Wednesday, September 11, 2019

Silverpeak SD-WAN +7 CVE

Fixed (?) published. Kudos SD-WAN New Hop team: Sergey Gordeychick, Denis Kolegov, Maxim Gorbunov, Nikolay Tkachenko, Nikita Oleksov, Oleg Broslavsky, Antony Nikolaev

Friday, August 23, 2019

AI Finger

Special release for XCON 2019 Beijing conference and “AI for Security or Security for AI” talk by Sergey Gordeychik.

Very first (and very draft) round of Machine Learning and Artificial Intelligence Frameworks and Applications Fingerprinting and Internet Census project.
Based on the Grinder framework.



Monday, July 1, 2019

SD-WAN Security Assessment: The First Hours

SD-WAN Security Assessment: The First Hours


Introduction


Suppose you need to perform a security assessment of an SD-WAN solution.
There are several reasons for this and one of them is selecting an SD-WAN provider or product.

A traditional SD-WAN system involves many planes, technologies, mechanisms, services, protocols and features.
It has distributed and multilayered architecture. So where should you start?

The main goal of this document is to list basic sanity checks that can be used when investigating SD-WAN.
We will consider general checks that can be applied to any SD-WAN system.

Wednesday, May 15, 2019

More cyber girls needed!

Harbour.Space University (Barcelona) provides  scholarship opportunity for women who want to study Cybersecurity or Fintech.
Apply before May 30th to Hack The Planet for free!

https://harbour.space/register

Sunday, May 12, 2019

On CVE-2019-11550


Citrix SD-WAN Security Update (CTX247735)

An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This  vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic.

Tuesday, April 30, 2019

The Grinder updates

New release of the Grinder framework, created to automatically enumerate and fingerprint hosts on the Internet using different back-end systems: search engines, such as Shodan or Censys, for discovering hosts and NMAP engine for fingerprinting and specific checks.


Wednesday, March 27, 2019

The Grinder for SD-WAN

Internet-connected Devices Census Python Framework by Anton Nikolaev

Special release for insomnihack 2019.

The Grinder framework was created to automatically enumerate and fingerprint different hosts on the Internet using different back-end systems: search engines, such as Shodan or Censys, for discovering hosts and NMAP engine for fingerprinting and specific checks. The Grinder framework can be used in many different areas of researches, as a connected Python module in your own project or as an independent ready-to-use from the box tool.