Suggestions for security projects wanted

Viewing 13 reply threads
  • Author
    Posts
    • #4003
      UNIX
      Participant

      Hey,
      although I am already working on some smaller projects and help out at others, I would like to start and work regulary on one big project.

      Currently I have no specific project in mind, only some basic conditions I would like to follow:

      • It should be related with penetration testing (on the offensive site) or reverse code engineering, as those are the topics I have most knowledge of and personal interest in
      • Free, nothing to pay for others
      • Although not necessary, it may be good if such a project is not available yet or at least not “good”, e.g. i see no particular reason for me to write another metasploit
      • It doesn’t matter for me if it is something to program, automate, write, teach etc.

      Some random thoughts and keywords I have in mind:

      • framework for pentesting report
      • setting up a lab environment
      • guides
      • vulnerable operating system, application, etc.
      • Some kind of CTF
      • some kind of training

      Any suggestions or thoughts on this? Any help is much appreciated.
      It is no problem if it is a bigger project.. i see this not only as a chance to help others in one way or another, but also to learn more myself, get “known”, etc..so it doesn’t matter for me if it takes a lot of time until it is finished.

      Looking forward to comments on this.

    • #25509
      dalepearson
      Participant

      Awesec,

      I think this is admirable of you, I really struggle to find the time to do something indepth.

      Nothing is springing to mind at the moment, but if I think of anything I will drop you a line.

      All the best with it though.
      Dale

    • #25510
      Phyr3Ph0x
      Participant

      Hiya.
      I don’t know if you’ve ever seen the De-ICE lab disks?
      http://de-ice.net/hackerpedia/index.php/De-ICE.net_PenTest_Disks#Level_1_2

      They are a set of disks based on Slax that are configured to be user as pen-test targets.
      You get very little info on what you need to do, and you hack them…  Lot’s of fun, and they’re damned hard too! (Especially for a noob like me  😉 )

      Having looked around, there don’t seem to be many things like them, so more would be nice…

      Regards,

      `ph0x

    • #25511
      UNIX
      Participant

      Thanks dalepearson. 🙂

      I really like the mentioned De-ICE discs and already completed them some time ago. There are some similar projects I know off but probably one can’t have enough of such simulations. I may consider this, thanks for your suggestion, Phyr3Ph0x. 😉

      Any more suggestions are of course welcomed.

    • #25512
      former33t
      Participant

      I’ve been toying with the idea of doing log cleaning tools for Solaris auditing logs in binary form.  The logs themselves don’t seem so hard to clean, the harder part seems to be automating the location of ALL of your log entries and getting rid of them.  This is VERY time consuming in a manual fashion.  Of course if you can just clean the really damning stuff nobody is likely to even detect that an attack occurred, so maybe that is good enough.

      Another place that I was looking at going was reverse engineering AV/firewall log file formats to create cleaning tools for these.  The big problem there is that most of these are locked open by the AV program (in windows) so you have to stop the service to clean, then restart (which invariably leaves a log message).  Still better than leaving the details of your exploit behind though.

    • #25513
      timmedin
      Participant

      I am working on setting up a CTF for our local DefCon Group (DC612). Our plan is to have multiple CTFs along the way until we get to the big one. Before each “mini” CTF we will have a few sessions/meetings where we explain the material they will need to pop a box. We will then add more information and tools before the next CTF. We plan on having at least two CTFs before the big one.

      We are also evaluating having two teirs of boxes so the n00bs can keep up the the 1337’s have something to do. For example they would have to take three boxes. The less experienced players take on A, B, and C while the more experienced take on B, C, and D. The A box would also have some tips for taking other boxes.

      I plan on writing this up as we define it, but it will be a while (few months). I’ll post here when we are done.

    • #25514
      timmedin
      Participant

      •framework for pentesting report
      Here is a good guide for understanding the type of things that are done during a test.
      http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html
      This includes a template for a sample report
      http://www.vulnerabilityassessment.co.uk/report%20template.html

      I’ve seen a few other samples as well and I know one sample was posted here last week (or so), but I don’t have the link and I’m too lazy to find it.

      •setting up a lab environment
      Setup a virtual infrastructure and setup a bunch of machines. I know there are multiple threads covering this topic here on EH.net. I would recommend getting a server class machine (used, it is cheaper) and installing ESXi. Throw on a bunch of OS’es and other software. I can’t give you good specifics here since it will depend on what you want to test. I would say at a minimum you should have a Windows XP box, a Linux box, and a BSD box. If you want a good box to test against add Damn Vulnerable Linux.

