mantra security framework - owasp · why mantra? •plenty of extensions available officially and...
TRANSCRIPT
![Page 1: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/1.jpg)
Mantra – Security Framework
Free and Open Source Browser based Security Framework
![Page 2: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/2.jpg)
Netscape Navigator
1994-1995
Internet Explorer
Microsoft came up with IE
Then it was time of Opera
Even though it was paid software at that time
Then Firefox came
With lots of bells and whistles
Google ChromeGoogle’s own web browser
![Page 3: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/3.jpg)
Mantra
Hack3r’s browser.!!!
![Page 4: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/4.jpg)
W5HWhat, Where, When, Why, Who and How
![Page 5: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/5.jpg)
What?
• What is Mantra?
• What is the use?
• What Mantra is NOT?
![Page 6: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/6.jpg)
What is Mantra ?
• Collection of hacking tools / add-ons
![Page 7: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/7.jpg)
What is Mantra ?
• A security framework that can aid in exploit development
– Security toolkit as of now
• Its built on top of browser
![Page 8: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/8.jpg)
What is Mantra ?
• Cross platform and flexible
• Free as in “Free Beer” and “Free Speech”
• Open Source
![Page 9: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/9.jpg)
What is the use?
• All the five phases of attacks
– Reconnaissance
– Scanning and enumeration
– Gaining access
– Escalation of privileges
– Maintaining access and
– Covering tracks
![Page 10: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/10.jpg)
What Mantra is NOT?
• Not a one click Pwnage tool
• Not mature enough to suit a particular need
– Don’t uninstall your Metasploit and W3af
• Not a replacement for your normal browser
• Not completely integrated
![Page 11: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/11.jpg)
Why Mantra?
• Plenty of extensions available officially and un-officially
• Analyzing each and every extension is tedious task
• Many extensions going unnoticed
• Security researchers should know the power of browser platform
![Page 12: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/12.jpg)
When you will be needing Mantra?
• TIME
– Life is all about timing
![Page 13: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/13.jpg)
Where?
• Where you can find it– Website
• getmantra.com
• owasp.org/index.php/OWASP_Mantra_-_Security_Framework
• code.google.com/p/getmantra
• sourceforge.net/projects/getmantra/
– Forums• getmantra.com/forums/
– Social Network• twitter.com/getmantra
• facebook.com/getmantra
![Page 14: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/14.jpg)
Who all needs it?
• If you are into
– Auditing
– Penetration testing
– Vulnerability Assessment
– Training
![Page 15: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/15.jpg)
Who all needs it?
• If you are a
– Black Hat
– White Hat and/or
– Grey Hat
![Page 16: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/16.jpg)
Who all are behind it?
• Core Team
– Sheeba V Sudevan
– Shahin R Krishna
– Gokul C Gopinath
– Abhi M Balakrishnan
– Yashartha Chaturvedi
• Testers
– HackIT Team
![Page 17: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/17.jpg)
How I can contribute?
• Become part of the community
• Code | Modify --> Extensions | Framework
• Design
– Themes
– Artworks
![Page 18: Mantra Security Framework - OWASP · Why Mantra? •Plenty of extensions available officially and un-officially •Analyzing each and every extension is tedious task •Many extensions](https://reader034.vdocuments.us/reader034/viewer/2022042805/5f6031ab0367a41fcc371fd3/html5/thumbnails/18.jpg)
How it works, looks ?
• Let me show you a demo
http://clubhack.blip.tv/file/4782270/http://clubhack.blip.tv/file/4782285/
http://clubhack.blip.tv/file/4782289/