GithubHelp home page GithubHelp logo

isabella232 / unmasking_data_leaks Goto Github PK

View Code? Open in Web Editor NEW

This project forked from duo-labs/unmasking_data_leaks

0.0 0.0 0.0 8 KB

The code from the talk "Unmasking Data Leaks: A Guide to Finding, Fixing, and Prevention" given at BSides SATX 2019.

License: BSD 3-Clause "New" or "Revised" License

Python 100.00%

unmasking_data_leaks's Introduction

This is the code from the talk Unmasking Data Leaks: A Guide to Finding, Fixing, and Preventing presented at BSides SATX 2019.

Usage

After cloning the repository, you need to install the requirements:

pip install -r requirements.txt

Online Usage

To gather live data, you'll need to uncomment scanner.py to import the proper libraries:

# For a real use-case you would use:
#
from censys.ipv4 import CensysIPv4
from elasticsearch import Elasticsearch
#
# from offline.censys.ipv4 import CensysIPv4
# from offline.elasticsearch import OfflineElasticsearch

Offline Usage

The script was developed to support a conference environment, where network access wasn't guaranteed. To that end, we've created the ability to cache data offline, and load that data from the filesystem.

The first step in this process is to gather the data. To do this, we have a script called bootstrap.py. Here's the usage:

python bootstrap.py -h
usage: bootstrap.py [-h] --api-id API_ID --api-secret API_SECRET

Gathers open Elasticsearch instances from Censys, storing the data offline

optional arguments:
  -h, --help            show this help message and exit
  --api-id API_ID       The Censys API ID (required)
  --api-secret API_SECRET
                        The Censys API secret (required)

This will gather data in the offline/data/ folder.

Scanner Usage

To scan Censys for open Elasticsearch instances, you can use scanner.py. Here's the usage:

python scanner.py -h
usage: scanner.py [-h] --api-id API_ID --api-secret API_SECRET

Gathers open Elasticsearch instances from Censys, storing the results in a CSV
file

optional arguments:
  -h, --help            show this help message and exit
  --api-id API_ID       The Censys API ID (required)
  --api-secret API_SECRET
                        The Censys API secret (required)

This will create a file called elasticsearch_instances.csv containing the CSV results for each discovered Elasticsearch instance.

Notes

While open Elasticsearch instances are inherently public, this code only gathers index names, field names, and record counts in order to avoid gathering the records themselves.

As data leaks are discovered, it's recommended to contact the owner for remediation.

unmasking_data_leaks's People

Contributors

jordan-wright avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.