Gauntlt: Go Ahead, Be Mean to your Code
-
Upload
james-wickett -
Category
Technology
-
view
791 -
download
0
description
Transcript of Gauntlt: Go Ahead, Be Mean to your Code
![Page 1: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/1.jpg)
Gauntlt: Go Ahead, Be Mean to Your Code
Tuesday, December 18, 12
![Page 2: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/2.jpg)
Would you vote for this talk as the best if...?
A. If its funny
B. If it useful to my job
C. Dude, I know you want to win the iPad, you are down to 4 min and 37 seconds, stop surveying and start talking!
Tuesday, December 18, 12
![Page 3: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/3.jpg)
@wickettSr. DevOps Engineer
Mentor Graphics, Embedded Software Division
CISSP, GWAPT, CCSK, GSEC, GCFW
gauntlt.org
Tuesday, December 18, 12
![Page 4: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/4.jpg)
A BRIEF HISTORY OF INFOSEC
Tuesday, December 18, 12
![Page 5: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/5.jpg)
WE HADCINEMA
Tuesday, December 18, 12
![Page 6: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/6.jpg)
WE MADE FREEPHONE CALLS
Tuesday, December 18, 12
![Page 7: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/7.jpg)
WE WERE COOL
Tuesday, December 18, 12
![Page 8: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/8.jpg)
WE COULDN’T STOP THEVIRUSES AND WORMS
Tuesday, December 18, 12
![Page 9: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/9.jpg)
INSTEAD OF ENGINEERING INFOSEC BECAME ACTUARIES
Tuesday, December 18, 12
![Page 10: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/10.jpg)
“[RISK ASSESSMENT] INTRODUCES A DANGEROUS FALLACY: THAT STRUCTURED INADEQUACY IS ALMOST AS GOOD AS ADEQUACY AND THAT UNDERFUNDED SECURITY EFFORTS PLUS RISK MANAGEMENT ARE ABOUT AS GOOD AS PROPERLY FUNDED SECURITY WORK” - MICHAL ZALEWSKI
Tuesday, December 18, 12
![Page 11: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/11.jpg)
“IS THIS SECURE?”-YOUR CUSTOMER
Tuesday, December 18, 12
![Page 12: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/12.jpg)
“ITS CERTIFIED”- YOU
Tuesday, December 18, 12
![Page 13: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/13.jpg)
Tuesday, December 18, 12
![Page 14: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/14.jpg)
NO PAIN, NO GAIN
Tuesday, December 18, 12
![Page 15: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/15.jpg)
Put your code through the Gauntlet
Tuesday, December 18, 12
![Page 16: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/16.jpg)
Your web app You
Put your code through the Gauntlet
Tuesday, December 18, 12
![Page 17: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/17.jpg)
Your web app
sslyze
fuzzers
nmap
curl
sqlmapgarmr
You
w3afgeneric
Put your code through the Gauntlet
Tuesday, December 18, 12
![Page 18: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/18.jpg)
GAUNTLT ALLOWS DEV AND OPS AND SECURITY TO
COMMUNICATE
Tuesday, December 18, 12
![Page 19: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/19.jpg)
$ gem install gauntlt
# download example attacks from github# customize the example attacks # now you can run gauntlt
$ gauntlt
# gauntlt looks for *.attack in its # directory
install gauntlt
Examples > https://github.com/thegauntlet/gauntlt/tree/master/examples
Tuesday, December 18, 12
![Page 20: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/20.jpg)
@slow
Feature: nmap attacks for example.com Background: Given "nmap" is installed And the following profile: | name | value | | hostname | example.com | | tcp_ping_ports | 22,25,80,443 |
Scenario: Verify server is open on expected ports When I launch an "nmap" attack with: """ nmap -F <hostname> """ Then the output should contain: """ 80/tcp open https """ Scenario: Verify that there are no unexpected ports open When I launch an "nmap" attack with: """ nmap -F <hostname> """ Then the output should not contain: """ 25/tcp """
nmap.attack
Tuesday, December 18, 12
![Page 21: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/21.jpg)
wickett$ gauntlt
@slowFeature: nmap attacks for example.com
Background: Given "nmap" is installed And the following profile: | name | value | | hostname | example.com | | tcp_ping_ports | 22,25,80,443 |
Scenario: Verify server is open on expected ports When I launch an "nmap" attack with: """ nmap -F www.example.com """ Then the output should contain: """ 443/tcp open https """
1 scenario (1 failed)5 steps (1 failed, 4 passed)0m18.341s
running gauntlt with failing tests
Tuesday, December 18, 12
![Page 22: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/22.jpg)
wickett$ gauntlt
@slowFeature: nmap attacks for example.com
Background: Given "nmap" is installed And the following profile: | name | value | | hostname | example.com | | tcp_ping_ports | 22,25,80,443 |
Scenario: Verify server is open on expected ports When I launch an "nmap" attack with: """ nmap -F www.example.com """ Then the output should contain: """ 443/tcp open https """
1 scenario (1 passed)5 steps (5 passed)0m18.341s
running gauntlt with passing tests
Tuesday, December 18, 12
![Page 23: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/23.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
Tuesday, December 18, 12
![Page 24: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/24.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
setup steps
Tuesday, December 18, 12
![Page 25: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/25.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
setup steps
verify tool
Tuesday, December 18, 12
![Page 26: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/26.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
setup steps
verify tool
set config
Tuesday, December 18, 12
![Page 27: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/27.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
Tuesday, December 18, 12
![Page 28: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/28.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
attack!
