Sunday, July 5, 2020

Openfaas and infosec uses

OpenFaaS:

OpenFaaS is a function as a service project that can be self-hosted, much like AWS Lambda or Google Functions. Essentially, instead of writing a full project that does various things, you write and maintain functions instead. OpenFaaS can be deployed with Docker Swarm, Kubernetes, and OpenShift.

OpenFaaS documentation is pretty clean and easy to understand. To use it, you need either Docker Swarm, Kubernetes, or OpenShift. Once you deploy OpenFaaS, you need to create a function and deploy it. There are several ways to supply data to the function, one of them is via http requests.

You can use function in sync or async way, without modifying any code at all. You just modify the URL you're sending the http requests too. In addition to that, OpenFaaS will do scaling on its own. If you're using a function a lot and OpenFaaS will spin up containers for that specific function automatically. It's also possible to utilize ci/cd with OpenFaaS to ensure that deploying changes to functions is easy and quick.

I've been mainly experimenting with OpenFaaS on Vultr but it's also possible to play with it in Docker Playground.

Infosec use cases:

I looked through some of my past projects and I can see myself using OpenFaaS if I were to rewrite them. For example, file analysis. It is possible to combine OpenFaaS with other technologies such as Redis (to keep track of operations) and Minio (to allow download/upload of files/artifacts inside of functions) to analyze malicious files or extract metadata from files. In addition to this, you can also implement machine learning and analyze features of a bunch of PE files in a function and return info about if they are malicious or not.

Another use case is analyzing phishing links. I wrote a golang project that takes links from phishtank and splits them into more URLs recursively and checks each URL to see if there is an open directory. It's possible to completely implement this with OpenFaaS. For example, you can send phishtank data to OpenFaaS function every 8 hours and split each link into multiple URLs, send URLs to another function to detect open directory, finally send the URLs that have open directory to another function that downloads files (this would be phishing kit zip files in most cases) from the open directory.

Log analysis or enrichment is another use case. For example, if you were receiving logs about remote sign-ins, you could send the logs in batches or individually to a function or functions to extract IP and do log enrichment based on API lookups for the IP or finding geolocation.

OpenFaaS can be useful for doing analysis of forensic artifacts. If you're working an incident and need to analyze artifacts from hundreds of computers, you can collect the evidence, throw it in Minio, have a bunch of functions to analyze the evidence, maybe even send the output to another set of functions for enrichment before sending the final evidence to storage or SIEM.



I discovered the OpenFaaS project earlier this month and it has been fun to play with and I can see myself using it a lot. Being able to deploy and maintain specific functions instead of a huge application is much easier for me. Also not having to write code that's threaded and OpenFaaS doing automated scaling is very nice.

Links:

https://www.openfaas.com/
https://docs.openfaas.com/deployment/
https://docs.openfaas.com/reference/triggers/
https://docs.openfaas.com/reference/async/
https://docs.openfaas.com/reference/cicd/intro/
https://www.vultr.com/docs/deploying-openfaas-using-docker-swarm
https://docs.openfaas.com/deployment/play-with-docker/
https://redis.io/
https://min.io/
https://www.phishtank.com/
https://blog.alexellis.io/openfaas-storage-for-your-functions/
https://youtu.be/XiagsmRVoNY

https://www.vultr.com/?ref=7127410 (Affiliate link...)

15 comments:

  1. Hello Everyone !

    USA Fresh & Verified SSN Leads along with Driving License/ ID Number, AVAILABLE with 99.9% connectivity
    All Leads have genuine & valid information.

    **DETAILS IN LEADS**
    First Name | Last Name | SSN | Dob | Driving License Number | Address | City | State | Zip | Phone Number | Account Number | Payday | Bank Name | Employee Details | IP Address

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If anyone buy in bulk, we can negotiate
    *Sampling is just for serious buyers

    ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
    ->$5 PER EACH

    ->Hope for the long term Business
    ->Interested buyers will be welcome

    **Contact 24/7**
    Whatsapp > +923172721122
    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    ReplyDelete
    Replies
    1. CRYPTO ACCOUNT TAKEOVER (ATO) & FAKE INVESTMENT ARE ON THE RISE. attacks are on the rise and they are costing individuals, businesses, and organizations significant financial and damage that are often difficult to recover quickly. When it comes to Binary Options, there are quite people who have been taken for a ride by a Brokers and at a result of this many have lost a large amount of money to Fake Binary Option Scammers

      Cybercriminals use stolen credentials such as usernames and passwords obtained by malware and social engineering to gain sensitive information, and they’re using that same data to access websites and banks/Bitcoin accounts wallet to transfer money, execute fraudulent transactions and bring people down to a Zero point financially.

