SlideShare a Scribd company logo

Securitytools

Download as PPTX, PDF
Richmond Adebiaye
Richmond Adebiaye
Technology
1 of 28
Great Tools for Securing and Testing Your Network By DR RICHMOND ADEBIAYE, CISSP, CISM Presented at NASA Conference (EOSDIS) NASA Risk Management Conference VII (Environment & Security) January 18-20 2012 GRC Network Security Team
Outline • Silver Bullet Most Used Tools • CD/USB Security • Perimeter Security • Vulnerability Assessment • Password Recovery • Networking Scanning • Data Rescue and Restoration • Application and Data Base Tools • Encryption Software • Wireless Tools • Virtual Machines • New USB Exploits • Digital Forensic Tools • Backup Software • Tools that Cost but Have Great Value
No Silver Bullet • No Silver Bullet for network and system testing: – Determine your needs – Finding the right tools – Using the right tool for the job
My Most Used Tools: • Google (Get Google Hacking book) – The Google Hacking Database (GHDB) • • SuperScan 4 – Network Scanner find open ports (I prefer version 3) • • (the Swiss Army knife) Crack passwords crack VOIP and so much more • http://www.oxid.it/cain.html NMap – (Scanning and Foot printing) • • http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/ resources/proddesc/superscan.htm Cain and Abel – • http://johnny.ihackstuff.com/modules.php?op=modload&name=Downloads&file=index http://insecure.org/nmap/download.html Nessus – (Great system wide Vulnerability scanner) • http://www.nessus.org/download/
Cain and Abel Local Passwords
Nessus Summary Tenable Nessus Security Report Start Time: Sun Nov 05 13:46:11 2006 Finish Time: Sun Nov 05 14:16:16 2006 192.168.22.0/255.255.255.0 192.168.22.1 192.168.22.8 192.168.22.10 192.168.22.11 192.168.22.15 192.168.22.80 192.168.22.81 192.168.22.100 192.168.22.161 192.168.22.166 2 Open Ports, 6 Notes, 1 Warnings, 1 Holes. 7 Open Ports, 13 Notes, 1 Warnings, 1 Holes. 5 Open Ports, 9 Notes, 0 Warnings, 1 Holes. 5 Open Ports, 9 Notes, 0 Warnings, 1 Holes. 7 Open Ports, 22 Notes, 0 Warnings, 0 Holes. 5 Open Ports, 7 Notes, 0 Warnings, 0 Holes. 6 Open Ports, 12 Notes, 1 Warnings, 1 Holes. 5 Open Ports, 7 Notes, 0 Warnings, 0 Holes. 5 Open Ports, 12 Notes, 2 Warnings, 1 Holes. 3 Open Ports, 4 Notes, 2 Warnings, 1 Holes.
My Most Used Tools 2: • Ethereal or Wireshark – (packet sniffers Use to find passwords going across network) • SSL Passwords are often sent in clear text before logging on – http://www.wireshark.org/download.html » • Metasploit – (Hacking made very easy) • • http://www.metasploit.com/ BackTrack or UBCD4WIN Boot CD – (Cleaning infected PC’s or ultimate hacking environment will run from USB) • http://www.remote-exploit.org/index.php/BackTrack_Downloads – • http://www.ubcd4win.com/downloads.htm Read notify – (―registered‖ email) • • http://www.ethereal.com/download.html http://www.readnotify.com/ Virtual Machine for pen testing – (Leaves ―no‖ trace)
Security Testing Boot CD/USB: • Bart PE or UBCD4WIN – http://www.bartpe.com – http://www.ubcd4win.com • Back Track (one of the more powerful cracking network auditing packages) – http://www.remoteexploit.org • Other Linux CD – Trinity Rescue Kit (recover/repair dead Windows or Linux systems) • http://trinityhome.org/Home/index.php?wpid=28&fr ont_id=12 – KNOPPIX (recover/repair dead systems and several security tools) • http://www.knoppix.net/
Demo of UBCD/BackTrack
BackTrack
Secure Your Perimeter: • DNS-stuff and DNS-reports • http://www.dnsstuff.com http://www.dnsreports.com – Are you blacklisted? – Test your e-mail system – Check your HTML code for errors – • (Also use WIN HTTrack for offline testing) • Shields UP and Leak test – https://www.grc.com/x/ne.dll?rh1dkyd2 – http://grc.com/default.htm • Other Firewall checkers – www.firewallcheck.com
Tools to Assess Vulnerability • Nessus(vulnerability scanners) – http://www.nessus.org • Snort (IDS - intrusion detection system) – http://www.snort.org • Metasploit Framework (vulnerability exploitation tools) Use with great caution and have permission – http://www.metasploit.com/projects/Frame work/
Password Recovery Tools: • Fgdump (Mass password auditing for Windows) – http://foofus.net/fizzgig/fgdump • Cain and Abel (password cracker and so much more….) – http://www.oxid.it/cain.htnl • John The Ripper (password crackers) – http://www.openwall.org/john/ • RainbowCrack : An Innovative Password Hash Cracker tool that makes use of a large-scale time-memory trade-off. – http://www.rainbowcrack.com/downloads/?PHPSESSI D=776fc0bb788953e190cf415e60c781a5
Change/Discover Win Passwords • Windows Password recovery - Can retrieve forgotten admin and users' passwords in minutes. Safest possible option, does not write anything to hard drive. • Offline NT Password & Registry Editor - A great boot CD/Floppy that can reset the local administrator's password. • John the Ripper - Good boot floppy with cracking capabilities. • Emergency Boot CD - Bootable CD, intended for system recovery in the case of software or hardware faults. • Austrumi - Bootable CD for recovering passwords and other cool tools.
Networking Scanning • MS Baseline Analyzer – http://www.microsoft.com/downloads/details.aspx?FamilyId=4B4ABA06-B5F9-4DAD-BE9D7B51EC2E5AC9&displaylang=en • The Dude (Great mapper and traffic analyzer) – http://www.mikrotik.com/thedude.php • Getif (Network SNMP discovery and exploit tool) – http://www.wtcs.org/snmp4tpc/getif.htm • SoftPerfect Network Scanner – http://www.softperfect.com/ • HPing2 (Packet assembler/analyzer) – http://www.hping.org • Netcat (TCP/IP Swiss Army Knife) – http://netcat.sourceforge.net • TCPDump (packet sniffers) Linux or Windump for windows – • http://www.tcpdump.org and http://www.winpcap.org/windump/ LanSpy (local, Domain, NetBios, and much more) – http://www.lantricks.com/
