Android Security - Attacks and Defenses

Book Description:

Android Security: Attacks and Defenses is for anyone interested in learning about the strengths and weaknesses of the Android platform from a security perspective. Starting with an introduction to Android OS architecture and application programming, it will help readers get up to speed on the basics of the Android platform and its security issues.

Explaining the Android security model and architecture, the book describes Android permissions, including Manifest permissions, to help readers analyze applications and understand permission requirements. It also rates the Android permissions based on security implications and covers JEB Decompiler.

The authors describe how to write Android bots in JAVA and how to use reversing tools to decompile any Android application. They also cover the Android file system, including import directories and files, so readers can perform basic forensic analysis on file system and SD cards. The book includes access to a wealth of resources on its website: www.androidinsecurity.com. It explains how to crack SecureApp.apk discussed in the text and also makes the application available on its site.

The book includes coverage of advanced topics such as reverse engineering and forensics, mobile device pen-testing methodology, malware analysis, secure coding, and hardening guidelines for Android. It also explains how to analyze security implications for Android mobile devices/applications and incorporate them into enterprise SDLC processes.

The book’s site includes a resource section where readers can access downloads for applications, tools created by users, and sample applications created by the authors under the Resource section. Readers can easily download the files and use them in conjunction with the text, wherever needed. Visit www.androidinsecurity.com for more information.





Source: allitebooks

By Offensive Sec

Read More

Data Analysis For Network Cyber-Security

Book Description:

There is increasing pressure to protect computer networks against unauthorized intrusion, and some work in this area is concerned with engineering systems that are robust to attack. However, no system can be made invulnerable. Data Analysis for Network Cyber-Security focuses on monitoring and analyzing network traffic data, with the intention of preventing, or quickly identifying, malicious activity.
Such work involves the intersection of statistics, data mining and computer science. Fundamentally, network traffic is relational, embodying a link between devices. As such, graph analysis approaches are a natural candidate. However, such methods do not scale well to the demands of real problems, and the critical aspect of the timing of communications events is not accounted for in these approaches.

This book gathers papers from leading researchers to provide both background to the problems and a description of cutting-edge methodology. The contributors are from diverse institutions and areas of expertise and were brought together at a workshop held at the University of Bristol in March 2013 to address the issues of network cyber security. The workshop was supported by the Heilbronn Institute for Mathematical Research.

Readership: Researchers and graduate students in the fields of network traffic data analysis and network cyber security.





Source: allitebooks

By Offensive Sec

Read More

Engineering Secure Software and Systems

Book Description:

This book constitutes the refereed proceedings of the 7th International Symposium on Engineering Secure Software and Systems, ESSoS 2015, held in Milan, Italy, in March 2015. The 11 full papers presented together with 5 short papers were carefully reviewed and selected from 41 submissions. The symposium features the following topics: formal methods; cloud passwords; machine learning; measurements ontologies; and access control.




Source: allitebooks

By Offensive Sec

Read More

That's how we will resume the Internet - Edward Snowden

Through a telepresence robot, Edward Snowden speaks at TED2014 on surveillance and Internet freedom. The right to data privacy, he suggests, is not a partisan issue, but requires a fundamental reassessment of the role of the internet in our lives and the laws that protect it . "Your rights are important," he says, "because you never know when you 'll need them."Chris Anderson interview with special guest Tim Berners -Lee.

By OffensiveSec

Read More

Automated Tool for Testing in Vulnerable Routers - RouterhunterBR 2.0

The RouterhunterBR is an automated security tool que finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. The RouterhunterBR was designed to run over the Internet looking for defined ips tracks or random in order to automatically exploit the vulnerability DNSChanger on home routers.

The DNSChanger is a trojan able to direct user requests to illegal sites. In practice, this malware has the ability to change the DNS settings of our machine redirecting the user to sites with malicious purposes. Imagine for example that your system is infected with this malware, what might happen is that the user to access a particular site (eg. Facebook.com) may be forwarded to an unsolicited website and potentially illegal.

