Fingerprinting with Spaghetti

In this tutorial I would like to introduce Spaghetti. Spaghetti is a cool project by m4ll0k on GitHub written in Python with less dependencies. The main idea behind Spaghetti is to find out fingerprints from Server, Web Frameworks, WAF, CMS, OS and languages. The following tutorial will show you how to set up and use spaghetti quickly and easily.

Requirements

  • Python (2.7.x)
  • Virtualenv

Prepare Project

Usage

Simple Vault introduction

Today a tiny introduction to Vault from HashiCorp. I will just show the simplest usage. But this will help to get a first idea of Vault and the features.

Requirements

Preparation

Start Vault Server

Copy Root Token value to clipboard!!!

Insomnia

Create new environment “vault” under “Manage Environments” and store here your URL as “base_url” and Root Token as “api_key”.

insomnia vault environment

Now we create 4 simple requests

insomnia requests

for all requests we add Header

insomnia header

For first URL (POST: Add new secret) we use “{{ base_url }}/secret/MyFirstSecret” and we add following body as JSON.

After send the key:value is stored inside Vault. You can modify the request (e.q. “{{ base_url }}/secret/MySecondSecret”) and send some more.

Our next request is to show all keys (GET: Get list of secret keys) “{{ base_url }}/secret?list=true”. The Preview will show similar output.

insomnia get vault keys

3rd request is to get the value from a specific key (GET: Get value of specific secret) “{{ base_url }}/secret/MySecret”.

insomnia get vault value

Last request is for delete (DEL: Delete specific secret) “{{ base_url }}/secret/MySecret”.

Tipp: if you lost the root token (Vault server is running) you can find the value!

Penetration testing report via Serpico

Penetration testing make fun but writing penetration testing reports is boring. When you start you will look for templates or software which supports you. Here comes Serpico into the game. Serpico is a collaboration and report generation tool. The best… it is open-source.

Usage via Docker

Now you can use Serpico in your favorite browser…

Login with created credentials (admin/test123) and create your reports. On Youtube is a good introduction. If you don’t have Microsoft Words installed, you can view your reports online.

 

Lunar – a UNIX security auditing tool

LUNAR is a open source UNIX security auditing tool written in Shell script. It offers the audit for various operating systems like Linux (RHEL, CentOS, Debian, Ubuntu), Solaris and Mac OS with less requirements. Services like Docker and AWS are also supported.

Download

Clone repository

Download via curl

Usage

The use is very easy…

Firewalld Rich Rules basics

This tutorial will help you to get started with the firewalld configuration. Basics on zones and rich rules are presented.

What we do

The shell provisioner will ensure that on all hosts firewalld and curl are installed. For “host_protected” the provisioner will install nginx for demo purposes, too. Furthermore, the firewall will configured on “host_protected”.

Every host has two interfaces NAT (enp0s3) and host-only (enp0s8). The provisioner will not touch the NAT interface (zone: public) rules! Only the host-only interface (zone: home) rules will modified!

Project

Here are all needed files…

Please add your values for box name/url!

Usage

Note: before you destroy the vagrant environment, have a look on zones xml files for “host_protected”!

TCP port scanner Brutescan

Brutescan is a fast and noisy TCP port scanner written in go.

Preparation

Configure go (for user)

Install brutescan

Usage/Examples

Tiny SSH audit

I wrote an bash script which makes the SSH server configuration audit a little bit easier. Here now an description for usage. The repository can found here.

Usage

The output is self-explanatory. If you need more details, just run following command.

Install and configure Fail2Ban on CentOS 7

This tutorial presents the minimum SSH protection on CentOS 7 by Fail2Ban (without e-mail).

Preparation

Configuration

Ready for startup

Check status

Example