File Rescue and Restoration: • Zero Assumption Digital Image rescue • http://www.z-a-recovery.com/digital-imagerecovery.htm • Restoration File recovery – http://www.snapfiles.com/get/restoration.html • Free undelete – http://www.pcfacile.com/download/recupero_eliminazione_dati/drive_resc ue/ • Effective File Search : Find data inside of files or data bases – http://www.sowsoft.com/search.htm
Discover & Securely Delete Important Information: • Windows and Office Key finder/Encrypting – Win KeyFinder (also encrypts the keys) • http://www.winkeyfinder.tk/ – ProduKey (also finds SQL server key) • http://www.nirsoft.net • Secure Delete software – Secure Delete • http://www.objmedia.demon.co.uk/freeSoftware/secureDelete.html • DUMPSEC — (Dump all of the registry and share permissions) – http://www.somarsoft.com/ • Win Finger Print (Scans for Windows shares, enumerates usernames, groups, sids and much more ) – http://winfingerprint.sourceforge.net
Application and Data Base Tools • N-Stealth – an effective HTTP Security Scanner – https://secure.nstalker.com/ • WINHTTrack – Website copier • http://www.httrack.com/page/2/en/index.html • SQLRecon (SQLRecon performs both active and passive scans of your network in order to identify all of the SQL Server/MSDE installations) – http://www.sqlsecurity.com/Tools/FreeTools/tabid/ 65/Default.aspx • Absinthe (Tool that automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection.) – http://www.0x90.org/releases/absinthe/index.php
AppDetective • AppDetective discovers database applications and assesses their security strength • AppDetective assess two primary application tiers application / middleware, and back-end databases through a single interface • AppDetective locates, examines, reports, and fixes security holes and misconfigurations • www.appsecinc.com/products/appdetective/ mssql • Cost $900
Encryption Software: • Hard drive or Jump Drives – True Crypt for cross platform encryption with lots of options • http://www.truecrypt.org/downloads.php – Dekart its free version is very simple to use paid version has more options • http://www.dekart.com/free_download/ – http://www.dekart.com/ • Email or messaging – PGP for encrypting email • http://www.pgp.com/downloads/index.html
Wireless Tools: • Aircrack : The fastest available WEP/WPA cracking tool Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP or WPA 1 or 2 – The suite includes • • • • airodump (an 802.11 packet capture program) aireplay (an 802.11 packet injection program) aircrack (static WEP and WPA-PSK cracking) airdecap (decrypts WEP/WPA capture files) – http://www.aircrack-ng.org/doku.php#download • Net Stumbler (finds wireless networks works well) – http://wwww.netsumbler.com • Kismet (wireless tools or packet sniffers) – http://wwww.kismetwireless.net
Virtual Machines • Xen for Linux – http://www.xensource.com/download/ • VM server or VM workstation for booting Part Pe ISO’s or Remote Exploit – http://www.vmware.com/products/server/ • MS Virtual Server (slower but very easy to use) – http://www.microsoft.com/windowsserversystem/v irtualserver/software/privacy.mspx • VM’s can be used to run auditing applications that typically would require a dedicated server
Network Toolbox U3 • • • • • • • • • • • • • • Analyzers Network monitors Traffic Generators Network Scanners IDS Network Utilities Network Clients Secure Clients SNMP Web Auditing Tools Password revealers System Tools Supplementary tools (Dos prompt, Unix shell, etc..) – http://www.cacetech.com/products/toolkit. htm
USB Switchblade • Access all stored passwords on a windows computer – [System info] [Dump SAM] [Dump Product Keys] [Dump LSA secrets (IE PWs)] [Dump Network PW] [Dump messenger PW] [Dump URL History] • • • • • Available at http://www.hak5.org/wiki/USB_Switchblade Plug U3 Drive in any windows XP/2000/2003 computer Wait about 1 minute Eject Drive Go to run on the start menu, then type x:Documentslogfiles (x = flash drive letter) then press enter • Look at username and passwords or start cracking hashed windows passwords
Digital Forensic Tools • The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (digital forensic tools) – http://www.sleuthkit.org/ • Boot CD – UBCD4WIN • http://www.ubcd4win.com – BACKTRACK • http://www.remoteexploit.org
Backup Software • SyncBack – http://www.snapfiles.com/get/SyncBack.html – Secure: Encrypt a zip file with a 256-bit AES encryption – Copy Open Files (XP/2003) – Compression: You can compress an unlimited size, and an unlimited number of files. (Paid) – Performance & Throttling limit bandwidth usage, (Paid) – FTP and Email :Backup or sync files with an FTP server. Auto email the results of your backup – Overview PPT on my web site • http://www.es-es.net/
Tools That Cost But Have Great Value: • • • • • • • • • Spy Dynamics Web Inspect QualysGuard EtherPeek Netscan tools Pro (250.00 full network forensic reporting and incident handling) LanGuard Network Scanner AppDetective (Data base scanner and security testing software) Air Magnet (one of the best WIFI analyzers and rouge blocking) RFprotect Mobile Core Impact (complete vulnerability scanning and reporting) • WinHex– (Complete file inspection and recovery even if corrupt ) Forensics and data recovery
Q&A • Resources are available at – Files and suggestions • http://www.es-es.net/9.html – Security and Information Assurance Links • http://www.es-es.net/6.html – PPT for this and VM Security • http://www.es-es.net/3.html • Best Step by Step Security Videos Free – http://www.irongeek.com • Shameless plug – Virtual Server Security Presentation – Thursday 9:30AM Location: Salon 7 – Resources available @ http://www.es-es.net

