Internet References
We have compiled a compendium of the information available on the Internet classified by roles. We have dozens of references, and we keep updating them with new discoveries and contributions from our partners.
-
-
Description: Information about z/OS and official IBM emulators
Date: 17-03-2022
https://mainframed767.tumblr.com/post/114500217531/hercules-and-linux-networking
Description: Information about unofficial IBM emulators
Date: 17-03-2022
http://www.hercules-390.org/index.html
Description: Home of Hercules, the main unofficial IBM emulators
Date: 17-06-2022
https://herculesmainferame.blogspot.com/2015/11/os390-demopkg-system.html
Description: Good and didactic articles in portuguese about how to do what you want in Hercules, IBM's z/series hardware emulator. Courtesy of Claudemars Martins de Sá.
Date: 17-08-2022
http://www.jaymoseley.com/hercules/
Description: Thanks to Jay Mosley for the best page about Hercules information
Date: 17-08-2022
https://mainframesproject.tumblr.com/
Description: How many mainframes are exposed on the Internet? This is a project that maintains a list of mainframes found on the Internet.
Date: 17-06-2021
-
https://mainframed767.tumblr.com/post/167275771612/racf-privilege-escalation/
Description:RACF Privilege Escalation
Date: 17-05-2022
https://mainframed767.tumblr.com/post/136352016257/2015-year-in-review
Description:Vulnerabilities and Hacking Z information by Soldier of Fortran
Date: 17-05-2022
LINK --> Guía básica de Pentesting
Description:A quick and easy github pentesting guide to footprinting plus basic scanning for known vulnerabilities on a z/OS system.
Date: 17-05-2022
LINK --> Script NJE-node-brute
Description:z/OS JES Network Job Entry (NJE) target node name brute force written for Soldier of fortran in nmap.org.
Date: 17-05-2022
Description:Given an interface, IP and port this script will try to sniff mainframe user IDs and passwords sent over cleartext using TN3270 (tested against x3270 and TN3270X).
Date: 17-05-2022
Description:PoC REXX Script to Help with z/OS System enumeration via OMVS/TSO/JCL.
Date: 17-05-2022
LINK --> CATSO/JCL wrapper for z/OS FTP logic attack
Description:A REXX script (CATSO) wrapped in JCL, enveloped in Python.
Date: 17-05-2022
LINK --> Man in the Middle tn3270 proxy and so much more!
Description:A python tool to capture real userids and passwords, enveloped in Python.
Date: 17-05-2022
LINK --> Privilege escalations tools on Mainframe!
Description:Some scripts to quickly escalate on z/OS given certain misconfigurations.
Date: 17-05-2022
LINK --> Big Iron Recon & Pwnage (BIRP)!
Description:BIRP is a tool that will assist in the security assessment of mainframe applications served over TN3270.
Date: 17-05-2022
LINK --> z/OS Mainframe TSO Logon panel account enumerator and brute force
Description:Because the logon panel for TSO/E tells you if you have a valid user account vs a valid/invalid password, you can enumerate users. Since you can enumerate users adding a brute forcer was trivial.
Date: 17-05-2022
LINK --> Mainframe bruter and screen automation utility.
Description:Tool to brute force APPLIDs on a z/OS mainframe where you can connect to VTAM Truthfully, it's just a useful way of automating mainframe screen interactions, i.e. I make copies of this to perform specific fuzzing/user enum/password bruting attacks against custom apps It is a fork from mainframed's.
Date: 17-05-2022
https://badcyber.com/a-history-of-a-hacking/
Description: Badcyber recounts in this excellent article, the main facts on which the best-known incident about the hacking of a mainframe with z/OS was based: Logica and Nordea Bank.
Date: 17-08-2021
https://nvd.nist.gov/vuln/detail/CVE-2012-5955
Description: Anakata entered Nordea Bank and Logica, helped by this vulnerability that was reported in the US government's Vulnerability Database. How many times have you gone in and searched for mainframe z/OS?