      D-hackers is a multinational equipped Hackers come together as a team to track down & to recover whatever that has being stolen from you from the most difficult internet SCAMMERS. NOTE!! We've received countless heartbreaking reports of notorious cyber scammers and we’ve successful recover them back.

      contact us on
      1⃣Binary Recovery.
      2⃣Files Recovery
      3⃣School Graded & Exam Questions
      4⃣Password Bypass / Recovery
      5⃣Malware Removal / Erase Criminal Records
      6⃣Blank ATM Card
      7⃣Social Media Hack
      8⃣Remote Mobile Monitoring & Hacking
      9⃣Clear Bad Credit
      🔟Private Key Reset

      Relate whatever it is to City Center Of Binary Option Service & allow us give you positive result with our hacking skills. Visit our BLOG page D-hacker.banaryoptionsport.com
      Email 📩 binaryoptionservice01@gmail.com pointekhack@gmail.com cyberhackertap@gmail.com we Guarantee you up to %85
      REMEMBER YOUR HAPPINESS IS OUR PRIDE

      Delete
    2. CRYPTO ACCOUNT TAKEOVER (ATO) & FAKE INVESTMENT ARE ON THE RISE. attacks are on the rise and they are costing individuals, businesses, and organizations significant financial and damage that are often difficult to recover quickly. When it comes to Binary Options, there are quite people who have been taken for a ride by a Brokers and at a result of this many have lost a large amount of money to Fake Binary Option Scammers

      Cybercriminals use stolen credentials such as usernames and passwords obtained by malware and social engineering to gain sensitive information, and they’re using that same data to access websites and banks/Bitcoin accounts wallet to transfer money, execute fraudulent transactions and bring people down to a Zero point financially.

      D-hackers is a multinational equipped Hackers come together as a team to track down & to recover whatever that has being stolen from you from the most difficult internet SCAMMERS. NOTE!! We've received countless heartbreaking reports of notorious cyber scammers and we’ve successful recover them back.

      contact us on
      1⃣Binary Recovery.
      2⃣Files Recovery
      3⃣School Graded & Exam Questions
      4⃣Password Bypass / Recovery
      5⃣Malware Removal / Erase Criminal Records
      6⃣Blank ATM Card
      7⃣Social Media Hack
      8⃣Remote Mobile Monitoring & Hacking
      9⃣Clear Bad Credit
      🔟Private Key Reset

      Relate whatever it is to City Center Of Binary Option Service & allow us give you positive result with our hacking skills. Visit our BLOG page D-hacker.banaryoptionsport.com
      Email 📩 binaryoptionservice01@gmail.com pointekhack@gmail.com cyberhackertap@gmail.com we Guarantee you up to %85
      REMEMBER YOUR HAPPINESS IS OUR PRIDE

      Delete
  2. Need The To Hire A Hacker❓ Then contact PYTHONAX✅

    The really amazing deal about contacting PYTHONAX is that the Hack done by us can’t get traced to you, as every Hacking job we do is strongly protected by our Firewall. It’s like saying if anyone tries to trace the Hack, it will lead them to us and we block whatever actions they are doing.

    We have been Invisible to Authorities for almost a decade now and if you google PYTHONAX, not really about us comes out, you can only see comments made by us or about us.

    Another Amazing thing to you benefit from Hiring our Hackers is that you get a Legit and the best Hacking service, As we provide you with Professional Hackers who have their Hacking Areas of specialization.
    We perform every Hack there is, using special Hacking tools we get from the dark web.

