Open-Source Tools For Information Security Community Released By Netspi

Enterprise Security Magazine | Friday, September 02, 2022

The technologies assist defense teams in identifying susceptible network shares and adversary actions.

Fremont, CA: NetSPI released two new open-source tools for the information security community: PowerHuntShares and PowerHunt.

Scott Sutherland, Senior Director at NetSPI, created these new adversary simulation tools to assist defense, identity and access management (IAM) and security operations center (SOC) teams in discovering susceptible network shares and improving detections.

PowerHuntShares

PowerHuntShares discovers, analyses, and reports excessive privileges allocated to SMB shares on Active Directory domain-joined PCs. This functionality assists in mitigating the risks associated with excessive share permissions in Active Directory systems, which can result in data exposure, privilege escalation, and ransomware attacks in business environments.

PowerHunt

PowerHunt, a modular threat hunting platform, analyses abnormalities and outliers particular to the target environment and identifies evidence of compromise based on artifacts from typical MITRE ATT&CK procedures. PowerHunt uses PowerShell remoting to automate the collecting of artifacts at scale and to do preliminary analysis. It can also provide an easily consumable product. CSV files, allowing for extra screening and analysis with other tools and procedures.

NetSPI's global penetration testing team has created several open-source tools, including the popular PowerUpSQL and MicroBurst penetration testing tools. More information regarding NetSPI's commitment to open-source tool development may get found in the company's tool repository.

"I'm proud to work for an organization that understands the importance of open-source tool development and encourages innovation through collaboration," said Scott. "I urge the security community to check out and contribute to these tools so we can better understand our SMB share attack surfaces and improve strategies for remediation, together."

Weekly Brief