AppSec USA 2014
Denver, Colorado
Orchestrating Security Testing
With Golismero
Mike Landeck
Speaker Bio
Mike Landeck
Mike Landeck led the security implementation and then
operationalized the Country’s largest Medicaid Management
Information System as the Director of Information Security
for Xerox’ State Healthcare and then managed the security
program implantation of Colorado’s Health Insurance
Exchange as a consulting manager for CGI.
Mike currently consults at one of the World’s largest technology companies on
improving security in the software development lifecycle as a Product Security
Strategy Consultant.
Mike is a frequent conference speaker and workshop presenter appearing at
conferences throughout the United States focusing on topics of software
security testing and security program management
2
Disclaimer
I do not speak on behalf of
my employer. The
information and
perspectives I present are
personal and do not
represent those of my
employer.
3
Golismero
Golismero Project Team
www.golismero.com
Mario Vilas
Raúl Requero
Daniel García
Core developer
Frontend developer
Backend developer
* My role is that of self-appointed evangelist and bug hunter who wants to promote
the concept of automated test orchestration in the cyber security testing community
4
Agenda
Agenda
1. Very Brief Business Context
2. Golismero for Senior Users
3. Golismero for complete and total rookies
5
Business Context
Top three reason I hear organizations cite for not
using more automated assessment tools:
• Don’t know how to use
• Don’t know which tools to use
• Too much time to vet results
6
Business Context
Typical Automated Security Assessments
Web
Vulnerability
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Host
Vulnerability
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Network
Vulnerability
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Request
Analysis
Configuration
Execution
Vetting/Audit
Report
Application
Vulnerability
7
Business Context
1. Nikto
2. Nmap
3. Openvas
4. Spiderfoot
5. Sslscan
6. Sqlmap
7. Xsser
8. Dns_Malware
9. Geoip
10.Punkspider
11.Shodan
12.Plecost
Single Request
13. Default Error Page
14. Directory Listing
15. Dns Malware
16. Exploit-DB
17. Fingerprint Web
18. Brute Directories
19. Brute Dns
20. Brute Extensions
21. Brute Permutations
22. Brute Predictables
23. Brute Prefixes
24. Brute Suffixes
Single Analysis
Single Config
Single
Execution
Single Vetting
Single Report
8
Golismero Demo
Simple Demo- Default Settings
Golismero scan <host>
Action
Test
Target
9
Golismero Config File
File Location: /usr/share/golismero/golismero.conf
[openvas]
host = localhost
#
[testing/scan/openvas]
user = admin
password = <your password>
#
[shodan:Configuration]
apikey = <your shodan key>
http://goo.gl/im2FLe for detailed instructions on setting up OpenVAS
http://www.shodanhq.com/account/register for a shodan API key
10
Golismero Demo
Golismero Advanced
golismero scan <host>
--audit-name <user defined name for scan>
-o <user defined name of output file>
--no-parent
--cookie <name=value>
--user-agent <user defined value>
11
Golismero Demo
Golismero Plug-ins
golismero plugins  returns all loaded plug-ins
golismero –e <plug-in name>  enables plug-in
golismero –d <plug-in name>  disables plug-in
Example:
golismero scan <host> -d brute* disables all of the brute force
plug-ins
12
Golismero Reporting
Report Formats:
• Determined by the extension
– I.e.: .html, .txt and .rst
Reporting on Previous Scans:
golismero report <fileName.ext> -db <scanName.db>
13
Golismero for Complete Rookies
Step 1: Download VMWare Player
Step 2: Download my pre-configured image
Step 3: Open Image
Step 4: Click the button to start wizard
Links and help for all this at:
http://SoftwareSecurityAssurance.com/AppSecUSA2014
14
Setting up a Test System
Demo: Go from zero
experience to running
golismero!
15
Installing Kali
There is not enough time in a one hour
workshop to walk through the installation
process, however there are literally hundreds of
Kali installation demo’s on YouTube.
– This one is comprehensive (and narrated!)
https://www.youtube.com/watch?v=k5mNnkG0F
Vk
16
Questions
17
Useful Links
Topic
Link
Golismero Web Site
www.golismero.com
Slides and
supporting material
http://SoftwareSecurityAssurance.com/AppSecUSA2014
OpenVAS Help
http://goo.gl/im2FLe
Basic Linux
commands for Kali
users
http://kali4hackers.blogspot.com/2013/06/some-basiccommands-for-kali-linux.html
Kali Installation
(video)
https://www.youtube.com/watch?v=k5mNnkG0FVk
Download Kali
http://www.kali.org/downloads/
Download VM Player https://my.vmware.com/web/vmware/free#desktop_end_user
_computing/vmware_player/6_0
Shodan Registration
http://www.shodanhq.com/account/register
18
End –h now
19