Module Making in recon-ng

•Download as PPTX, PDF•

1 like•1,597 views

This is a talk I gave at a NOVA Hackers (http://novahackers.blogspot.com/) meeting in June 2013 on how to make a recon-ng module. The idea was to show people interested in getting involved with an open source project that it isn't hard to do. I selected Tim Tomes' recon-ng (https://bitbucket.org/LaNMaSteR53/recon-ng) to contribute to but the underlying theme of going out and trying to get involved applies to most projects. Sure, you need some knowledge of programming but you'll find that within the Open Source community there are many people ready to help you learn and grow your skills.

Technology

A beginner’s guide to contributing to an
Open Source Project
Module Making in recon-ng
NovaHackers June 2013Micah Hoffman @WebBreacher

Who am I?
 Micah Hoffman - @WebBreacher
 Internal penetration tester
 Recon-ng module-maker
 SANS Mentor
 Appalachian Trail hiker
NovaHackers June 2013Micah Hoffman @WebBreacher

The Setup
 Wanted to learn a new language
 Needed a reason/direction
 Thought about contributing to some tool
 No coding experience
 Found recon-ng
 Fit with my work tasks
 Fit with the programming language I use (python)
 How do you contribute?
NovaHackers June 2013Micah Hoffman @WebBreacher

Recon-ng (Highlights)
Language Python (2.7)
Code Management Git (bitbucket.org)
Owner Tim Tomes - @LaNMaSteR53
Purpose Web Reconnaissance
framework
NovaHackers June 2013Micah Hoffman @WebBreacher

Code Management - git
 Make account on bitbucket.org
 Fork recon-ng repository (copy into your
account)
 Set up your computer to work on the code
 Python, IDE/Text Editor (syntax highlighting
helps)
 git
 Learn about git
 Lotsa docs on Interwebs
 Fork, Clone, Pull, Add, Commit, Push, Branch
NovaHackers June 2013Micah Hoffman @WebBreacher

What will the module do?
 Generally the hardest part for me
 Get ideas:
 Twitter, coworkers/friends, web sites you use
 Keep a log of ideas
 Overall function of my module
 User enters information
 recon-ng retrieves data from site
 Parse response data for something
 Display
NovaHackers June 2013Micah Hoffman @WebBreacher

Google IDs
 Thought:
 Google Analytics and Google AdSense codes are
used on multiple sites
 Means that sites are related somehow
 Same developers?
 Same maintainers?
 Same owners?
 Simple Regexes to locate codes
 ["'](UA-d+)
 ["'](pub-d+)
NovaHackers June 2013Micah Hoffman @WebBreacher

Find a web app for lookups
NovaHackers June 2013Micah Hoffman @WebBreacher

Look at response/results
NovaHackers June 2013Micah Hoffman @WebBreacher

Results parse-able?
• Yes!
• Regex: <div class="row"><a[^>]*>(.+?)</a>
NovaHackers June 2013Micah Hoffman @WebBreacher

Make the module
 RTFM – recon-ng
 https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Home
 Examine other modules
NovaHackers June 2013Micah Hoffman @WebBreacher

The code
NovaHackers June 2013Micah Hoffman @WebBreacher

The results
NovaHackers June 2013Micah Hoffman @WebBreacher

Submission and Review
 Git add/commit/push to your account
 Create a “pull” request to pull into tool’s main
trunk
 Module will be reviewed and commented on
 Address issues/comments
 Resubmit
 Lather, rinse, repeat
 Pull request accepted and merged
 Git clone the main branch

 Move to the next module
NovaHackers June 2013Micah Hoffman @WebBreacher

Bonus: dev_diver
 How about a module that takes a
hacker/coder nym and checks coding sites
for it?
 Introducing dev_diver (not in recon-ng yet!)
 Got the module…just need a hacker name
 Volunteers?
NovaHackers June 2013Micah Hoffman @WebBreacher

Thanks for volunteering Rob!
“mubix” it is!
NovaHackers June 2013Micah Hoffman @WebBreacher

Bonus: dev_diver
7,946 photos
NovaHackers June 2013Micah Hoffman @WebBreacher

Micah Hoffman @WebBreacher
http://webbreacher.blogspot.com/
Questions?

