Firecall – Automate SSH Communication With Firewalls, Switches, Etc.

Automate SSH communication with firewalls, switches, etc.DescriptionThese scripts are designed to automate sending commands to a Cisco ASA firewall. The intended purpose here is to eliminate the need to manually log in to a firewall to make changes. This code can be run directly via command line or it can be incorporated into other scripts. These scripts were created with automation/orchestration in mind – if done securely, these scripts could ingest security intelligence data to automatically block malicious IPs based on certain criteria.ConfigurationRun bash install.sh to set helpful aliases and enable loggingConfigure “config" in a text editor to add firewall address(es), authentication, & any other applicable options such as:add multiple firewalls to configure them all simultaneouslyconfigure email alerting to be alerted when an IP is blocked or un-blockedwhitelist IPs that you never want to get blockedoptional logging feature for audit capabilityblockipThe "blockip" script is designed to quickly block a host by simply providing the IP address.Just type blockip and then the ip address that you want to block.Example usage:# blockip 12.34.56.78[-] (firewall01) Added IP ‘12.34.56.78’ to firewall group ‘Deny_All_Group’removeipThis script works in the same way as blockip, except it removes an IP block from the firewall. It can be used to quickly "undo" a block made by blockip.Example usage:# removeip 12.34.56.78[-] (firewall01) Successfully removed IP ‘12.34.56.78’ from firewall group ‘Deny_All_Group’Dependencies"paramiko" must be installed for this program to run. To install paramiko, try running "pip install paramiko". On Macs, you may have to install a version of Python that has "pip". To do this, you can use either easy_install or homebrew (run "sudo easy_install pip" or "brew install python")Download Firecall

Link: http://feedproxy.google.com/~r/PentestTools/~3/ocGRQjqPkHg/firecall-automate-ssh-communication.html

Duo, CyberArk, & Demisto – Enterprise Security Weekly #97

This week, Duo integrates with Sophos to address BYOD Security, SkyHigh not the limit of McAfee’s ambition; IPO an option, CyberArk’s new offering to mitigate privileged access risk, Ping Identity acquires Elastic Beam for AI-Powered API Security, and more on this episode of Enterprise Security Weekly! Enterprise News Duo Integrates With Sophos to Address BYOD […]
The post Duo, CyberArk, & Demisto – Enterprise Security Weekly #97 appeared first on Security Weekly.

Link: http://feedproxy.google.com/~r/securityweekly/Lviv/~3/bQGgpm7seCE/

3 Ways Extract Password Hashes from NTDS.dit

Hello friends!! Today we are going to discuss some forensic tool which is quite helpful in penetration testing to obtain NTLM password hashes from inside the host machine. As we know while penetration testing we get lots of stuff from inside the host machine and if you found some files like NTDS.dit and system hive… Continue reading →
The post 3 Ways Extract Password Hashes from NTDS.dit appeared first on Hacking Articles.

Link: http://www.hackingarticles.in/3-ways-extract-password-hashes-from-ntds-dit/