Recommended

Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMPShaikh Jamal Uddin l CISM, QRadar, Hack Card Recovery Expert
 
Outlook and Exchange for the bad guys
Outlook and Exchange for the bad guysOutlook and Exchange for the bad guys
Outlook and Exchange for the bad guysNick Landers
 
Backtrack
BacktrackBacktrack
Backtrackn|u - The Open Security Community
 
Backtrack os 5
Backtrack os 5Backtrack os 5
Backtrack os 5Ayush Goyal
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
 
Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...
Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...
Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...grecsl
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014grecsl
 
Backtrack
BacktrackBacktrack
BacktrackOne97 Communications Limited
 

Recommended

Penetration Testing Boot CAMP
Penetration Testing Boot CAMPPenetration Testing Boot CAMP
Penetration Testing Boot CAMPShaikh Jamal Uddin l CISM, QRadar, Hack Card Recovery Expert
 
Outlook and Exchange for the bad guys
Outlook and Exchange for the bad guysOutlook and Exchange for the bad guys
Outlook and Exchange for the bad guysNick Landers
 
Backtrack
BacktrackBacktrack
Backtrackn|u - The Open Security Community
 
Backtrack os 5
Backtrack os 5Backtrack os 5
Backtrack os 5Ayush Goyal
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
 
Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...
Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...
Malware Analysis 101: N00b to Ninja in 60 Minutes at BSidesDC on October 19, ...grecsl
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at CactusCon on April 4, 2014grecsl
 
Backtrack
BacktrackBacktrack
BacktrackOne97 Communications Limited
 
Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Daniel Bohannon
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
BackTrack5 - Linux
BackTrack5 - LinuxBackTrack5 - Linux
BackTrack5 - Linuxmariuszantal
 
After School cyber security class slides - Pat
After School cyber security class slides - PatAfter School cyber security class slides - Pat
After School cyber security class slides - PatDan Winson
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunterAndrew McNicol
 
Malware Analysis Made Simple
Malware Analysis Made SimpleMalware Analysis Made Simple
Malware Analysis Made SimplePaul Melson
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...CODE BLUE
 
Intro to firewalls
Intro to firewallsIntro to firewalls
Intro to firewallsJoshua Johnston
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...B.A.
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014grecsl
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsAPNIC
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
Live Memory Forensics on Android devices
Live Memory Forensics on Android devicesLive Memory Forensics on Android devices
Live Memory Forensics on Android devicesNikos Gkogkos
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali LinuxJason Murray
 
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) ShenPROIDEA
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersAndrew McNicol
 
SANS Forensics 2009 - Memory Forensics and Registry Analysis
SANS Forensics 2009 - Memory Forensics and Registry AnalysisSANS Forensics 2009 - Memory Forensics and Registry Analysis
SANS Forensics 2009 - Memory Forensics and Registry Analysismooyix
 
Malware analysis
Malware analysisMalware analysis
Malware analysisPrakashchand Suthar
 
How Smart Thermostats Have Made Us Vulnerable
How Smart Thermostats Have Made Us VulnerableHow Smart Thermostats Have Made Us Vulnerable
How Smart Thermostats Have Made Us VulnerableRay Potter
 
Estudio rse medios impresos en panama 2013
Estudio rse medios impresos en panama 2013Estudio rse medios impresos en panama 2013
Estudio rse medios impresos en panama 2013UDELAS
 
Informazione locale e comunità. La sfida glocal
Informazione locale e comunità. La sfida glocalInformazione locale e comunità. La sfida glocal
Informazione locale e comunità. La sfida glocalLorenzo Fabbri
 

More Related Content

What's hot

Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Daniel Bohannon
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...grecsl
 
BackTrack5 - Linux
BackTrack5 - LinuxBackTrack5 - Linux
BackTrack5 - Linuxmariuszantal
 
After School cyber security class slides - Pat
After School cyber security class slides - PatAfter School cyber security class slides - Pat
After School cyber security class slides - PatDan Winson
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0marcioalma
 
