Aten Labs

So I whipped a talk recently to give at BSidesLA about how to stack tools voltron-style together and get some pretty gnarly successes. Here are some light talking points to give you an idea of what the subject matter was, but I should let the slides do most of the talking for me (though they may be slightly vague without the video, which isn’t up at the time of this writing.)

• Use shodan to find things online (ec2, one-off sites, etc) not brought to the attention of IT or InfoSec before going live
• Enumerate attack surface without actually performing active scans (many shops forbid infosec guys to scan their own environment. Crazy, right? I know!)
• Use shodan for red teaming (enumerating attack surface quietly, finding “hidden stuff”, all without actually actively scanning)
• Bolt on the python api, pipe out results, do crazy things
  • Screenshot 50,000 webpages using a threaded script
  • Check for HTTP 200 OK return codes for direct object access vulns
  • Pipe output of Shodan directly into metasploit via an RC script
    • Leverage metasploits powerful auxiliary scanner tools to do enumeration
    • Launch very targeted attacks on huge attack surface with NO PORT SCANS
  • whatever else you can think up python can do for you!

Screenshotter script: PYTHON!

RC Script generator: PYTHON MOAR!

Slides: PDF!