MozillaWiki

Security/Automation

< Security
Revision as of 17:43, 30 October 2013 by Psiinon (talk | contribs) (→‎Plug'n'Hack)

Security Automation is a transversal group at Mozilla that is interested in building security tools. Projects such as Zap, Zest, Plug-and-hack, Minion and MIG are part of the security automation group. Members meet weekly to discuss their projects, share ideas and showcase new features.

Weekly meeting

The weekly Security Automation meeting happens every tuesday at 1600UTC in the Vidyo room named "SecAutomation".

Guests are welcome, and can join the meeting using Guest access and the Vidyo client. The URL is https://v.mozilla.com/flex.html?roomdirect.html&key=JnK7KelYpMMu

Meeting notes

Projects

ZAP

ZAP, or more formally, the OWASP Zed Attack Proxy, is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

It supports Plug-n-Hack and is one of the tools supported by Minion.

Plug'n'Hack

Plug-n-Hack (PnH) is a proposed standard from the Mozilla security team for defining how security tools can interact with browsers in a more useful and usable way.

It makes configuring security tools to work with browsers much simpler and less error prone.

PnH also allows security tools to declare the functionality that they support which is suitable for invoking directly from the browser.

A browser that supports PnH can then allow the user to invoke such functionality without having to switch to and from the tool.

PnH is supported by Firefox and security tools like ZAP, Burp Suite and OWASP OWTF.

Minion

MIG

MIG is a platform that allows investigators to send actions to pools of agents. What the actions do depend on the modules available on the agent, the MIG platform tries to focus on providing a set of capabilities without getting too specific about actual actions.

For example: an investigator launches an action to search for an apache module that matches a given md5 value. MIG will register the action, find all the relevant targets and send messages to each target with the content of the action. Each agent then individually perform the action using the module locally, and send the result back to the MIG platform. The MIG platform monitors execution, and will rerun actions when necessary.

Agents are designed to be lightweight and secure. Modules are executed with minimum privileges, in sandboxes when possible.

MozDef

Retrieved from "https://wiki.allizom.org/index.php?title=Security/Automation&oldid=742196"