OWASP Mantra-OS Because the world is cruel

About Me Attended United Stated Air Force Institute of Technology Defense Acquisition University Platform Security Engineer at

What is Mantra-OS? Mantra-OS is a virtualized attack platform designed around Mantra Security toolkit and OWASP WTE repository.

What was Mantra-OS developed for? SCAP testing and professional pen-testing environment optimized for virtual environments. Such as vSphere, XenDesketop, OpenStack, oVirt. Installation media iso and deployable ovf/ova.

Mantra-OS & HyTrust Mantra-OS was implemented into HyTrust QA cycle It is used for SCAP testing and Vulnerability verification testing. Is deployed through vCenter.

Mantra-OS Virtualization and Security Kernel GrSecurity Kernel patch and OpenVZ Kernel patch. Ganeti for Virtual Cluster KVM implementation as secondary layer of virtualization.

Mantra-OS Containers and Sandboxing OpenVZ is used as container controller and lxc with arkose d-bus hook to sandbox desktop. Libvirtd is used as a job handler for virtualization with glib hook.

Mantra-OS Virtual Core

Mantra-OS Enhanced Security IDS protection with suricata Artillery and honeyd for IPS protection Container based sandboxing AppArmor, SElinux

Mantra-OS Security Audit Tools OWASP Zap Burp Maltego Metasploit & Armitage Zenmap

Mantra-OS Packet Capture Ettercap Wireshark

Mantra-OS Web Application Scanners Skipfish Nikto Gruyere

Mantra-OS SQL Injection Sqlbrute Sqlmap Sqlmap intergration with Zap

Mantra-OS Intel Collection Maltego