Cycraft Intern Assignment - Domain Weaknesss Scanning
這是我在面試Cycraft的時候被分到的作業,需要實作一個Domain Weakness Scanning的程式,要在兩周內完成。
Scanning for Domain Weaknesses In this exercise, our goal is to passively identify weakness for a specified domain or IP address.
Please develop a system that conducts a passive scan of the domain to gather general information such as ASN, Abuse Contact, open ports, and certificates. Subsequently, analyze the collected data to summarize any security risks associated with the domain.
Please note that only passive scanning methods are permitted, which means using third-party data or accessing information legally without sending exploits or probes.Input: Provide a domain or IP address
Output:
- General information obtained
- Identified security risks or weaknesses
Analysis
因為題目要求Passive Scan得到資訊,所以一開始要先去找能用的3rd-party API。我找到了Censys,可以用來查詢Domain的資訊。
再來要去調查有哪些資訊可以當作Domain的Weakness。
最後就是實作了,找到了一些Python的套件可以用。
Project Components
Domain Information Gathering
- DNSSEC
- Certificate (via Censys)
- Services on Open Ports (via Censys)
- ASN
Security Risk/Weakness Analysis
- ASN Reputation analysis (後來沒做)
- Validity of the Abuse Contact
- Domain Hijacking (DNSSEC)
- NVD Vulnerabilities via Service CPE (Cross-reference with NVD database)
- SSL/TLS Configuration (Check HTTPS, HSTS, etc.)
- Check HTTP 200 response (後來沒做)
Summarize的部分我用Prompt去問Google最近在推的Gemini新模型。
Implementation
- Python packages:
- ipwhois
- censys
- nvdlib
Result
最後我用Flask包成一個web application,輸入Domain name或是IP adress就可以看到Whois、Host還有Gemini的總結
Github link