    Some list of Hacking Services we provide are-:
    ▪️Phone Hacking & Cloning ✅
    ▪️Computer Hacking ✅
    ▪️Emails & Social Media Account Hacking✅
    ▪️Recovering Deleted Files✅
    ▪️Tracking & Finding People ✅
    ▪️Hunting Down Scammers✅
    ▪️Hack detecting ✅
    ▪️Stealing/Copying Files & Documents From Restricted Networks and Servers ✅
    ▪️Credit Score Manipulation ✅
    ▪️ Deleting Criminal Records✅
    ▪️Bitcoin Multiplication✅
    ▪️Binary Option Money Recovery ✅
    ▪️Scam Money Recovery✅ And lots more......

    ✳️ SPECIAL HACKING SERVICES-: we also specialize in Scam Bounty, as we chase down SCAMMERS and help individuals RECOVER Money stolen from them by this online SCAMMERS. Please be watchful about this SCAMMERS. They post ❌ENTICING TESTIMONIES and it quite Convincing.


    Whatever Hacking service you require, just give us an Email to the Emails Address provided below.
    pythonaxhacks@gmail.com
    pythonaxservices@gmail.com

    PYTHONAX.
    2020 © All Right Reserved.

    ReplyDelete
  3. Please everyone should be careful and stop being deceived by all these brokers and account managers, they scammed me over $50,000 of my investment capital, they kept on requesting for extra funds before a withdrawal request can be accepted and processed, in the end, I lost all my money. All efforts to reach out to their customer support desk had declined, I found it very hard to move on. God so kind I followed a broadcast that teaches on how scammed victims can recover their fund, I contacted the email provided for consultation, I got feedback after some hours and I was asked to provide all legal details concerning my investment, I did exactly what they instructed me to do without delay, to my greatest surprise I was able to recover my money back including my profit which my capital generated. I said I will not hold this to myself but share it to the public so that all scammed victims can get their funds back. Direct WhatsApp contact: +1 (519) 398-1460

    Removing Bad Records from Both Public and Private Databases?

    ReplyDelete
  4. HELLO
    Loan Offer Alert For Everyone! Are you financially down and you need an urgent credit/financial assistance? Or are you in need of a loan to start-up/increase your business or buy your dream house. GET YOUR INSTANT LOAN APPROVAL 100% GUARANTEED TODAY NO MATTER YOUR CREDIT SCORE. WhatsApp:+19292227023 Email: drbenjaminfinance@gmail.com
    Capital Managements Inc Website: https://capitalmanage-inc.com/

    ReplyDelete

  5. Have you been defrauded by deceptive Bitcoin traders? Or are you seeking to recover funds you lost on telegram accounts to take over hackers/rippers?. I personally will recommend no one other than This is the least I could do for them after they saved my life by helping me recover up to 3.966BTC in less than two weeks from an online ripper lately. I got referred to them via my colleague at work , they also helped his spouse recover tokens and coins lost to scams .I'm glad I got in contact with this specialist because I would have most likely fallen victim to another online fraudster all in the name of them trying to help me. I owe this people a lot because it is so hard to see legit help online. Are you having similar issues with your BTC Wallet,Don't get scammed by these online fraudsters, contact jeansonjamesancheta7@gmail.com or text him on WhatsApp +1 (559) 851-5537 they are the most efficient and most trusted recovery expert on here

    ReplyDelete
  6. Hello, my name is Jeff, I just want to take this moment to testify to the help I got from Secure2invest.com. Tow months back, I invested $23000 worth of Btc in an investment company called Bulbfinance. I was ripped of my investment and profits, afterwards I was left with nothing because I invested all I had into the company. It was a tough time for me until a friend referred me to a crypto recovery service (Secure2invest.com) Thanks to the quality help I was able to recover back my scammed Btc within a period of 5 working days. It all looked like it was impossible from the beginning until I recovered it all. I really appreciate the help I got and I urge all that are in need of a recovery service to contact Secure2invest.com now. Thanks.

    ReplyDelete
  7. Amazing unique article direct to the point. Trust me the way you interact is literally awesome I do respect that so much. I will instantly get your rss feed to stay informed of any updates you make and as well take the advantage to share some vital information regarding the
    G21 Gen 4 – a Semi-Automatic Pistol which many are not yet informed of it advantages compared to the other Semi automatic revolvers. Not over demanding, I will also take the advantage to ask for your permission to join our 179.3k members TELEGRAM CHANNEL
    As to share with us your ideas or any latest update on your blog.
    Thanks .