Tuesday, December 18, 12
![Page 29: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/29.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
attack!
env param
Tuesday, December 18, 12
![Page 30: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/30.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
attack!
env param
getconfig
Tuesday, December 18, 12
![Page 31: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/31.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
Tuesday, December 18, 12
![Page 32: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/32.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
assert
Tuesday, December 18, 12
![Page 33: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/33.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
assert
needle
Tuesday, December 18, 12
![Page 34: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/34.jpg)
Feature: Run sqlmap against a target
Scenario: Identify SQL injection vulnerabilities Given "sqlmap" is installed And the target URL is "http://localhost?id=1" When I launch a "sqlmap" attack with: """ python <sqlmap_path> -u <target_url> """ Then the output should contain: """ sqlmap identified the following injection points """
assert
needle
haystack
Tuesday, December 18, 12
![Page 35: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/35.jpg)
Given /^"sqlmap" is installed$/ do ensure_python_script_installed('sqlmap')end
When /^I launch an? "sqlmap" attack with:$/ do |command| sqlmap_path = path_to_python_script("sqlmap")
command.gsub!('<target_url>', target_url) command.gsub!('<sqlmap_path>', sqlmap_path) run commandend
Tuesday, December 18, 12
![Page 36: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/36.jpg)
Given /^"sqlmap" is installed$/ do ensure_python_script_installed('sqlmap')end
When /^I launch an? "sqlmap" attack with:$/ do |command| sqlmap_path = path_to_python_script("sqlmap")
command.gsub!('<target_url>', target_url) command.gsub!('<sqlmap_path>', sqlmap_path) run commandend
step definition
Tuesday, December 18, 12
![Page 37: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/37.jpg)
Given /^"sqlmap" is installed$/ do ensure_python_script_installed('sqlmap')end
When /^I launch an? "sqlmap" attack with:$/ do |command| sqlmap_path = path_to_python_script("sqlmap")
command.gsub!('<target_url>', target_url) command.gsub!('<sqlmap_path>', sqlmap_path) run commandend
step definition ruby
Tuesday, December 18, 12
![Page 38: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/38.jpg)
Given /^"sqlmap" is installed$/ do ensure_python_script_installed('sqlmap')end
When /^I launch an? "sqlmap" attack with:$/ do |command| sqlmap_path = path_to_python_script("sqlmap")
command.gsub!('<target_url>', target_url) command.gsub!('<sqlmap_path>', sqlmap_path) run commandend
Tuesday, December 18, 12
![Page 39: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/39.jpg)
Given /^"sqlmap" is installed$/ do ensure_python_script_installed('sqlmap')end
When /^I launch an? "sqlmap" attack with:$/ do |command| sqlmap_path = path_to_python_script("sqlmap")
command.gsub!('<target_url>', target_url) command.gsub!('<sqlmap_path>', sqlmap_path) run commandend
step definition
Tuesday, December 18, 12
![Page 40: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/40.jpg)
Given /^"sqlmap" is installed$/ do ensure_python_script_installed('sqlmap')end
When /^I launch an? "sqlmap" attack with:$/ do |command| sqlmap_path = path_to_python_script("sqlmap")
command.gsub!('<target_url>', target_url) command.gsub!('<sqlmap_path>', sqlmap_path) run commandend
step definition
execute
Tuesday, December 18, 12
![Page 41: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/41.jpg)
Supported Tools
• curl
• nmap
• sslyze
• sqlmap
• Garmr
• generic command line
Tuesday, December 18, 12
![Page 42: Gauntlt: Go Ahead, Be Mean to your Code](https://reader033.fdocuments.in/reader033/viewer/2022060108/554f4185b4c905423f8b4597/html5/thumbnails/42.jpg)
Try it yourself athttp://gauntlt.org/
with the new gauntlt video tutorial!
Tuesday, December 18, 12