Security Tools and Technologies - Paiet/Tech-Journal-for-Everything GitHub Wiki
-
Preventative
-
IPS/HIPS
- Sourcefire
- Snort
- Bro
-
IDS/HIDS
- Bro
-
Firewall
- Cisco
- Palo Alto
- Check Point
-
Antivirus
-
Anti-malware
-
EMET (Enhanced Mitigation Experience Toolkit)
- Acts as a supplement to your Firewall, AV, and patching
- Has the ability to prevent Buffer Overflows and other common exploits by guarding processes and memory
- Known vulns
- Adobe Flash/Acrobat/Reader
- Java apps
- M$ Office
- Known vulns
-
Web proxy
- Content filtering
- Website filtering
-
Web Application Firewall (WAF)
- ModSecurity
- Supports Apache, IIS, and Nginx
- Protects against
- XSS
- Information leakage
- SQLi
- NAXSI
- Anti XSS and SQLi
- Only support Nginx
- Imperva
- ModSecurity
Security Tools and Technologies Pt.2
-
Collective
-
SIEM
- ArcSight
- QRadar
- Splunk
- AlienVault
- OSSIM
- Kiwi Syslog
-
Network scanning
- NMAP
-
Vulnerability scanning
- Qualys
- Nessus
- OpenVAS
- Nexpose
- Nikto
- Microsoft Baseline Security Analyzer
-
Packet capture
- Wireshark
- tcpdump
- Network General
- Aircrack-ng
-
Command line/IP utilities
- netstat
- ping
- tracert/traceroute
- ipconfig/ifconfig
- nslookup/dig
- Sysinternals
- OpenSSL
- Create public/private rsa key pairs
- Hashing
- Encoding/Decoding
- Encrypting/Decrypting files
-
Analytical
-
Vulnerability scanning
- Qualys
- Nessus
- OpenVAS
- Nexpose
- Nikto
- Microsoft Baseline Security Analyzer
-
Monitoring tools
- MRTG
- Nagios
- SolarWinds
- Cacti
- NetFlow Analyzer
-
Interception proxy
- Burp Suite
- Zap
- Vega
Security Tools and Technologies Pt.3
-
Exploit
-
Interception proxy
- Burp Suite
- Zap
- Vega
-
Exploit framework
- Metasploit
- Nexpose
-
Fuzzers
- Untidy
- Peach Fuzzer
- Microsoft SDL File/Regex Fuzzer - Forensics
-
Forensic suites
- EnCase
- FTK
- Helix
- Sysinternals
- Cellebrite
-
Hashing
- MD5sum
- SHAsum
-
Password cracking
- John the Ripper
- Cain & Abel
-
Imaging
- DD