A place to note things I have done that don’t really deserve a boring blog post.
Internship Summer 2016 Completed Projects:
Successfully implemented scheduled vulnerability scanning on all approximately 500 external web servers. This implementation involved the use of OWASP ZAP and python scripting. This makes use of the ZAP API and a python built email reporting function. Before this project implementation, there was no or little insight of the vulnerability health of these external web servers.
External Network Audit:
With the use of Masscan and Nmap, a set of multiple class B networks were scanned in a very short time period. This was to verify and determine what devices were exposed externally. This was a very cloudy area due to the use of external IP addresses both internal and external. The results were tried against already known information. Multiple devices which were not supposed to be exposed were found and mitigation took place. Multiple RDP, SSH, Telnet and random printer services were exposed before this audit.
Web Application For Inventory:
Up until this point, some teams used simple excel spreadsheets for inventory of devices. I created a simple web application using ASP.NET and C# to collect and modify this inventory. This inventory uses a SQL db which already housed the db for IP 360 Tripwire Vulnerability details. To leverage this, I linked these so that for each device put into inventory, the vulnerability details for that can be queried as well.