Date: 17-02-2022
Explicación Técnica detallada del Incidente de Logica y Nordea Bank
Description: RSH Consulting is one of the four companies worldwide, along with Bsecure, focused on security services in the mainframe environment. In October 2020, he published this presentation detailing precisely what ANAKATA's steps were to enter and take over the Logica and Nordea Bank systems. It was done by people with experience in open systems, who had to learn some z/OS to get it done.
Date: 10-07-2021
Utilidades en github usadas en el Incidente de Logica y Nordea Bank
Description: All the utilities Anakata used, stored on github, commented so you can understand how he did it.
Date: 10-05-2020
-
-
https://www.ibm.com/docs/en/zos
Description: All z/OS System documentation for each level provided free of charge by its builder. For those who like complete libraries of any professional subject. Several years just to read a level.
Date: 17-08-2021
Description: 20 years ago getting an IBM redbook was a career milestone for any mainframe environment professional. Today you can access them and a much more condensed and practical version of the different aspects that it deals with. They are written by professionals who have read all the manuals on a subject, implemented it in real environments and with the conclusions they wrote a redbook with the key information. This information is basic for professionals in charge of data security.
Date: 17-05-2021
LINK --> Descripción curso online VA080 para auditores TI
Description: Another possibility is to follow our online course VA080 on IT auditing in z/OS environments for novice auditors and experts in the environment. More than 30 hours of videos and thousands of hours of knowledge. Download the PDF that describes the course.
Date: 17-08-2021
LINK --> La checklist de Auditoría z/OS de ISACA
Description: The objective of the z/OS Audit review is to provide management with an independent assessment relating to the controls addressing the configuration and security of the z/OS operations systems with the enterprise’s computing environment.
Date: 17-08-2021
https://sites.google.com/site/cgcurtis/racfexporttomsaccess
Description: Instructions to extract a DB from RACF to ACCESS to treat the information with standard auditing tools. Courtesy of Cory Curtis.
Date: 17-08-2021
-
LINK --> Descripción de los STIG de la DISA para auditores TI
Description: In this presentation that we made at a conference for Mainframe users in 2010, we already explained the state of Regulatory Compliance adapted to Mainframe z/OS platforms. The American DISA STIGs are still the most technological controls that existed at that time. In this presentation we explained its structure and the different aspects it covers.
Date: 17-08-2021
LINK --> Visualizador de los STIG de la DISA para auditores TI
Description: Compilation of all American DISA STIGs for z/OS environments. Any company that needs to contract with the American administration has to show its degree of compliance. There is STIG for all the systems and software that the US administration has contracted.
Date: 17-08-2021
-
-
https://www.go2bsecure.com/audihack/
Description: The Bsecure VA060 online course in its 2022 version is the best hacking course in z/OS environments for technicians and Security managers in z/OS environments. It is a totally Online course in Spanish taken by hundreds of professionals since its first version ten years ago.
Date: 17-6-2022
Description: A good place to understand z/OS assembler . Thanks to David Woolbright.
Date: 17-6-2022
LINK --> ibm-mainframe-security book
Description: A book that shows us a small part of what has to be taken into account in the security of a mainframe with z/OS and RACF. The most important thing is the overview of that security.
Date: 17-6-2022
LINK --> http://z390.org/#OVerview
Description: z390 Portable Mainframe Assembler and Emulator Project.
Date: 17-6-2022
-
https://mainframed767.tumblr.com/post/167275771612/racf-privilege-escalation/
Description:RACF Privilege Escalation
Date: 17-05-2022
Description:CICSPAWN is an excellent tool to perform a penetration test in the CICS environment. It is a contribution of Ayoub Elaassal.
Date: 17-02-2022
LINK --> La Casa de John the Ripper
Description:John the Ripper's house on github to install it in our environment, and have it work for us on those z/OS installations that still have the 8-position password implemented.
