tenable/routeros tenable/routeros

  • Stars
    star
    838
  • Rank 53,126 (Top 2 %)
  • Language
    C++
  • License
    BSD 3-Clause "New...
  • Created almost 6 years ago
  • Updated over 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
tenable/routeros
github

tenable

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

RouterOS Security Research Tooling and Proof of Concepts

RouterOS Security Research

This repository contains various tools and exploits developed while performing security research on MikroTik's RouterOS. The various projects are broken up into the following subdirectories:

  • 8291_honeypot: A honeypot that listens for Winbox messages.
  • 8291_scanner: A scanner that attempts to talk Winbox to a provided list of IP addesses.
  • brute_force: A couple of tools for guessing the admin password on the winbox and www interfaces.
  • cleaner_wrasse: A tool to enable the devel backdoor on the majority of RouterOS releases.
  • common: Winbox and JSProxy implementations used across multiple projects.
  • modify_npk: A tool that overwrites an NPK's squashfs section with a new squashfs.
  • msg_re: Tools for discovering Winbox message routing and handlers.
  • pcap_parsers: Various tools that parse Winbox or JSProxy pcap files.
  • poc: Proof of concept exploits.
  • slides: Slides from talks given on this repositories material.
  • tests: A set of unit tests that test the Winbox/JSProxy implementations

For much more detail drill down into the individual directories.

Compilation Requirements

Almost everything here is written in C++ (there are only two exceptions). In order to compile everything you'll need:

  • cmake
  • Boost 1.66 or higher

For a couple of projects you'll also need:

Each project should contain specific instructions but, in general, the following should be sufficient.

mkdir build
cd ./build/
cmake ..
make

Submitting an Issue

When submitting an issue, please ensure that you have included sufficient information to reproduce the issue. Test files, pcaps, and step by step guides are always welcome. Also, please keep in mind that we only support the following OS:

  • Ubuntu 19.04+

Submitting a Pull Request

When submitting a pull request, please try to provide proof that you tested your work. Indicate how I can test it and perhaps most importantly, please try to not to stray from my coding style... as terrible as it is.

License

This repository is released under the 3-clause BSD license. See the LICENSE file for details.

Other Projects

There are other researchers doing neat RouterOS work. Here are a few I know of:

More Repositories

1

terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Go
4,472
star
2

poc

Proof of Concepts
Python
1,181
star
3

nessrest

A python library for using the new Nessus REST API.
Python
386
star
4

pyTenable

Python Library for interfacing into Tenable's platform APIs
Python
332
star
5

ghidra_tools

A collection of Ghidra scripts, including the GPT-3 powered code analyser and annotator, G-3PO.
Python
288
star
6

awesome-llm-cybersecurity-tools

A curated list of large language model tools for cybersecurity research.
278
star
7

pi_sniffer

The pocket-sized wireless sniffer
C++
202
star
8

router_badusb

BadUSB in Routers
Shell
190
star
9

upnp_info

A simple script for discovery and analysis of UPnP servers
Python
158
star
10

esp32_image_parser

A toolkit for helping you reverse engineer ESP32 firmware.
Python
137
star
11

DiscordClient

Python
96
star
12

Posh-Nessus

PowerShell Module for automating Tenable Nessus Vulnerability Scanner.
PowerShell
88
star
13

KaiMonkey

KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
HCL
85
star
14

Tenable.io-SDK-for-Python

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.
Python
83
star
15

EscalateGPT

An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
Python
81
star
16

audit_scripts

Scripts to help work with configuration audit files
Python
76
star
17

Burp-extension-for-GPT

an extension for Burp Suite to allow researchers to utilize GPT for analys is of HTTP requests and responses
Python
74
star
18

integration-jira-cloud

Python
65
star
19

yara-rules

Repository of yara rules
YARA
55
star
20

terrascan-action

Terrascan GitHub action. Scan infrastructure as code including Terraform, Kubernetes, Helm, and Kustomize file for security best practices.
Shell
47
star
21

nasl

A parser for NASL.
Ruby
43
star
22

flask-logging-demo

Demo files for 'The Boring Stuff - Flask Logging' blog post
Python
34
star
23

mIDA

C++
32
star
24

audit_files

Nessus Audit files
31
star
25

Security-Hub

For use in our Tenable.IO to AWS Security Hub integration
Python
24
star
26

terrascan-rego-editor

Visual Studio Code extension for writing Terrascan Rego policies
TypeScript
18
star
27

nasldoc

A documentation generator for NASL.
Ruby
17
star
28

pedant

A static analysis framework for NASL.
Ruby
14
star
29

sublimetext-nasl

13
star
30

accurics-action

The Accurics GitHub Action scans Infrastructure as Code files checked into the respository to help ensure that cloud resources are secure and compliant from creation.
Shell
13
star
31

Kastle

A purely functional, effectful, resource-safe, kafka library for Scala
Scala
12
star
32

csup

Tenable.io Container Security Uploading and Reporting Commandline Tool
Python
11
star
33

microfrontend-demo-app

JavaScript
11
star
34

SinCity

Python
11
star
35

integration-asc

Python
10
star
36

vim-nasl

Vim extensions for programming in NASL
Vim Script
9
star
37

runterrascan.io

CSS
8
star
38

golden-ami-pipeline-with-tenable-sample

The golden AMI pipeline enables creation, distribution, verification, launch-compliance, and decommissioning of the golden AMI out of the box. This version of the pipeline integrates with Tenable.io for vulnerability assessments.
6
star
39

container-security-action

Tenable's Container security action which helps scan docker images.
Python
6
star
40

notepadpp-nasl

5
star
41

integration-cef

Python
5
star
42

was-action

Github action to trigger WAS
Python
5
star
43

cloud-snapshot-automation

Templates for creating Cloud Snapshots
HCL
4
star
44

splunk-app-pvs

This app provides Splunk dashboards and reporting for Tenable PVS
HTML
4
star
45

presentations

4
star
46

integrations-ibm-cloudpak-for-security

Python
4
star
47

Tenable.ad-EventsLogs-Subscriber

Tenable.ad IOA module event logs listener
Rust
4
star
48

entra-id-federation-abuse-research-required-roles

PowerShell
4
star
49

UncoverDCShadow

PowerShell
3
star
50

integration-cscc

Tenable.io to Google Cloud Security Command Center Bridge
Python
3
star
51

emacs-nasl

Emacs Lisp
3
star
52

tenablecs_demo

HCL
2
star
53

asm-python-examples

Bit Discovery REST API scripts
Python
2
star
54

labs

1
star
55

accurics-vscode

TypeScript
1
star
56

WSUSpendu

PowerShell
1
star
57

nasl-layer

Spacemacs layer for NASL
1
star
58

asm-asset-importer

Scripts to integrate BitDiscovery data with Tenable
Python
1
star
59

atom-grammar-nessuskb

Grammar file for Nessus KB files.
CoffeeScript
1
star
60

accurics-orb

The Accurics CircleCI Orb scans IaC (Infrastructure as Code) to help identify vulnerabilities prior to cloud deployment.
Shell
1
star
61

helm-charts

Smarty
1
star