Hackers of India

Omniscient

By  Pramod Rana  on 06 Mar 2020 @ Nullcon

This Tool Demo covers following tools where the speaker has contributed or authored
LETSMAPYOURNETWORK

Abstract

Omniscient - Lets Map Your Network" aims to provide an easy-to-use & point-in-time interface to security engineer and network administrator to represent their network in graphical form with zero manual error. It also monitors the ‘identified’ network with user-defined periodicity and provides the analytics on rogue systems/devices present in network.

It is utmost important for any security engineer/network administrator to understand their network first before securing/managing it and it becomes a daunting task to have a ‘true’ understanding of a widespread network, specially with the adaption of Cloud. In a mid to large level organisation’s network having a network architecture diagram doesn’t provide the complete understanding of network and manual verification is a nightmare. Hence in order to secure entire network it is important to have a complete picture of all the systems which are connected to your network, irrespective of their type, function, technology etc.

BOTTOM LINE - YOU CAN’T SECURE WHAT YOU ARE NOT AWARE OF.

Omniscient does it in two phases:

Learning: In this phase, Omniscient ’learns’ the network by utilising passive network enumeration, active scans and upload of existing CMDB for on-premises network; and by querying the APIs for cloud networks. Then it builds graph database leveraging the responses of all learning activities. User can perform any of the learning activities at any point of time and Omniscient will incorporate the results in existing database. Monitoring: This is a continuous and automatic process, where Omniscient monitors the ‘identified’ network (with user-defined periodicity) for any changes, compare it with existing information and update the graph database accordingly.