owasp mantra-os
DESCRIPTION
OWASP Mantra-OS. Because the world is cruel. About Me. Attended United Stated Air Force Institute of Technology Defense Acquisition University Platform Security Engineer at. What is Mantra-OS?. - PowerPoint PPT PresentationTRANSCRIPT
OWASP Mantra-OSBecause the world is cruel
About Me
• Attended United Stated Air Force Institute of Technology
• Defense Acquisition University
• Platform Security Engineer at
What is Mantra-OS?
• Mantra-OS is a virtualized attack platform designed around Mantra Security toolkit and OWASP WTE repository.
What was Mantra-OS developed for?
• SCAP testing and professional pen-testing environment optimized for virtual environments. Such as vSphere, XenDesketop, OpenStack, oVirt.
• Installation media iso and deployable ovf/ova.
Mantra-OS & HyTrust
• Mantra-OS was implemented into HyTrust QA cycle
• It is used for SCAP testing and Vulnerability verification testing.
• Is deployed through vCenter.
Mantra-OS Virtualization and Security Kernel
• GrSecurity Kernel patch and OpenVZ Kernel patch.
• Ganeti for Virtual Cluster
• KVM implementation as secondary layer of virtualization.
Mantra-OSContainers and
Sandboxing
• OpenVZ is used as container controller and lxc with arkose d-bus hook to sandbox desktop.
• Libvirtd is used as a job handler for virtualization with glib hook.
Mantra-OSVirtual Core
Mantra-OSEnhanced Security
• IDS protection with suricata
• Artillery and honeyd for IPS protection
• Container based sandboxing
• AppArmor, SElinux
Mantra-OSSecurity Audit Tools
• OWASP Zap
• Burp
• Maltego
• Metasploit & Armitage
• Zenmap
Mantra-OSPacket Capture
• Ettercap
• Wireshark
Mantra-OSWeb Application
Scanners
• Skipfish
• Nikto
• Gruyere
Mantra-OSSQL Injection
• Sqlbrute
• Sqlmap
• Sqlmap intergration with Zap
Mantra-OSIntel Collection
• Maltego