Malware Analysis Made Simple
Malware Analysis Made SimpleMalware Analysis Made Simple
Malware Analysis Made SimplePaul Melson
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...CODE BLUE
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...B.A.
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014grecsl
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsAPNIC
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
Live Memory Forensics on Android devices
Live Memory Forensics on Android devicesLive Memory Forensics on Android devices
Live Memory Forensics on Android devicesNikos Gkogkos
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali LinuxJason Murray
 
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) ShenPROIDEA
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersAndrew McNicol
 
SANS Forensics 2009 - Memory Forensics and Registry Analysis
SANS Forensics 2009 - Memory Forensics and Registry AnalysisSANS Forensics 2009 - Memory Forensics and Registry Analysis
SANS Forensics 2009 - Memory Forensics and Registry Analysismooyix
 
How Smart Thermostats Have Made Us Vulnerable
How Smart Thermostats Have Made Us VulnerableHow Smart Thermostats Have Made Us Vulnerable
How Smart Thermostats Have Made Us VulnerableRay Potter
 

What's hot (20)

Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016Invoke-Obfuscation DerbyCon 2016
Invoke-Obfuscation DerbyCon 2016
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
Malware Analysis 101 - N00b to Ninja in 60 Minutes at BSidesLV on August 5, ...
 
BackTrack5 - Linux
BackTrack5 - LinuxBackTrack5 - Linux
BackTrack5 - Linux
 
After School cyber security class slides - Pat
After School cyber security class slides - PatAfter School cyber security class slides - Pat
After School cyber security class slides - Pat
 
Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0Internal Pentest: from z3r0 to h3r0
Internal Pentest: from z3r0 to h3r0
 
Tcpdump hunter
Tcpdump hunterTcpdump hunter
Tcpdump hunter
 
Malware Analysis Made Simple
Malware Analysis Made SimpleMalware Analysis Made Simple
Malware Analysis Made Simple
 
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
[CB16] Invoke-Obfuscation: PowerShell obFUsk8tion Techniques & How To (Try To...
 
Intro to firewalls
Intro to firewallsIntro to firewalls
Intro to firewalls
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...
 
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
Malware Analysis 101 - N00b to Ninja in 60 Minutes at Notacon on April 12, 2014
 
Threat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my HoneypotsThreat Con 2021: What's Hitting my Honeypots
Threat Con 2021: What's Hitting my Honeypots
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
 
Live Memory Forensics on Android devices
Live Memory Forensics on Android devicesLive Memory Forensics on Android devices
Live Memory Forensics on Android devices
 
2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux2016 TTL Security Gap Analysis with Kali Linux
2016 TTL Security Gap Analysis with Kali Linux
 
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
"Into the Fog The Return of ICEFOG APT" - Chi en (Ashley) Shen
 
BSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathersBSides_Charm2015_Info sec hunters_gathers
BSides_Charm2015_Info sec hunters_gathers
 
SANS Forensics 2009 - Memory Forensics and Registry Analysis
SANS Forensics 2009 - Memory Forensics and Registry AnalysisSANS Forensics 2009 - Memory Forensics and Registry Analysis
SANS Forensics 2009 - Memory Forensics and Registry Analysis
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
How Smart Thermostats Have Made Us Vulnerable
How Smart Thermostats Have Made Us VulnerableHow Smart Thermostats Have Made Us Vulnerable
How Smart Thermostats Have Made Us Vulnerable
 

Viewers also liked

Estudio rse medios impresos en panama 2013
Estudio rse medios impresos en panama 2013Estudio rse medios impresos en panama 2013
Estudio rse medios impresos en panama 2013UDELAS
 
Informazione locale e comunità. La sfida glocal
Informazione locale e comunità. La sfida glocalInformazione locale e comunità. La sfida glocal
Informazione locale e comunità. La sfida glocalLorenzo Fabbri
 
INSETA Article - Page 10
INSETA Article - Page 10INSETA Article - Page 10
INSETA Article - Page 10Cathrine Pitsi
 
Simon Rickett - The power of email marketing
Simon Rickett - The power of email marketingSimon Rickett - The power of email marketing
Simon Rickett - The power of email marketingSimon Rickett
 
Ilm library techniques with tivoli storage and ibm total storage products sg2...
Ilm library techniques with tivoli storage and ibm total storage products sg2...Ilm library techniques with tivoli storage and ibm total storage products sg2...
Ilm library techniques with tivoli storage and ibm total storage products sg2...Banking at Ho Chi Minh city
 
252 santo, santo es tu senhor
252 santo, santo es tu senhor252 santo, santo es tu senhor
252 santo, santo es tu senhorSUSSURRO DE AMOR
 
HSMA Event Industriestandards im RFP Prozess
HSMA Event Industriestandards im RFP ProzessHSMA Event Industriestandards im RFP Prozess
HSMA Event Industriestandards im RFP ProzessAnsgar Jahns
 
JFS 2011 - Top 10 der Tools & Methoden - Baumgartner, Oehmichen
JFS 2011 - Top 10 der Tools & Methoden - Baumgartner, OehmichenJFS 2011 - Top 10 der Tools & Methoden - Baumgartner, Oehmichen
JFS 2011 - Top 10 der Tools & Methoden - Baumgartner, OehmichenOdilo Oehmichen
 