      If you want to test against some vulnerable software download some old software from http://www.oldversion.com

      You can also download some intentionally web apps grab Web Goat, Multildea (sp?) and Moth.

      •guides
      Not to be a jerk but google for what you want, if you need specific help ask and you shall receive. There are a lot of good guides out there for specific tools and apps. If you are looking for one is specific google for it and if you can’t find it then ask.

      •vulnerable operating system, application, etc.
      (See Lab)

      •Some kind of CTF
      I’ll submit some details on the one I am working on and post it in a few months

      •some kind of training
      There are lots of sites that specialize in this. Lots of good videos on YouTube and Vimeo, but it can be a little harder to find. I suggest TheAcademyPro.com for some good videos.

    • #25515
      UNIX
      Participant

      Your CTF project sounds interesting, good lock. I also like that you will offer something to play with also for the unexperienced users. 😉

      I am not sure if you understood my initial posting correct or if I misunderstood you last post. I am not looking for specific guides/ videos etc. for myself but thought about offering such things to others. I have set up a few labs for security testing before and have some experience with other topics too which may help others.

      I already got some ideas with this thread although nothing specific yet, still it helps me. 🙂 Another thought I had in mind when starting this thread was that maybe someone has a good idea but is for some reason not able to do it by herself, e.g. because of lacking time or knowledge.

      @former33t: Thanks for your suggestions. The log cleaning thing sounds interesting but is not exactly what I am currently interested in. I will take a closer look into it when I have experience with Solaris.

      Your second suggestion sounds interesting too, although the reboot would make it a little “unsexy”. I will think about it though, so thanks. 🙂

    • #25516
      Jhaddix
      Participant

      We’re working on VM lab setup guides and videos at security aegis pretty soon. One for webapp and one for network.

      Should be good stuff

    • #25517
      ethicalhack3r
      Participant

      You may be interested in helping out with a project I started in December last year.

      Damn Vulnerable Web App (dvwa)

      Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be light weight, easy to use and full of vulnerabilities to exploit. Used to learn or teach the art of web application security.

      At the moment theres me and a couple of other people working on it in our spare time. The current version is 1.0.4 however were working on a complete recode for the next version which is about 60% complete and can be accessed via SVN.

      Project homepage: http://sourceforge.net/projects/dvwa/
      SVN: https://dvwa.svn.sourceforge.net/svnroot/dvwa
      Other info: http://www.ethicalhack3r.co.uk
      Email: dvwaethicalhack3r.co.uk

    • #25518
      Jhaddix
      Participant

      Hey ethicalhack3r,

      We are featuring your project in our Webapp lab setup. It wont be out for a week or two (recording and uploading is most of time) but when it is finished our lab environment should have about 7 different targets one being yours.  Thanks so much =)

    • #25519
      ethicalhack3r
      Participant

      @Jhaddix wrote:

      Hey ethicalhack3r,

      We are featuring your project in our Webapp lab setup. It wont be out for a week or two (recording and uploading is most of time) but when it is finished our lab environment should have about 7 different targets one being yours.  Thanks so much =)

      Awesome! Glad you find it useful. Where will it be uploaded to?

      Keep an eye out for the next version, its in a completely different league to the current stable version.

    • #25520
      Jhaddix
      Participant

      It’ll be on our site and youtube, vimeo, etc.  We are using Mutildae, Webgoat, Damn Vulnerable Web App, Foundstones Hacme bank, casino, shipping etc, moth, webmaven, and securibench. Our attack platform will be SamuraiWTF.

    • #25521
      UNIX
      Participant

      Thanks for all replies, also the few given privately. They are much appreciated. 🙂

      The projectidea I will probably try to realize and work on:

      Two free courses, including study materials, exercices/ “homework”, videos and audio, toolboxes (only using freeware tools and maybe something like shareware etc., so that there is no need to pay money to follow everything).
      While the first one will focus on penetration testing and related topics the second one focuses on reverse engineering, binary analysis and malware research.

      I am currently settings up a concept on topics I would like to work on and include.

      Probably this project will take quite a time until it is complete but I hope and think it will be worth the efforts.

      Any thoughts on this?

Viewing 13 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?