Use scrapli to retrieve security zone information from a Juniper SRX firewall

Last update: Jun 19, 2022

Overview

Get Security Zones with Scrapli

Overview

This example will show how to retrieve security zone information on Juniper's SRX firewalls.

In addition to the Python script, this project also ships with additional tools to help you along your way. You will find a Dockerfile for running the project in an isolated environment, and an Invoke tasks.py file for those of us that hate typing out everything all the time.

⚙️ `How it works`

The data is collected from the firewalls by issuing NETCONF RPCs to retrieve the data as XML, to which we will convert into a Python dictionary.

Let's take a second to review the documentation in the files/docs/ directory.

Name	Description
app_async.py	Retrieve security zone information from SRX with `asyncio`
app_sync.py	Retrieve security zone information from a single SRX

📝 `Dependencies`

Refer to the Poetry Lock file located at poetry.lock for detailed descriptions on each package installed.

🚀 `Executing the script`

This project provides two unique methods of executing the playbook:

Executing with Docker | Execute with Docker

Executing with Python | Execute with Python

Use scrapli to retrieve security zone information from a Juniper SRX firewall

Related tags

Overview

Get Security Zones with Scrapli

Overview

⚙️ `How it works`

📝 `Dependencies`

🚀 `Executing the script`

Owner

Calvin Remsburg

Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3

Reverse engineered Parler API

These are Simple python scripts to test/scan your network

Internationalized Domain Names for Python (IDNA 2008 and UTS #46)

DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'

Local File Inclusion Scanner and Exploiter

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

MassStringer, CTF Flag Finder

A guide to building basic malware in Python by implementing a keylogger application

AutoScan 有多个目标时，调用xray+rad进行自动扫描

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals.

Meterpreter Reverse shell over TOR network using hidden services

This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

About Hive Burp Suite Extension

Use scrapli to retrieve security zone information from a Juniper SRX firewall

Related tags

Overview

Get Security Zones with Scrapli

Overview

⚙️ How it works

📝 Dependencies

🚀 Executing the script

Owner

Calvin Remsburg

Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

Mass Shortlink Bypass Merupakan Tools Yang Akan Bypass Shortlink Ke Tujuan Asli, Dibuat Dengan Python 3

Reverse engineered Parler API

These are Simple python scripts to test/scan your network

Internationalized Domain Names for Python (IDNA 2008 and UTS #46)

DependConfusion-X Tool is written in Python3 that scans and monitors list of hosts for Dependency Confusion

How to exploit a double free vulnerability in 2021. 'Use-After-Free for Dummies'

Local File Inclusion Scanner and Exploiter

A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

MassStringer, CTF Flag Finder

A guide to building basic malware in Python by implementing a keylogger application

AutoScan 有多个目标时，调用xray+rad进行自动扫描

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals.

Meterpreter Reverse shell over TOR network using hidden services

This is python script that will extract the functions call in all used DLL in an executable and then provide a mapping of those functions to the attack classes defined and curated malapi.io.

About Hive Burp Suite Extension

⚙️ `How it works`

📝 `Dependencies`

🚀 `Executing the script`