Intervenciones alimentario nutricionales cesfam garin
Intervenciones alimentario nutricionales cesfam garinIntervenciones alimentario nutricionales cesfam garin
Intervenciones alimentario nutricionales cesfam garinCesfamgarin
 
Cuadros favoritos de 2º ESO. I.E.S. Alhakén II
Cuadros favoritos de 2º ESO. I.E.S. Alhakén IICuadros favoritos de 2º ESO. I.E.S. Alhakén II
Cuadros favoritos de 2º ESO. I.E.S. Alhakén IICórdoba, Spain
 
Getting Started with OpenGL ES
Getting Started with OpenGL ESGetting Started with OpenGL ES
Getting Started with OpenGL ESJohn Wilker
 
WCPT in 2016: European Region conference, Limassol April 2016
WCPT in 2016: European Region conference, Limassol April 2016WCPT in 2016: European Region conference, Limassol April 2016
WCPT in 2016: European Region conference, Limassol April 2016WCPT1951
 
Présentation1 sable bitumineux
Présentation1 sable bitumineux Présentation1 sable bitumineux
Présentation1 sable bitumineux nizou123
 

Viewers also liked (20)

Estudio rse medios impresos en panama 2013
Estudio rse medios impresos en panama 2013Estudio rse medios impresos en panama 2013
Estudio rse medios impresos en panama 2013
 
Informazione locale e comunità. La sfida glocal
Informazione locale e comunità. La sfida glocalInformazione locale e comunità. La sfida glocal
Informazione locale e comunità. La sfida glocal
 
INSETA Article - Page 10
INSETA Article - Page 10INSETA Article - Page 10
INSETA Article - Page 10
 
Simon Rickett - The power of email marketing
Simon Rickett - The power of email marketingSimon Rickett - The power of email marketing
Simon Rickett - The power of email marketing
 
Ilm library techniques with tivoli storage and ibm total storage products sg2...
Ilm library techniques with tivoli storage and ibm total storage products sg2...Ilm library techniques with tivoli storage and ibm total storage products sg2...
Ilm library techniques with tivoli storage and ibm total storage products sg2...
 
252 santo, santo es tu senhor
252 santo, santo es tu senhor252 santo, santo es tu senhor
252 santo, santo es tu senhor
 
HSMA Event Industriestandards im RFP Prozess
HSMA Event Industriestandards im RFP ProzessHSMA Event Industriestandards im RFP Prozess
HSMA Event Industriestandards im RFP Prozess
 
Presentación ABI
Presentación ABIPresentación ABI
Presentación ABI
 
Piccolandy1
Piccolandy1Piccolandy1
Piccolandy1
 
Que es la tentacion
Que es la tentacionQue es la tentacion
Que es la tentacion
 
JFS 2011 - Top 10 der Tools & Methoden - Baumgartner, Oehmichen
JFS 2011 - Top 10 der Tools & Methoden - Baumgartner, OehmichenJFS 2011 - Top 10 der Tools & Methoden - Baumgartner, Oehmichen
JFS 2011 - Top 10 der Tools & Methoden - Baumgartner, Oehmichen
 
Intervenciones alimentario nutricionales cesfam garin
Intervenciones alimentario nutricionales cesfam garinIntervenciones alimentario nutricionales cesfam garin
Intervenciones alimentario nutricionales cesfam garin
 
Lassen DMC
Lassen DMCLassen DMC
Lassen DMC
 
Asignacion 5 laminas
Asignacion 5 laminas Asignacion 5 laminas
Asignacion 5 laminas
 
Cuadros favoritos de 2º ESO. I.E.S. Alhakén II
Cuadros favoritos de 2º ESO. I.E.S. Alhakén IICuadros favoritos de 2º ESO. I.E.S. Alhakén II
Cuadros favoritos de 2º ESO. I.E.S. Alhakén II
 
Getting Started with OpenGL ES
Getting Started with OpenGL ESGetting Started with OpenGL ES
Getting Started with OpenGL ES
 
Borrador proyecto
Borrador proyectoBorrador proyecto
Borrador proyecto
 
Introduccion a Node.js
Introduccion a Node.jsIntroduccion a Node.js
Introduccion a Node.js
 
WCPT in 2016: European Region conference, Limassol April 2016
WCPT in 2016: European Region conference, Limassol April 2016WCPT in 2016: European Region conference, Limassol April 2016
WCPT in 2016: European Region conference, Limassol April 2016
 
Présentation1 sable bitumineux
Présentation1 sable bitumineux Présentation1 sable bitumineux
Présentation1 sable bitumineux
 

Similar to Securitytools

Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wireInfoSec Addicts
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device InsecurityJeremy Brown
 
Unmasking Careto through Memory Forensics (video in description)
Unmasking Careto through Memory Forensics (video in description)Unmasking Careto through Memory Forensics (video in description)
Unmasking Careto through Memory Forensics (video in description)Andrew Case
 
EMBA - Firmware analysis DEFCON30 demolabs USA 2022
EMBA - Firmware analysis DEFCON30 demolabs USA 2022EMBA - Firmware analysis DEFCON30 demolabs USA 2022
EMBA - Firmware analysis DEFCON30 demolabs USA 2022MichaelM85042
 
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022MichaelM85042
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Security Weekly
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
Ethical hacking 101 - Singapore RSA 2019
Ethical hacking 101 - Singapore RSA 2019Ethical hacking 101 - Singapore RSA 2019
Ethical hacking 101 - Singapore RSA 2019Paul Haskell-Dowland
 
