Use scrapli to retrieve security zone information from a Juniper SRX firewall

Last update: Jun 19, 2022

Overview

Get Security Zones with Scrapli

Overview

This example will show how to retrieve security zone information on Juniper's SRX firewalls.

In addition to the Python script, this project also ships with additional tools to help you along your way. You will find a Dockerfile for running the project in an isolated environment, and an Invoke tasks.py file for those of us that hate typing out everything all the time.

⚙️ `How it works`

The data is collected from the firewalls by issuing NETCONF RPCs to retrieve the data as XML, to which we will convert into a Python dictionary.

Let's take a second to review the documentation in the files/docs/ directory.

Name	Description
app_async.py	Retrieve security zone information from SRX with `asyncio`
app_sync.py	Retrieve security zone information from a single SRX

📝 `Dependencies`

Refer to the Poetry Lock file located at poetry.lock for detailed descriptions on each package installed.

🚀 `Executing the script`

This project provides two unique methods of executing the playbook:

Executing with Docker | Execute with Docker

Executing with Python | Execute with Python

Use scrapli to retrieve security zone information from a Juniper SRX firewall

Related tags

Overview

Get Security Zones with Scrapli

Overview

⚙️ `How it works`

📝 `Dependencies`

🚀 `Executing the script`

Owner

Calvin Remsburg

Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

A Python tool to automate some dorking stuff to find information disclosures.

Pgen is the best brute force password generator and it is improved from the cupp.py

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.

NS-LOOKUP - A python script for scanning website for getting ip address of a website

Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses 🕵️

一款针对向日葵的识别码和验证码提取工具

Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Trainspotting - Python Dependency Injector based on interface binding

High level cheatsheet that was designed to make checks on the OSCP more manageable

a cool, easily usable and customisable subdomains scanner

Make your own huge Wordlist with advanced options

Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python.

🐎🖥《赛马娘》（ウマ娘: Pretty Derby）辅助脚本

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

This program will brute force any Instagram account you send it its way given a list of proxies.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Webpack自动化信息收集

Use scrapli to retrieve security zone information from a Juniper SRX firewall

Related tags

Overview

Get Security Zones with Scrapli

Overview

⚙️ How it works

📝 Dependencies

🚀 Executing the script

Owner

Calvin Remsburg

Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

A Python tool to automate some dorking stuff to find information disclosures.

Pgen is the best brute force password generator and it is improved from the cupp.py

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.

NS-LOOKUP - A python script for scanning website for getting ip address of a website

Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses 🕵️

一款针对向日葵的识别码和验证码提取工具

Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Trainspotting - Python Dependency Injector based on interface binding

High level cheatsheet that was designed to make checks on the OSCP more manageable

a cool, easily usable and customisable subdomains scanner

Make your own huge Wordlist with advanced options

Collection Of Discord Hacking Tools / Fun Stuff / Exploits That Is Completely Made Using Python.

🐎🖥《赛马娘》（ウマ娘: Pretty Derby）辅助脚本

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

This program will brute force any Instagram account you send it its way given a list of proxies.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Webpack自动化信息收集

⚙️ `How it works`

📝 `Dependencies`

🚀 `Executing the script`