Skip to content

VIDEO

The Key to Surviving the Internet

Our inaugural episode focuses on asset management. Why is it important (and difficult)? How do you ACTUALLY do it? And how can PlexTrac be the single, centralized platform for your asset management efforts?

Category: Asset Management, Blue Teaming, Thought Leadership

   BACK TO VIDEOS

Transcript

Hi. I’m Joe Pierini plex trax product evangelist. And this is A Cup of Joe.

If you read my recent blog post, asset management is the key to surviving driving the Internet. You probably agreed with me that asset management, while a seemingly simple thing to do, can be ridiculously hard in actual practice, it requires a continuous approach to monitoring your assets and storing those assets in a single centralized location. Sure, there are plenty of asset management systems that you can go out and buy, like Manage Engines, Asset Explorer or Avanti or Asset Panel. But these tools have a steep learning curve and require additional hardware or may have costs that put them out of the reach of many It shops. However, customers of PlexTrac have a handy way of collecting and storing all of their assets for use in pentests, blue teaming and purple teaming engagements. Let me show you. Let’s log in to our PlexTrac portal, go to clients and select the client name or project name.

Then let’s click on View Assets and then the upper right hand corner, import Assets. Now here we can upload an Nmap scan saved in an XML format or a CSV in a PlexTrac asset format. Importing an Nmap is probably the easiest. Now, at the beginning of your engagement, your client has probably given you a spreadsheet or text files with a list of subnets and some random IPS or domain names. We’ll put them all in a text file and fire up Nmap.

I have previously set up the syntax here to avoid the demo gods. And we are going to run Nmap with an input list of targets. TXT that file there and then a SM to tell Nmap to not do a ping scan. I don’t want to accidentally throw any packets at my customer until we’ve been given the go ahead. And then I want to do a PN to tell Nmap to treat everything as up and then ouppercase x for import XML, and that’s the output file that it’s going to give us. And we make sure we’ve highlighted that, press Enter and that’s done super quick. And there’s our import XML file.

We will drag it over to the import assets, double check, make sure Nmap selected, then check upload. Well, that was it. That was fast. That’s all it took. Now, all of the assets that we were given by our customer are now up in the PlexTrac platform, ready for us to use. I listed a number of tools let me come back that you could use to DIY the data collection step of asset management. And in this video, I wanted to suggest one more that I’ve been using as part of my open source intelligence toolkit for years.

It’s called Sublister. Now, Sublister is a subdomain discovery tool written in Python that has been designed to enumerate subdomains of websites using data from publicly available sources. It’s also integrated with the brute force tool subroot to find even more domains using brute force techniques with a supplied wordlist, say a list of company names. Now, without going into too many of the gritty details, to install sublister, you would first get cloned it from GitHub, install all the necessary dependencies, and you’re pretty much ready to go. It runs on Windows and Mac and Linux. So want to give it a try? Here we are. And get rid of that again, I have previously set this up, and we’ll set it up to do the Python sublifter.

Now we’re going to invoke Pythonfirst sublifter PY thed says what’s coming after this is now the domain we’ll use, the pierini domain that I own, and we’ll output the file as Pierini. Great. Let’s launch this. And it will take a minute or two. It looks like we’ve locked ourselves out of virus total from all of the practice sessions I’ve been running today. Oops, it’s going through Yahoo, google, and okay, it’s found seven. Now let’s take the file that we had just made and convert it into that nice Nmap format.

So we’re back to Nmap, input the file this pierini that we just created, the SN that says no pinging, and then the PN that says treat. Everything is up, and we’ll output it as import pierini XML and boom, in seconds, it’s done. Then let’s go back into our PlexTrac platform, click Import Assets, drag our import pierini XML right back over.

Not too tough.

Let’s see where it is here.

All right. And there you have it. Another tool in your arsenal that you can use to find and manage your assets. So until next time, this is Joe Pierini, Flex Tracks product Evangelist, wishing you goodbye and happy hacking working.