EMBA Firmware analysis - TROOPERS22
EMBA Firmware analysis - TROOPERS22EMBA Firmware analysis - TROOPERS22
EMBA Firmware analysis - TROOPERS22MichaelM85042
 
Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?Chris Sistrunk
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collectionFakrul Alam
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guideCraig Cannon
 
amrapali builders @@ hacking challenges.pdf
amrapali builders @@ hacking challenges.pdfamrapali builders @@ hacking challenges.pdf
amrapali builders @@ hacking challenges.pdfamrapalibuildersreviews
 
MMIX Peering Forum and MMNOG 2020: Packet Analysis for Network Security
MMIX Peering Forum and MMNOG 2020: Packet Analysis for Network SecurityMMIX Peering Forum and MMNOG 2020: Packet Analysis for Network Security
MMIX Peering Forum and MMNOG 2020: Packet Analysis for Network SecurityAPNIC
 

Similar to Securitytools (20)

Threat hunting on the wire
Threat hunting on the wireThreat hunting on the wire
Threat hunting on the wire
 
Cloud Device Insecurity
Cloud Device InsecurityCloud Device Insecurity
Cloud Device Insecurity
 
Unmasking Careto through Memory Forensics (video in description)
Unmasking Careto through Memory Forensics (video in description)Unmasking Careto through Memory Forensics (video in description)
Unmasking Careto through Memory Forensics (video in description)
 
ch11.ppt
ch11.pptch11.ppt
ch11.ppt
 
EMBA - Firmware analysis DEFCON30 demolabs USA 2022
EMBA - Firmware analysis DEFCON30 demolabs USA 2022EMBA - Firmware analysis DEFCON30 demolabs USA 2022
EMBA - Firmware analysis DEFCON30 demolabs USA 2022
 
Breach and attack simulation tools
Breach and attack simulation toolsBreach and attack simulation tools
Breach and attack simulation tools
 
Security Onion
Security OnionSecurity Onion
Security Onion
 
File000127
File000127File000127
File000127
 
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022EMBA - Firmware analysis - Black Hat Arsenal USA 2022
EMBA - Firmware analysis - Black Hat Arsenal USA 2022
 
Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)Attacking Embedded Devices (No Axe Required)
Attacking Embedded Devices (No Axe Required)
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
 
Ethical hacking 101 - Singapore RSA 2019
Ethical hacking 101 - Singapore RSA 2019Ethical hacking 101 - Singapore RSA 2019
Ethical hacking 101 - Singapore RSA 2019
 
EMBA Firmware analysis - TROOPERS22
EMBA Firmware analysis - TROOPERS22EMBA Firmware analysis - TROOPERS22
EMBA Firmware analysis - TROOPERS22
 
Security Handbook
Security Handbook Security Handbook
Security Handbook
 
Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?
 
Chapter 3 footprinting
Chapter 3 footprintingChapter 3 footprinting
Chapter 3 footprinting
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collection
 
Linux security quick reference guide
Linux security quick reference guideLinux security quick reference guide
Linux security quick reference guide
 
amrapali builders @@ hacking challenges.pdf
amrapali builders @@ hacking challenges.pdfamrapali builders @@ hacking challenges.pdf
amrapali builders @@ hacking challenges.pdf
 
MMIX Peering Forum and MMNOG 2020: Packet Analysis for Network Security
MMIX Peering Forum and MMNOG 2020: Packet Analysis for Network SecurityMMIX Peering Forum and MMNOG 2020: Packet Analysis for Network Security
MMIX Peering Forum and MMNOG 2020: Packet Analysis for Network Security
 

