https://dlptest.com/
http://dataleaktest.com/
https://www.dlp-test.com/
https://www.dlptest.net/
https://dlptest.com/
http://dataleaktest.com/
https://www.dlp-test.com/
https://www.dlptest.net/
#Credit Card Number Identification:
alert tcp any any <> any any (pcre:”/4d{3}(s|-)?d{4}(s|-)?d{4}(s|-)?d{4}/”;msg:”VISA card number detected in cleartext”;content:”visa”;nocase;sid:9000000;rev:1;)
alert tcp any any <> any any (pcre:”/5d{3}(s|-)?d{4}(s|-)?d{4}(s|-)?d{4}/”;msg:”MasterCard number detected text”;content:”mastercard”;nocase;sid:9000001;rev:1;)
alert tcp any any <> any any (pcre:”/6011(s|-)?d{4}(s|-)?d{4}(s|-)?d{4}/”;msg:”Discover card number detected text”;content:”discover”;nocase;sid:9000002;rev:1;)
alert tcp any any <> any any (pcre:”/3d{3}(s|-)?d{6}(s|-)?d{5}/”;msg:”American Express card number text”;content:”amex”;nocase;sid:9000003;rev:1;)
#Idenfiy Social Security Number:
alert tcp any any <> any any (pcre:”/d{3}(s|-)?d{2}(s|-)?d{4}/”;msg:”Social Security Number is found”;content:”ssn”;nocase;sid:9000004;rev:1;)
Reference: https://cheatography.com/albertx/cheat-sheets/openssl/
Installation:
# apt-get update
# apt-get install openssl
Generating Key-ring:
The following example is to generate a 4096 bit private key and export it to a key file:
# openssl genrsa -out ./private-key.key 4096
Or generate a password-protected private key as such:
# openssl genrsa -aes256 -out ./private-key.key 4096
The public key could be generated upon the key-ring as shown below:
# openssl rsa -in ./private-key.key -RSAPublicKey_out -out ./pubic-key.key
Add/Remove Password-Protected function on a private key:
Adding Password-Protected function could be done as follows:
# openssl rsa -aes256 -in ./private-key.key -out ./private-key.encrypted.key
And Removing Password-Protected function is done as shown below:
# openssl rsa -in ./private-key.encrypted.key -out ./private-key.key
Creating Certificate Signing Request (CSR):
Creating a Certificate Signing Request (CSR) by using an existing private key:
# openssl req -new -key ./private-key.key -out ./request.csr
Read the CSR file:
# openssl req -text -noout -in ./request.csr
Read the public key from the CSR file:
# openssl req -pubkey -noout -in ./request.csr
Sign a certificate through Certificate Signing Request (CSR):
# openssl ca -in ./request.csr -out ./certificate.crt -config ./CA/config/openssl.cnf
Read the information sitting in the certificate:
# openssl x509 -text -noout -in ./certificate.crt
Extract the public key from the certificate:
# openssl x509 -pubkey -noout -in ./cert.crt
Generating Key-ring and Self-Signed Certificate concurrently:
# openssl req -newkey rsa:2048 -nodes -keyout /etc/ssl/certs/key.pem -x509 -days 365 -out /etc/ssl/certs/certificate.pem
Or:
# openssl req -newkey rsa:2048 -nodes -keyout ./private-key.key -x509 -days 365 -out ./cert.crt
Identifying Key-ring and Certificate:
Utilize MD5 hash function to identify all files:
# openssl dgst -md5 ./* 2>/dev/null
Combine Private Key and Certificate into PKCS #12 format file:
# openssl pkcs12 -export -out ./cert_key.p12 -inkey ./private-key.key -in ./certificate.crt