Infosec_Tools

Web Browser as a Security Tool

• Groundspeed: application pentesting
• HttpFox: analyzer
• Live HTTP headers: analyzer
• HackBar: application pentesting
• Wappalyzer: application reconnaissance
• PassiveRecon: web site reconnaissance
• Shodan web site and plugin: reconnaissance

DNS Sinkholes and RPZ

• DNS servers can be effective tools for blocking malware, phishing and spam.
• Support for Response Policy Zones (RPZ) introduced with ISC BIND 9.8.
• An RBL for DNS, makes it into a “DNS firewall” by leveraging reputation feeds.
• Can block or redirect internal traffic associated with malicious activity (yes, just like OpenDNS).

Fun with Wifi

• Kismet – An open source WIDS that works with any wireless devices supporting monitor-mode.
• Aircrack-NG – An open source reconnaissance, key-cracking and testing tool.

Do You Always Need the Commercial Product

• Suricata vs. Sourcefire
• Bro-NSM vs. FireEye
• Security Onion or OSSIM vs. commercial SIEMs
• SANS Investigative Forensic Toolkit (SIFT) vs. EnCase
• Armitage or OG150 vs. Metasploit Pro
• FreeRADIUS vs. Cisco ISE
• OSSEC vs. Symantec Critical System Protection
• ELSA, Graylog, Logstash/Kibana vs. Splunk
• Nmap or Zenmap vs. Qualys