Content

McAfee Foundstone Scripting Language Training

McAfee Product Education

Extend the power of Foundstone. Do you want to test vulnerabilities in proprietary and legacy systems, respond to breaking threats more efficiently, and increase the level of accuracy when you assess vulnerabilities in complex networks? The Foundstone Scripting Language (FSL) training course teaches you to write custom vulnerability checks for use with the Foundstone Enterprise product suite. We leverage knowledge from Foundstone Labs to show you how to implement the same processes our experts use to design, develop, and test new FSL vulnerability checks.

Tab Navigation

Course Details

Duration

2 days

Objectives

  • Overview of Foundstone Scripting Language
  • The Foundstone Scripting Language design process
  • How to modify existing Foundstone Scripting Language scripts
  • How to write custom Foundstone Scripting Language scripts
  • Detection types and methods
  • Vulnerability types
  • Language constructs
  • Script layout

Prerequisites

n/a

Course Agenda

Day 1

Overview

Below is list of topics covered in this training:

Foundstone Scripting Language overview

  • Vulnerability assessment
  • Rapid development of vulnerability detection scripts
  • Simple language
  • Template
  • Include functionality
  • Types of vulnerability checks
  • Detection types
  • Detection methods
  • Vulnerability types

Foundstone Scripting Language development process at Foundstone Labs

  • Identify vulnerability
  • Select vulnerability
  • Test environment setup
  • Author Foundstone Scripting Language script
  • Author vulnerability database entry
  • Peer review
  • Foundstone Scripting Language QA final approval
  • Database patch
  • Packaging of patch/script
  • Delivery to operations
  • Operations testing
  • Script moved to production

Foundstone Labs research

  • Discuss proprietary threat, vulnerability, and exploit research

Foundstone Scripting Language

  • Similarities to Microsoft® version of JavaScript
    • Procedural (main entry point)
    • Support for classes (structure)
    • Support for call by reference
  • Language constructs
    • Data types
    • Classes
    • Function calls
    • Comments
    • Include
  • Script layout
    • Heading (comment)
    • Headers (FSL.* functions)
    • Body

Day 2

Overview

Below is list of topics covered in this training:

Example overview (hands-on)

  • Microsoft registry string scripts
  • Microsoft registry DWORD scripts
  • Port detection scripts
  • Port detection and banner-grabbing scripts
  • Web banner scripts
  • CGI attack scripts
  • Wireless detection scripts

Making a simple script from scratch(advanced hands-on)

  • RPC vulnerability
  • Illustrate usage of tcpdump to capture network traffic to incorporate into check

Schedule and Registration

Course registration and schedule