The script explores four vulnerabilities in routers

• Shuttle Tech ADSL Modem-Router 915 WM / Unauthenticated Remote DNS Change Exploit
  reference: http://www.exploit-db.com/exploits/35995/
• D-Link DSL-2740R / Unauthenticated Remote DNS Change Exploit
  reference: http://www.exploit-db.com/exploits/35917/
• D-Link DSL-2640B Unauthenticated Remote DNS Change Exploit
  reference: http://1337day.com/exploit/23302/
• D-Link DSL-2780B DLink_1.01.14 - Unauthenticated Remote DNS Change
  reference: https://www.exploit-db.com/exploits/37237/
• D-Link DSL-2730B AU_2.01 - Authentication Bypass DNS Change
  reference: https://www.exploit-db.com/exploits/37240/
• D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change
  reference: https://www.exploit-db.com/exploits/37241/
• DSLink 260E - Authenticated routers - DNS Changer - Bruteforce reference: https://www.youtube.com/watch?v=tNjy91g2Rak
  http://blog.inurl.com.br/2015/03/dslink-260e-defaut-passwords-dns-change_17.html

Requeriments

import sys, os, argparse, itertools, requests, random, time, threading, base64, socket
from datetime import datetime

Usage

  -range 192.168.1.0-255, --range 192.168.1.0-255  Set range of IP
  -bruteforce, --bruteforce                        Performs brute force with users and passwords standards, and soon    after defines the malicious DNS.
  -startip 192.168.*.*, --startip 192.168.*.*      Start - IP range customized with wildcard / 201.*.*.*
  -endip 192.168.*.*, --endip 192.168.*.*          End - IP range customized with wildcard / 201.*.*.*
  -dns1 8.8.8.8, --dns1 8.8.8.8                    Define malicious dns1
  -dns2 8.8.4.4, --dns2 8.8.4.4                    Define malicious dns2
  --threads 10                                     Set threads numbers
  -rip, --randomip                                 Randomizing ips routers
  -lmtip 10, --limitip 10                          Define limite random ip

Commands

Random ips

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --randomip --limitip 10 --threads 10                      
python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 -rip -lmtip 10 --threads 10

Scanner in range ip:

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --range 192.168.25.0-255 --threads 10

IP range customized with wildcard / Ex: --startip 201.*.*.* - --endip 201.*.*.*

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.8 --startip 192.168.*.* --endip 192.168.*.* --threads 10

Brute force with users and passwords on routers that requires authentication, forcing alteration of dns - DSLink 260E.

python routerhunter.py --dns1 8.8.8.8 --dns2 8.8.4.4 --range 177.106.19.65-70 --bruteforce --threads 10

• AUTOR: Jhonathan Davi A.K.A jh00nbr
• EMAIL*: jhoonbr@protonmail.ch
• Blog: http://blog.inurl.com.br
• Twitter: https://twitter.com/jh00nbr
• Facebook: https://fb.com/JhonVipNet
• Fanpage: https://fb.com/InurlBrasil
• Github: https://github.com/jh00nbr/
• Youtube: https://www.youtube.com/c/Mrsinisterboy

Download RouterhunterBR 2.0

Read More

Web Application firewall to Train Attacks - Raptor WAF

Raptor is an Open Source Tool, yout focus is study of attacks and find intelligent ways to block attacks.

Raptor is made in pure C, don’t use regex or other common ways to block attacks, yes is diferent and fast like a raptor dinosaur, Raptor follow principle KISS (Keep It Simple), you can use Raptor to simulate attacks and bypasses at wafs.

WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Injections and XSS...

• You can block XSS, SQL injection attacks and path traversal with Raptor
• You can use blacklist of IPs to block some users at config/blacklist ip.txt
• You can use IPv6 and IPv4 at communications
• At the future DoS protector, request limit, rule interpreter and Malware detector at uploads.
• At the future SSL/TLS...

to run:

$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor

Example

Up some HTTPd server at port 80

$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt

you can test at http://localhost:8883/test.php

Look the docs

https://github.com/CoolerVoid/raptor_waf/blob/master/doc/raptor.pdf

Tests:

509 of attacks, detect and block 349, 68% of attacks blocked

Download Raptor

Read More

Sandboxed Execution Environment - SEE

Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments.

