Post on 29-Dec-2015
JD’s ToolBox – Fire and Water Toolkit
Next Generation Web Assessment Technology
NT OBJECTives, Inc.
NT OBJECTives, Inc.
Overview
Web Architecture
Web Hack Attacks
Our solution
Fire and Water Toolkit
NT OBJECTives, Inc.
WebServer DB
DB
Web app
WebClient Web app
Web app
Web app
HTTPrequest
(cleartext or SSL)
HTTP reply(HTML,
Javascript, VBscript,
etc)
Plugins:•Perl•C/C++•JSP, etc
Database connection:•ADO,•ODBC, etc.
SQL Database
•Apache•IIS•Netscape etc…
Firewall
NT OBJECTives, Inc.
WebServer DB
DB
Web app
Web app
Web app
Web app
http: // 10.0.0.1 / catalog / display.asp ? pg = 1 & product = 7
NT OBJECTives, Inc.
Current Top Web Issues are:1. Source Code Disclosure
2. Directory Browsing
3. File Upload Attacks
4. Backup and Archive Issues
5. Web Server Vulns
6. Remote Command Execution
7. SQL Injection Attacks
NT OBJECTives, Inc.
The web and e-commerce applications are the main focus of our efforts
Web applications are important and growing in importance
Web applications are complex and growing in complexity
Our tool releases our going to have web specific priority
NT OBJECTives, Inc.
Fire and Water
Our attempt to take web assessment to the next level
Toolkit is targeted at assessment professionals
Supports our initiative for providing complete assessment and defense services
NT OBJECTives, Inc.
Chaos – Current Situation
Lots of good tools on the net – but none work together
No standard for output
Making a report from all these src’s is difficult at best
- To do your job well, you require all this info
NT OBJECTives, Inc.
Fire
Set of tools for assessment professionals
Allows scripting
Allows remote usage
- Really shines on mapping internal networks
from external findings
NT OBJECTives, Inc.
XML Automation
ntoscan | ntoroute | ntoweb | ntomap | ntotrend = coolness
NT OBJECTives, Inc.
Tool Descriptions
ntoscan – TCP/UDP scanner – No Banners, OSPrints
ntoroute – TCMP/TCP traceroute tool
ntoweb - web vuln crawler
ntomap - network topology generator
ntotrend – data trend tool (multiple reports over time)
NT OBJECTives, Inc.
Fire and Water Architecture
1. Complete XML Data Architecture
2. XML/XSL Reports are THE solution
3. Targeted Web Priority and Visualization
4. XML Mapping technology highlights web trouble spots
5. Superior Support for Data Trends over Time
NT OBJECTives, Inc.
CLI Interface Power
CLI chosen as most powerful for experts
Allows scripting
Allows remote usage - Really shines on mapping internal networks
from external findings
NT OBJECTives, Inc.
Web Focused Data Model
By default, tools record web data
Pinpoints and highlights web trouble spots
Map visually distinguishes between web services and traditional services
Completely designed to help resolve web security issues
NT OBJECTives, Inc.
XML Data Cohesion
All tools output XML
Results are sortable
Reports are appendable
Building large analysis sets from tools is possible
DB storage with SQL databases is possible
Query analysis
Trend analysis
NTOScanner
NTOScanner
NTOScanner
NTOScanner + NTORoute
NTOScanner + NTORoute
NTOMap
NTOMap
NT OBJECTives, Inc.
NTOScan Report
NT OBJECTives, Inc.
Water = NTOWire
Command line driver ISAPI filter
Installable remotely/scriptable
Updateable via Snort Signatures - stay quickly up to date against the latest vulns
NT OBJECTives, Inc.
NTOWire Usage
ntowire –install
ntowire –load
ntowire –unload
ntowire -uninstall
NT OBJECTives, Inc.
Look for updates from us
We’re back, We’re just getting started
New toolsNew vision
New capabilities
NT OBJECTives, Inc.
JD Glaser
Erik Caso
Mike Morton
NT OBJECTives, Inc.