Hybrid Kill Chain & Attack Methodology

Report by Miguel Bigueur & Les Davis

image2.png

Figure 1. Anatomy of a URL and Web Server Architecture.

The intent is to manipulate URL inputs as a method of infiltration by means of legitimacy. The goal here is to masquerade as legitimate traffic in an effort to penetrate firewalls uninhibited, while bypassing all pre-established defense mechanisms. Once this is achieved, an attacker is afforded the opportunity to escalate privileges with an opportunity to engage in lateral movements.

A few tools that can be used to help discover vulnerabilities in web and mail servers include: Continue reading

Remediation

201402NIST-Cybersecurity-Framework-its-future-and-what-it-means-to-you

I will reflect upon the differences observed between three different vulnerability scanners and management tools, Nessus, Nexpose, and OpenVAS. Areas to be reviewed include, ease of use, accuracy of findings, depth of information in the tool and reports, actionability of the information provided and any other relevant criteria believed to be relevant. This report will also compare the results, remediation advice, and reliability as observed by the three different software programs. The test used for this report will be performed on a virtual network constructed entirely inside of a virtual machine on a 2009 Mac Pro using Parallels 10. The free versions of Nessus and Nexpose vulnerability scanners will run against the Metasploitable 2 virtual machine inside of Parallels and OpenVAS, which is a free open source vulnerability scanner, will be referenced from a YouTube video. Each test will be performed under identical network conditions.

Continue reading