The Sandboxes, provided via libvirt, are customizable allowing high degree of flexibility. Different type of Hypervisors (Qemu, VirtualBox, LXC) can be employed to run the Test Environments.

Plugins can be added to a Test Environment which provides an Event mechanism synchronisation for their interaction. Users can enable and configure the plugins through a JSON configuration file.

Audience

SEE is for automating tests against unknown, dangerous or unstable software tracking its activity during the execution.

SEE is well suited for building modular test platforms or managing executable code with a good degree of isolation.

SEE allows to write sandboxed tests both for quick prototyping and for running on production environment.

Installation

SEE is available as Python package on the Python Package Index (PyPI).

It's user's responsibility to install and setup the hypervisors intended to be controlled with SEE.

Please refer to the documentation to see how to setup and configure each hypervisor.

Supported hypervisors

SEE is build on top of libvirt's APIs, therefore all hypervisors supported by libvirt can be controlled through SEE.

SEE comes with a basic support for QEMU, VirtualBox and LXC, to add more hypervisor or customize the basic ones see the code contained in see/context.

Principles

SEE is an event-driven, plugin-based sandbox provider for synchronous and asynchronous test flow control.

                                                                  +----------+
                                                                  |          |
                                                          +-------| SEE Hook |
                                                          |       |          |
                                                          |       +----------+
              +-----------------+       +---------+       |       +----------+
              |                 |       |         |       |       |          |
User -------> | SEE Environment |-------| Sandbox |-------+-------| SEE Hook |
              |                 |       |         |       |       |          |
              +-----------------+       +---------+       |       +----------+
                                                          |       +----------+
                                                          |       |          |
                                                          +-------| SEE Hook |
                                                                  |          |
                                                                  +----------+

A SEE Environment encapsulates all the required resources acting as a handler for the User. The Sandbox is controlled by the Hooks which act as plugins, Hooks communicate and co-ordinate themselves through Events.

Each Hook has direct access to the Sandbox which exposes a simple API for it's control and libvirt's APIs for more fine grained control.


Links

Project page.
https://pypi.python.org/pypi/python-see
Project documentation.
https://pythonhosted.org/python-see
Libvirt project page.
https://libvirt.org
Presentation on PyCon Finland 2015.
https://www.youtube.com/watch?v=k185OMivqbQ

Download SEE

Read More

A Practical Guide to Networking and Security in iOS 8

Book Description:

This book describes how to use your iPhone, iPod touch, or iPad with iOS 8 on Wi-Fi and cellular/mobile networks securely, making connections with ease while protecting your data. It also covers Bluetooth networking, tracking an iOS device, using AirDrop and AirPlay, and solving connection problems.





Source: allitebooks

By Offensive Sec

Read More

Network Attacks and Defenses: A Hands-on Approach

Book Description:

The attacks on computers and business networks are growing daily, and the need for security professionals who understand how malfeasants perform attacks and compromise networks is a growing requirement to counter the threat. Network security education generally lacks appropriate textbooks with detailed, hands-on exercises that include both offensive and defensive techniques. Using step-by-step processes to build and generate attacks using offensive techniques, Network Attacks and Defenses: A Hands-on Approach enables students to implement appropriate network security solutions within a laboratory environment.

Topics covered in the labs include:

Content Addressable Memory (CAM) table poisoning attacks on network switches
Address Resolution Protocol (ARP) cache poisoning attacks
The detection and prevention of abnormal ARP traffic
Network traffic sniffing and the detection of Network Interface Cards (NICs) running in promiscuous mode
Internet Protocol-Based Denial-of-Service (IP-based DoS) attacks
Reconnaissance traffic
Network traffic filtering and inspection
Common mechanisms used for router security and device hardening
Internet Protocol Security Virtual Private Network (IPsec VPN) security solution protocols, standards, types, and deployments
Remote Access IPsec VPN security solution architecture and its design, components, architecture, and implementations
These practical exercises go beyond theory to allow students to better anatomize and elaborate offensive and defensive techniques. Educators can use the model scenarios described in this book to design and implement innovative hands-on security exercises. Students who master the techniques in this book will be well armed to counter a broad range of network security threats.





Source: allitebooks

By Offensive Sec

Read More