    ReplyDelete
  8. I will strongly love to recommend the services of the best team of dark web hackers. they are professional and very discreet in carrying out their jobs, they have the best customer service agents and satisfaction at heart. If you have any services you wish to contact them for, go on albertgonzalezwizard (@) gmail com / Whatassp +31684181827 or Telegram:  +31687920980. They help track and monitor your cheating partner's phone without his idea, clear or erase criminal records as well as repair a bad credit score, all social media hacks,funds recovery and many others.

    ReplyDelete
  9. DO YOU NEED A PERSONAL/BUSINESS/INVESTMENT LOAN? CONTACT US TODAY VIA WhatsApp +19292227023 Email drbenjaminfinance@gmail.com

    HELLO
    Loan Offer Alert For Everyone! Are you financially down and you need an urgent credit/financial assistance? Or are you in need of a loan to start-up/increase your business or buy your dream house. GET YOUR INSTANT LOAN APPROVAL 100% GUARANTEED TODAY NO MATTER YOUR CREDIT SCORE. WhatsApp:+19292227023 Email: drbenjaminfinance@gmail.com

    ReplyDelete
  10. i was lost with no hope for my wife was cheating and had always got away with it because i did not know how or
    always too scared to pin anything on her. with the help a friend who recommended me to who help hack her phone,
    email, chat, sms and expose her for a cheater she is. I just want to say a big thank you to
    HACKINTECHNOLOGYatGMAILdotCOM . am sure someone out there is looking for how to solve his relationship problems, you can also contact him for all sorts of hacking job..he is fast and reliable. you could also text +1 213-295-1376(whatsapp) contact and thank me later
    telegram +16692252253

    ReplyDelete
  11. I promised I was going to post a review about them & well i have always used these guys for RELIABLE PRIVATE ONLINE INVESTIGATIONS Have you ever needed an expert when it comes to hacking? Have you ever wanted to hack someone’s email account? Recover lost accounts,school grade,boost credit score? Do you need to find a person’s sensitive information? Do you want to invade a person’s PayPal, Skrill, Amazon, Facebook or any other site account? Upgrade of University Grades,Password and email Retrieval, phone Lines monitoring, Skype Accounts, Hack Social Network, Trace calls on real time conversations, Remove Criminal Records, Credit Fixing, cyber-crime investigation, Hack Bank Accounts, Identification of Cheating Partner or employee,Then contact Mr Ross King;
    Email / Hangout:- stocktipsandethicalhacking2020@gmail.com
    Telegram / Business Whatsapp :- ‪ +1 (925) 291-0054‬) or click on this link to chat on whatsapp https://wa.me/message/REE2BBXU4CEYF1

    ReplyDelete
  12. I am so delighted I found your weblog, I really found you by accident,
    while I was researching on Bing for something else, Regardless I am here now and would just like to say thank you for a fantastic post and a all round entertaining blog (I also love the theme/design), HOW TO GET A FAKE DRIVERS LICENSE THAT WORKS FROM THE DMV I don't have time to go through it all at the minute but I have bookmarked it and also added your RSS feeds, so when I have time I will be back to read a lot more, Please do keep up the excellent job.

    ReplyDelete
  13. Very interesting Topic. Many articles I come across these days do not really provide anything that attracts others as yours, but believe me the way you interact is literally awesome I do respect that so much. I will instantly grab your rss feed to stay informed of any updates you make and as well take the advantage to share some latest information about

    UNDETECTED FAKE BANK STATEMENTS FOR LOAN APPROVAL which many are not yet informed of the new and easiest way to get loan from any lender world wide through this undetected fake bank statement for loan eligibility in any country and their advantages over the normal way using your normal bank statement. I will also take the advantage to ask for your permission to join our 179.3k members TELEGRAM GROUP
    to share with us your ideas or any latest update on your blog.
    Thanks I am Scott from Globex, we are expecting you on our platform
    Thank so much for the great job.

    ReplyDelete