Viewers also liked

Protecting confidential files using SE-Linux

Giuseppe Paterno'

Audit

Mark Ellzey Thomas

Traditionally, people have used the userland daemon ‘auditd’ built by some good Red Hat folks to collect and consume this data. However, there are a couple of problems with traditional open source auditd and auditd libraries that we’ve had to deal with ourselves, especially when trying to run it on performance sensitive systems and make sense of the sometimes obtuse data that traditional auditd spits out. To that effect, we’ve written a custom audit listener from the ground up for the Threat Stack agent (tsauditd).

SHOWDOWN: Threat Stack vs. Red Hat AuditD

Threat Stack

How To Train Your Python

Jordi Riera

Open Audit

ncspa

Linux audit framework

Torstein Hansen

We often hear that viruses do not affect Linux systems. If it was only true... To understand why there is malware in the first place, we look at the reasons for evildoers to create harmful software. When that is clear, we move on by defining several types of malware, to finally focus on a very particular one, the rootkit. A quick course into the cleverness of rootkits follows, with the related challenges it offers for detection. We close the session by giving tips on detection and prevention.

Dealing with Linux Malware

Michael Boelen

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Threat Stack

Whitepaper: User Audit Options for Linux and Solaris

ObserveIT

Python build your security tools.pdf

TECHNOLOGY CONTROL CO.

MySQL Enterprise Edition Achieve the Highest Levels of Security ------------ • MySQL Enterprise TDE – Data-at-Rest Encryption – Key Management / Security • MySQL Enterprise Backup – Securing Backups, AES 256 encryption • MySQL Enterprise Encryption – Public/Private Key Cryptography – Asymmetric Encryption – Digital Signatures, Data Validation • MySQL Enterprise Authentication – External Authentication Modules – Microsoft AD, Linux PAMs • MySQL Enterprise Firewall – Block SQL Injection Attacks – Intrusion Detection • MySQL Enterprise Audit – User Activity Auditing, Regulatory Compliance • MySQL Enterprise Monitor – Changes in Database Configurations, Users Permissions, Database Schema, Passwords

MySQL Day Paris 2016 - MySQL Enterprise Edition

Olivier DASINI

2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview

Shawn Wells

Using Python, the author has developed a program that learns about protocol formats, with the main goal in being useful for Deep Packet Inspection. Deep Packet Inspection is a process mainly used in network security to ensure integrity of network data sent across the network. Deep Packet Inspection is used to pre-empt and prevent malicious data from being transmitted over a network in order to ensure the security of the organization. http://tw.pycon.org/2015apac/en/lightning_en

Network Security and Analysis with Python

pycontw

Are you really sure the security of your Linux systems is done properly? Since 2002, Michael Boelen performs research in this field. The answer is short: there is too much to possible and to do. For this reason, he created several open source security tools, to help others saving time. We will look into how Lynis can help with technical security scans. In this talk, we had a look on how Lynis helps with system hardening. We discussed the background of the tool, lessons learned after 13 years of open source software development, and what the future plans are.

Linux Security Scanning with Lynis

Michael Boelen

How to make an e learning module

TooNey Krongpho

Handling of compromised Linux systems

Michael Boelen

Viewers also liked (16)

Protecting confidential files using SE-Linux

Audit

SHOWDOWN: Threat Stack vs. Red Hat AuditD

How To Train Your Python

Open Audit

Linux audit framework

Dealing with Linux Malware

Bringing Infosec Into The Devops Tribe: Q&A With Gene Kim and Pete Cheslock

Whitepaper: User Audit Options for Linux and Solaris

Python build your security tools.pdf

MySQL Day Paris 2016 - MySQL Enterprise Edition

2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview

Network Security and Analysis with Python

Linux Security Scanning with Lynis

How to make an e learning module

Handling of compromised Linux systems

Recently uploaded

DBX First Quarter 2024 Investor Presentation

Dropbox

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

Architecting Cloud Native Applications

WSO2

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Zilliz

Exploring Multimodal Embeddings with Milvus

Zilliz

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

MadyBayot

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

ICT role in 21st century education and its challenges

rafiqahmad00786416

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Zilliz

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

The value of a flexible API Management solution for Open Banking Steve Melan, Manager for IT Innovation and Architecture - State's and Saving's Bank of Luxembourg Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The value of a flexible API Management solution for O...