Date: 17-02-2022
LINK --> La mayor biblioteca de utilidades z/OS en Internet
Description:cbttape.org is the github for unselfish contributions from experts on z/OS systems. There are thousands of utilities created by excellent z/OS experts over the years and shared with the mainframe community. Utilities created dozens of years ago still work like the first day. Many mainframe exploits are based on these utilities. As always, there is a dark side and a bright side.
Date: 17-02-2022
Description:A good starting point to have a true arsenal of tools with which to carry out a quick footprinting. This is a contribution from Jim Taylor to help RACF administrators.
Date: 17-02-2022
LINK --> Utilidades generales de Mark Zelden
Description:An excellent contribution to the manfraimers Universe in form of tens of utilities written during years for Mark Zelden.
Date: 17-02-2022
LINK --> Utilidades generales de Lionel B. Dyck
Description:More z/OS software created and compiled by Lionel B. Dick. Overall in the SPF and FTP environment. Many tricks useful in hidden activity.
Date: 17-02-2022
LINK --> Utilidades de Nigel Pentland
Description:Nigel Pentland many years ago built his own RACF programs into the windows environment to help to RACF Administrators. He and Peter Goldis were the pioneers in built easy helping software for Administrators. Peter is retired and enjoy with his family but still there are any utilities in the Internet with his signature.
Date: 17-02-2022
LINK --> Utilidades de Steve Neeland
Description:RACF / Sort reports made for Steve Neeland years ago, but still working.
Date: 17-02-2022
-
-
Description: Review of the aspects that CISOs must take into account when dealing with information management on z/OS mainframe platforms. Each of the points has its specific development in other pills.
Date: 17-1-2020
Description: Is the z/OS mainframe infrastructure really critical? With 50 years of continuous development, we review the importance of this technology in the protection of companies' corporate data. What is the CISO's attitude towards it?
Date: 17-2-2020
LINK --> Pill 3 - Challenges of the CISO before Mainframe - Retirement of knowledge (in Spanish).
Description: Young professionals don't see a future for them. We have taken early retirement for professionals with enough experience fifteen years ago and we sent them home. Now they have retired, leaving one of the largest knowledge gaps in critical mission infrastructures in Information Technology. We analyze the impact on the security and availability of data that is the responsibility of CISOs.
Date: 17-3-2020
Description: There is a false sense of security for many CIOs and even CISOs about z/OS mainframe platforms. The further away you are from the platform, the more sense of security you have. The problem is that it is in that distance where the budgets for the different Departments and Areas are managed. Expressions such as: -"With all that we are spending on firewalls, anti-intrusion software, log correlators..., are you now saying that there could be serious security problems on the Mainframe? Its maintenance costs us more than xx million Euros. With this cost, it is understood that it is safe, and also... We have already made sure that nobody comes in from outside to do what they shouldn't. We dismantle that myth with facts and data. The mainframe is an environment technological like any other.Perhaps the most securizable of the technologies that treat data, but managed by humans who make human errors.
Date: 17-4-2020
Description: There are many CIOs and even CISOs who believe that one of the fundamental pillars of security on the z/OS mainframe platform is complexity. This leads them to believe that only technicians with extensive training and extensive experience in the environment could generate data security incidents. In this pill we get you out of the error based on verifiable data. It is a complex infrastructure to achieve 99.99% data availability, but it is not so complex to exploit known vulnerabilities.
Date: 17-5-2020
Description: The fourth myth is believing that the isolation of the infrastructure and the complexity of the SNA presents it with sufficient protection by default.
Date: 17-7-2020
Description: Given the complexity of a critical infrastructure, such as the z/OS mainframe. Taking into account the difficulty of finding professionals with sufficient knowledge and experience in a critical environment. One of the options most used by business users responsible for the platform is to outsource multiple activities necessary for its maintenance and improvement. We analyze whether it is true, as many companies believe, that outsourcing will solve all their problems with data security and availability.