Recently uploaded

The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 

Securitytools

  • 1. Great Tools for Securing and Testing Your Network By DR RICHMOND ADEBIAYE, CISSP, CISM Presented at NASA Conference (EOSDIS) NASA Risk Management Conference VII (Environment & Security) January 18-20 2012 GRC Network Security Team
  • 2. Outline • Silver Bullet Most Used Tools • CD/USB Security • Perimeter Security • Vulnerability Assessment • Password Recovery • Networking Scanning • Data Rescue and Restoration • Application and Data Base Tools • Encryption Software • Wireless Tools • Virtual Machines • New USB Exploits • Digital Forensic Tools • Backup Software • Tools that Cost but Have Great Value
  • 3. No Silver Bullet • No Silver Bullet for network and system testing: – Determine your needs – Finding the right tools – Using the right tool for the job
  • 4. My Most Used Tools: • Google (Get Google Hacking book) – The Google Hacking Database (GHDB) • • SuperScan 4 – Network Scanner find open ports (I prefer version 3) • • (the Swiss Army knife) Crack passwords crack VOIP and so much more • http://www.oxid.it/cain.html NMap – (Scanning and Foot printing) • • http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/ resources/proddesc/superscan.htm Cain and Abel – • http://johnny.ihackstuff.com/modules.php?op=modload&name=Downloads&file=index http://insecure.org/nmap/download.html Nessus – (Great system wide Vulnerability scanner) • http://www.nessus.org/download/
  • 5. Cain and Abel Local Passwords
  • 6. Nessus Summary Tenable Nessus Security Report Start Time: Sun Nov 05 13:46:11 2006 Finish Time: Sun Nov 05 14:16:16 2006 192.168.22.0/255.255.255.0 192.168.22.1 192.168.22.8 192.168.22.10 192.168.22.11 192.168.22.15 192.168.22.80 192.168.22.81 192.168.22.100 192.168.22.161 192.168.22.166 2 Open Ports, 6 Notes, 1 Warnings, 1 Holes. 7 Open Ports, 13 Notes, 1 Warnings, 1 Holes. 5 Open Ports, 9 Notes, 0 Warnings, 1 Holes. 5 Open Ports, 9 Notes, 0 Warnings, 1 Holes. 7 Open Ports, 22 Notes, 0 Warnings, 0 Holes. 5 Open Ports, 7 Notes, 0 Warnings, 0 Holes. 6 Open Ports, 12 Notes, 1 Warnings, 1 Holes. 5 Open Ports, 7 Notes, 0 Warnings, 0 Holes. 5 Open Ports, 12 Notes, 2 Warnings, 1 Holes. 3 Open Ports, 4 Notes, 2 Warnings, 1 Holes.
  • 7. My Most Used Tools 2: • Ethereal or Wireshark – (packet sniffers Use to find passwords going across network) • SSL Passwords are often sent in clear text before logging on – http://www.wireshark.org/download.html » • Metasploit – (Hacking made very easy) • • http://www.metasploit.com/ BackTrack or UBCD4WIN Boot CD – (Cleaning infected PC’s or ultimate hacking environment will run from USB) • http://www.remote-exploit.org/index.php/BackTrack_Downloads – • http://www.ubcd4win.com/downloads.htm Read notify – (―registered‖ email) • • http://www.ethereal.com/download.html http://www.readnotify.com/ Virtual Machine for pen testing – (Leaves ―no‖ trace)
  • 8. Security Testing Boot CD/USB: • Bart PE or UBCD4WIN – http://www.bartpe.com – http://www.ubcd4win.com • Back Track (one of the more powerful cracking network auditing packages) – http://www.remoteexploit.org • Other Linux CD – Trinity Rescue Kit (recover/repair dead Windows or Linux systems) • http://trinityhome.org/Home/index.php?wpid=28&fr ont_id=12 – KNOPPIX (recover/repair dead systems and several security tools) • http://www.knoppix.net/
  • 11. Secure Your Perimeter: • DNS-stuff and DNS-reports • http://www.dnsstuff.com http://www.dnsreports.com – Are you blacklisted? – Test your e-mail system – Check your HTML code for errors – • (Also use WIN HTTrack for offline testing) • Shields UP and Leak test – https://www.grc.com/x/ne.dll?rh1dkyd2 – http://grc.com/default.htm • Other Firewall checkers – www.firewallcheck.com
  • 12. Tools to Assess Vulnerability • Nessus(vulnerability scanners) – http://www.nessus.org • Snort (IDS - intrusion detection system) – http://www.snort.org • Metasploit Framework (vulnerability exploitation tools) Use with great caution and have permission – http://www.metasploit.com/projects/Frame work/
  • 13. Password Recovery Tools: • Fgdump (Mass password auditing for Windows) – http://foofus.net/fizzgig/fgdump • Cain and Abel (password cracker and so much more….) – http://www.oxid.it/cain.htnl • John The Ripper (password crackers) – http://www.openwall.org/john/ • RainbowCrack : An Innovative Password Hash Cracker tool that makes use of a large-scale time-memory trade-off. – http://www.rainbowcrack.com/downloads/?PHPSESSI D=776fc0bb788953e190cf415e60c781a5
  • 14. Change/Discover Win Passwords • Windows Password recovery - Can retrieve forgotten admin and users' passwords in minutes. Safest possible option, does not write anything to hard drive. • Offline NT Password & Registry Editor - A great boot CD/Floppy that can reset the local administrator's password. • John the Ripper - Good boot floppy with cracking capabilities. • Emergency Boot CD - Bootable CD, intended for system recovery in the case of software or hardware faults. • Austrumi - Bootable CD for recovering passwords and other cool tools.
  • 15. Networking Scanning • MS Baseline Analyzer – http://www.microsoft.com/downloads/details.aspx?FamilyId=4B4ABA06-B5F9-4DAD-BE9D7B51EC2E5AC9&displaylang=en • The Dude (Great mapper and traffic analyzer) – http://www.mikrotik.com/thedude.php • Getif (Network SNMP discovery and exploit tool) – http://www.wtcs.org/snmp4tpc/getif.htm • SoftPerfect Network Scanner – http://www.softperfect.com/ • HPing2 (Packet assembler/analyzer) – http://www.hping.org • Netcat (TCP/IP Swiss Army Knife) – http://netcat.sourceforge.net • TCPDump (packet sniffers) Linux or Windump for windows – • http://www.tcpdump.org and http://www.winpcap.org/windump/ LanSpy (local, Domain, NetBios, and much more) – http://www.lantricks.com/