apidays

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Recently uploaded (20)

DBX First Quarter 2024 Investor Presentation

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

MINDCTI Revenue Release Quarter One 2024

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Architecting Cloud Native Applications

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Exploring Multimodal Embeddings with Milvus

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER

Platformless Horizons for Digital Adaptability

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

ICT role in 21st century education and its challenges

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Artificial Intelligence Chap.5 : Uncertainty

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Six Myths about Ontologies: The Basics of Formal Ontology

Apidays New York 2024 - The value of a flexible API Management solution for O...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Module Making in recon-ng

1. A beginner’s guide to contributing to an Open Source Project Module Making in recon-ng NovaHackers June 2013Micah Hoffman @WebBreacher

2. Who am I?  Micah Hoffman - @WebBreacher  Internal penetration tester  Recon-ng module-maker  SANS Mentor  Appalachian Trail hiker NovaHackers June 2013Micah Hoffman @WebBreacher

3. The Setup  Wanted to learn a new language  Needed a reason/direction  Thought about contributing to some tool  No coding experience  Found recon-ng  Fit with my work tasks  Fit with the programming language I use (python)  How do you contribute? NovaHackers June 2013Micah Hoffman @WebBreacher

4. Recon-ng (Highlights) Language Python (2.7) Code Management Git (bitbucket.org) Owner Tim Tomes - @LaNMaSteR53 Purpose Web Reconnaissance framework NovaHackers June 2013Micah Hoffman @WebBreacher

5. Code Management - git  Make account on bitbucket.org  Fork recon-ng repository (copy into your account)  Set up your computer to work on the code  Python, IDE/Text Editor (syntax highlighting helps)  git  Learn about git  Lotsa docs on Interwebs  Fork, Clone, Pull, Add, Commit, Push, Branch NovaHackers June 2013Micah Hoffman @WebBreacher

6. What will the module do?  Generally the hardest part for me  Get ideas:  Twitter, coworkers/friends, web sites you use  Keep a log of ideas  Overall function of my module  User enters information  recon-ng retrieves data from site  Parse response data for something  Display NovaHackers June 2013Micah Hoffman @WebBreacher

7. Google IDs  Thought:  Google Analytics and Google AdSense codes are used on multiple sites  Means that sites are related somehow  Same developers?  Same maintainers?  Same owners?  Simple Regexes to locate codes  ["'](UA-d+)  ["'](pub-d+) NovaHackers June 2013Micah Hoffman @WebBreacher

8. Find a web app for lookups NovaHackers June 2013Micah Hoffman @WebBreacher

9. Look at response/results NovaHackers June 2013Micah Hoffman @WebBreacher

10. Results parse-able? • Yes! • Regex: <div class="row"><a[^>]*>(.+?)</a> NovaHackers June 2013Micah Hoffman @WebBreacher

11. Make the module  RTFM – recon-ng  https://bitbucket.org/LaNMaSteR53/recon-ng/wiki/Home  Examine other modules NovaHackers June 2013Micah Hoffman @WebBreacher

12. The code NovaHackers June 2013Micah Hoffman @WebBreacher

13. The results NovaHackers June 2013Micah Hoffman @WebBreacher

14. Submission and Review  Git add/commit/push to your account  Create a “pull” request to pull into tool’s main trunk  Module will be reviewed and commented on  Address issues/comments  Resubmit  Lather, rinse, repeat  Pull request accepted and merged  Git clone the main branch   Move to the next module NovaHackers June 2013Micah Hoffman @WebBreacher

15. Bonus: dev_diver  How about a module that takes a hacker/coder nym and checks coding sites for it?  Introducing dev_diver (not in recon-ng yet!)  Got the module…just need a hacker name  Volunteers? NovaHackers June 2013Micah Hoffman @WebBreacher

16. Thanks for volunteering Rob! “mubix” it is! NovaHackers June 2013Micah Hoffman @WebBreacher

17. Bonus: dev_diver 7,946 photos NovaHackers June 2013Micah Hoffman @WebBreacher

18. Micah Hoffman @WebBreacher http://webbreacher.blogspot.com/ Questions?

Module Making in recon-ng

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (16)

Recently uploaded

Recently uploaded (20)

Module Making in recon-ng