Date: 17-8-2020
LINK --> Pill 9 - CISO Challenges before Mainframe - Covid-19 and Mainframe Security (Spanish).
Description: Unbelievably, Covid-19 has tremendously impacted data security and risk management aspects on mainframe platforms. Due to the experiences and incident information published, there could be a considerable increase in actions against the data protected by the infrastructure. We review why.
Date: 17-9-2020
LINK --> Pill 10 - CISO Challenges before Mainframe - Regulatory Compliance (in Spanish).
Description: We analyze how the pressure of compliance with regulatory frameworks affects a mission-critical infrastructure such as mainframe technology. We list the main difficulties that CISOs encounter to comply with all the periodic reviews of risk management. We take the approach that we believe is most reasonable given the current situation.
Date: 17-10-2020
LINK --> Pill 11 - CISO Challenges before Mainframe - Summary (in Spanish).
Description: After reviewing all aspects of security, risk, and auditing on the z/OS mainframe technology, it is time to summarize the facts discussed. It's time for conclusions.
Date: 17-10-2020
-
-
Description: Search for the word "mainframe" to get the news.
Date: 17-6-2022
-
LINK --> https://www.ibm.com/products/z16
Description:La web del padre de la tecnología Mainframe.
Date: 17-05-2022
Description:GSE is the oldest computer user group and still active in the US. In the early days of computing SHARE was founded by the aerospace industry corporate users of IBM mainframe computers in 1955. GUIDE (Guidance of Users of Integrated Data-Processing Equipment) followed a year later.
Date: 17-05-2022
LINK --> https://www.share.org/
Description:Since 1955, SHARE has produced events that deliver unmatched education and access to the global enterprise computing community. In-person events and webcasts provide participants with unique education, access to innovation and the opportunity to connect with peers and recognized subject matter experts.
Date: 17-05-2022
LINK --> https://www.openmainframeproject.org/
Description:The Open Mainframe Project is intended to serve as a focal point for deployment and use of Linux and Open Source in a mainframe computing environment. The Project intends to increase collaboration across the mainframe community and to develop shared tool sets and resources.
Date: 17-05-2022
LINK --> https://www.zowe.org/
Description:Zowe is an integrated and extensible open source framework for z/OS. Zowe, like Mac OS or Windows, comes with a set of APIs and OS capabilities that applications build on and also includes some applications out of the box.
Date: 17-05-2022
-
-
LINK --> Enterprise_It_Security
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In this list is all the knowledge about the implementation and management of the RACF. The world's leading experts write in it.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
Description: IBMMAINFRAMES.com is an independent software organization, started in 1998 in Chennai by a team of 25 unique-minded mainframe professionals to make a communication channel among worldwide mainframe programmers by providing technical support, training, and B2B software products.
Date: 17-6-2022
Description: In security, the forums are mines where you can search and find the gold.
Date: 17-6-2022
-
Description: Bsecure - The Mainframe & Security Company, is a Consultant specialized in Information Technology in large International Companies. With more than 30 years of experience in hacking, security, auditing and Compliance in z/OS environments, we are a benchmark in modern services oriented to SOCs and Audit and Compliance Departments of our clients.
Date: 17-6-2022
Description: The Henderson Group provides security reviews, implementation and planning assistance, technical support, and audit response service for security over a wide range of platforms, software, and networks.
Date: 17-6-2022
LINK --> Vanguard Integrity Professionals
Description: Founded in 1986 to help customers safeguard mission critical applications and data, Vanguard Integrity Professionals is the largest independent provider of enterprise security software for addressing complex security and regulatory compliance challenges. Annually host one of the industry's largest conferences on security in z/OS environments
Date: 17-6-2022
Description: RSH Consulting Inc., owned by Robert Hansel offers sound, practical advice and assistance to IBM z/OS administrators, technicians, and auditors seeking to enhance the cybersecurity of their mainframe systems by fully exploiting all the capabilities and latest innovations in RACF.
Date: 17-6-2022