/TICKETURL_TAIL - If these are set ticket numberrs will be linked to this URL
- E.g. TICKERURL_HEAD = https://jira.example.com/projects/SECC/issues/
- TICKERURL_TAIL = ?filter=allopenissues
- Ticket SECC-666 would be linked to https://jira.example.com/projects/SECC/issues/SECC-666?filter=allopenissues
SSHKEY1, SSHKEY2, SSHKEY3 .. SSHKEY9
- The content of this environment variable will stored in the file /opt/seccubus/.ssh/SSHKEY1 etc.
- You can use this mechanism to provide ssh keys that are used to start remote scans
HTTP_AUTH_HEADER - Set the http authentication header
- If you are using something like OpenAM to authenticate your users, this allows you to set which http request header contains the user that OpenAM detected
TZ - Set the timezone of the container
TLS - Controls TLS behaviour yes means TLS is on, otherwise TLS is off. TLS is on by default.
JIT_GROUP - Controls JIT provisioning of users
CRON_MAIL_TO - Mail cron messages to this addres
CRON_* - Add these lines to crontab in alphabetical order

Download Seccubus

Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis

Admin Friday, October 20, 2017

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device.

The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida.

Note: This is not some form of jailbreak / root bypass. By using objection, you are still limited by all of the restrictions imposed by the applicable sandbox you are facing.

features

Supporting both iOS and Android and having new features and improvements added regularly as the tool is used in real world scenarios, the following is a short list of only a few key features:

For all supported platforms, objection allows you to:

Patch iOS and Android applications, embedding a Frida gadget that can be used with objection or just Frida itself.
Interact with the filesystem, listing entries as well as upload & download files where permitted.
Perform various memory related tasks, such as listing loaded modules and their respective exports.
Attempt to bypass and simulate jailbroken or rooted environments.
Discover loaded classes and list their respective methods.
Perform common SSL pinning bypasses.
Dynamically dump arguments from methods called as you use the target application.
Interact with SQLite databases inline without the need to download the targeted database and use an external tool.
Execute custom Frida scripts.

iOS specific features in objection include the ability to:

Dump the iOS keychain, and export it to a file.
Dump data from common storage such as NSUserDefaults and the shared NSHTTPCookieStorage.
Dump various formats of information in human readable forms.
Bypass certain forms of TouchID restrictions.
Watch for method executions by targeting all methods in a class, or just a single method.
Monitor the iOS pasteboard.
Dump encoded .plist files in a human readable format without relying on external parsers.

Android specific features in objection include the ability to:

List the applications Activities, Services and Broadcast receivers.
Start arbitrary Activities available in the target application.
Watch a class method, reporting execution as it happens.

screenshots
The following screenshots show the main objection repl, connected to a test application on both an iPad running iOS 10.2.1, and Samsung Galaxy S5 running Android 6.

A file system listing of the iOS applications main bundle

A file system listing of the Android applications bundle

iOS Keychain dumped for the current application, and later written to a file called keychain.json

Inline SQLite query tool

SSL Pinning bypass running for an iOS application

SSL Pinning bypass running for an Android application

sample usage
A sample session, where objection version 0.1 is used to explore the applications environment. Newer versions have the REPL prompt set to the current applications name, however usage has remained the same:

prerequisites
To run objection, all you need is the python3 interpreter to be available. Installation via pip should take care of all of the dependencies needed. For more details, please see the prerequisites section on the project wiki.
As for the target mobile applications though, for iOS, an unencrypted IPA is needed and Android just the normal APK should be fine. If you have the source code of the iOS application you want to explore, then you can simply embed and load the FridaGadget.dylib from within the Xcode project.

installation
Installation is simply a matter of pip3 install objection. This will give you the objection command.
For more detailed update and installation instructions, please refer to the wiki page here.

Download objection

Android Database iOS iPad Jailbreak objection Python3 Reporting Runtime Samsung Sandbox SQLite

objection - Runtime Mobile Exploration

Admin Friday, October 20, 2017

Dradis is an open-source collaboration framework, tailored to InfoSec teams.

Goals

Share the information effectively.
Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems.
Flexible: with a powerful and simple extensions interface.
Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS).

Some of the features:

Platform independent
Markup support for the notes: text styles, code blocks, images, links, etc.
Integration with existing systems and tools:

Editions
There are two editions of Dradis Framework:

Dradis Framework Community Edition (CE): open-source and available freely under the GPLv2 license.
Dradis Framework Professional Edition (Pro): includes extra features that are more useful for organizations dealing with bigger teams and multiple projects at a time. To use Pro and get official support please become a subscriber.

Getting started: Community Edition

Git release (recommended)

$ git clone https://github.com/dradis/dradis-ce.git
$ cd dradis-ce/
$ ruby bin/setup
$ bundle exec rails server

You can browse to the app at http://localhost:3000/

Using Vagrant
If you'd like to use dradis in Vagrant, you can use the included Vagrantfile.

# Clone the repo
git clone https://github.com/dradis/dradis-ce.git

# install/start the vagrant box
vagrant up
# ssh into the box
vagrant ssh

# install ruby in the vagrant box
cd /dradis/dradis-ce
rvm install "$(cat .ruby-version)"


# Then you can proceed with standard setup from within Vagrant
ruby bin/setup
# You'll need to tell the server to bind to 0.0.0.0 for port forwarding:
bundle exec rails server -b 0.0.0.0

Stable release
In https://dradisframework.com/ce/download.html you will find the latest packages.

Getting help

http://dradisframework.org/
Community Forums
Slack channel
IRC: #dradis irc.freenode.org

Download Dradis Framework

Dradis Dradis Framework Framework GNU Linux Mac Python Reporting Ruby Ruby on Rails Security SSH Wrapper

Dradis Framework - Collaboration and reporting for IT Security teams

Admin Wednesday, October 4, 2017

Halaman

Social Items

Termux ID

Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis

objection - Runtime Mobile Exploration

Dradis Framework - Collaboration and reporting for IT Security teams