  • 16. File Rescue and Restoration: • Zero Assumption Digital Image rescue • http://www.z-a-recovery.com/digital-imagerecovery.htm • Restoration File recovery – http://www.snapfiles.com/get/restoration.html • Free undelete – http://www.pcfacile.com/download/recupero_eliminazione_dati/drive_resc ue/ • Effective File Search : Find data inside of files or data bases – http://www.sowsoft.com/search.htm
  • 17. Discover & Securely Delete Important Information: • Windows and Office Key finder/Encrypting – Win KeyFinder (also encrypts the keys) • http://www.winkeyfinder.tk/ – ProduKey (also finds SQL server key) • http://www.nirsoft.net • Secure Delete software – Secure Delete • http://www.objmedia.demon.co.uk/freeSoftware/secureDelete.html • DUMPSEC — (Dump all of the registry and share permissions) – http://www.somarsoft.com/ • Win Finger Print (Scans for Windows shares, enumerates usernames, groups, sids and much more ) – http://winfingerprint.sourceforge.net
  • 18. Application and Data Base Tools • N-Stealth – an effective HTTP Security Scanner – https://secure.nstalker.com/ • WINHTTrack – Website copier • http://www.httrack.com/page/2/en/index.html • SQLRecon (SQLRecon performs both active and passive scans of your network in order to identify all of the SQL Server/MSDE installations) – http://www.sqlsecurity.com/Tools/FreeTools/tabid/ 65/Default.aspx • Absinthe (Tool that automates the process of downloading the schema & contents of a database that is vulnerable to Blind SQL Injection.) – http://www.0x90.org/releases/absinthe/index.php
  • 19. AppDetective • AppDetective discovers database applications and assesses their security strength • AppDetective assess two primary application tiers application / middleware, and back-end databases through a single interface • AppDetective locates, examines, reports, and fixes security holes and misconfigurations • www.appsecinc.com/products/appdetective/ mssql • Cost $900
  • 20. Encryption Software: • Hard drive or Jump Drives – True Crypt for cross platform encryption with lots of options • http://www.truecrypt.org/downloads.php – Dekart its free version is very simple to use paid version has more options • http://www.dekart.com/free_download/ – http://www.dekart.com/ • Email or messaging – PGP for encrypting email • http://www.pgp.com/downloads/index.html
  • 21. Wireless Tools: • Aircrack : The fastest available WEP/WPA cracking tool Aircrack is a suite of tools for 802.11a/b/g WEP and WPA cracking. It can recover a 40 through 512-bit WEP or WPA 1 or 2 – The suite includes • • • • airodump (an 802.11 packet capture program) aireplay (an 802.11 packet injection program) aircrack (static WEP and WPA-PSK cracking) airdecap (decrypts WEP/WPA capture files) – http://www.aircrack-ng.org/doku.php#download • Net Stumbler (finds wireless networks works well) – http://wwww.netsumbler.com • Kismet (wireless tools or packet sniffers) – http://wwww.kismetwireless.net
  • 22. Virtual Machines • Xen for Linux – http://www.xensource.com/download/ • VM server or VM workstation for booting Part Pe ISO’s or Remote Exploit – http://www.vmware.com/products/server/ • MS Virtual Server (slower but very easy to use) – http://www.microsoft.com/windowsserversystem/v irtualserver/software/privacy.mspx • VM’s can be used to run auditing applications that typically would require a dedicated server
  • 23. Network Toolbox U3 • • • • • • • • • • • • • • Analyzers Network monitors Traffic Generators Network Scanners IDS Network Utilities Network Clients Secure Clients SNMP Web Auditing Tools Password revealers System Tools Supplementary tools (Dos prompt, Unix shell, etc..) – http://www.cacetech.com/products/toolkit. htm
  • 24. USB Switchblade • Access all stored passwords on a windows computer – [System info] [Dump SAM] [Dump Product Keys] [Dump LSA secrets (IE PWs)] [Dump Network PW] [Dump messenger PW] [Dump URL History] • • • • • Available at http://www.hak5.org/wiki/USB_Switchblade Plug U3 Drive in any windows XP/2000/2003 computer Wait about 1 minute Eject Drive Go to run on the start menu, then type x:Documentslogfiles (x = flash drive letter) then press enter • Look at username and passwords or start cracking hashed windows passwords
  • 25. Digital Forensic Tools • The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (digital forensic tools) – http://www.sleuthkit.org/ • Boot CD – UBCD4WIN • http://www.ubcd4win.com – BACKTRACK • http://www.remoteexploit.org
  • 26. Backup Software • SyncBack – http://www.snapfiles.com/get/SyncBack.html – Secure: Encrypt a zip file with a 256-bit AES encryption – Copy Open Files (XP/2003) – Compression: You can compress an unlimited size, and an unlimited number of files. (Paid) – Performance & Throttling limit bandwidth usage, (Paid) – FTP and Email :Backup or sync files with an FTP server. Auto email the results of your backup – Overview PPT on my web site • http://www.es-es.net/
  • 27. Tools That Cost But Have Great Value: • • • • • • • • • Spy Dynamics Web Inspect QualysGuard EtherPeek Netscan tools Pro (250.00 full network forensic reporting and incident handling) LanGuard Network Scanner AppDetective (Data base scanner and security testing software) Air Magnet (one of the best WIFI analyzers and rouge blocking) RFprotect Mobile Core Impact (complete vulnerability scanning and reporting) • WinHex– (Complete file inspection and recovery even if corrupt ) Forensics and data recovery
  • 28. Q&A • Resources are available at – Files and suggestions • http://www.es-es.net/9.html – Security and Information Assurance Links • http://www.es-es.net/6.html – PPT for this and VM Security • http://www.es-es.net/3.html • Best Step by Step Security Videos Free – http://www.irongeek.com • Shameless plug – Virtual Server Security Presentation – Thursday 9:30AM Location: Salon 7 – Resources available @ http://www.es-es.net