02/18/2024 ANYRUN MALWARE Malware hunting. ANY.RUN is an interactive online sandbox that allows users to analyze and investigate malware in real-time within a controlled environment
02/04/2024 Pentest Tools Vulnerably Scanner The Website Vulnerability Scanner is a highly-accurate vulnerability scanning solution. Fully web-based and free to use for several scans
02/04/2024 Qualys SSL Labs Qualys SSL Labs' SSL Test is an online tool that evaluates the security of SSL/TLS configurations on web servers.
02/04/2024 LEGION Legion is an automated network penetration testing tool included in Kali Linux, designed for network discovery and vulnerability scanning
02/01/2024 Wazuh SIEM Using Wazuh a Open Source SIEM for practice alerts and investigations. Jamie, your account has been compromised. :)
02/01/2024 Joe Sandbox Joe Sandbox Cloud is an online version of the Joe Sandbox malware analysis tool that runs in the cloud. Users can upload files and URLs to be analyzed in a secure, cloud-based environment without requiring any local infrastructure. Joe Sandbox Cloud offers various analysis options such as static, dynamic, and hybrid analysis, which helps users to better understand the behavior of malware and develop effective countermeasures.
09/13/2023 Wapiti scanner Wapiti is an open-source web application vulnerability scanner that is designed to identify security vulnerabilities in web applications
09/13/2023 Dirbuster Also known as OWASP DirBuster, is a web application security tool used for directory and file brute-forcing on web servers
09/13/2023 WPScan (word press scanner) WPScan is a popular open-source WordPress vulnerability scanner. It's designed for security professionals, penetration testers, and site administrators who want to assess the security of WordPress websites
09/06/2023 pecheck / PE tree PE File Browser is a software tool that allows you to view the contents of portable executable files.
09/06/2023 Hybrid Analysis (Sand Box) tool gives me info on things like risk assessment, incident response, suspicious indicators, file details, file metadata and resources, network analysis, common HTTP traffic associated with it, extracted files with relation, and even screenshots of the malware!
09/05/2023 Brim Brim is an open source tool designed for network security specialists that facilitates the search and analysis of data through the following sources: Network traffic traps created by Wireshark or TCPdump.
09/05/2023 VirusTotal VirusTotal is a widely used online service that provides a free and convenient way to scan files and URLs for malware and other security threats. It's operated by Google subsidiary Chronicle. VirusTotal aggregates multiple antivirus engines and other security tools to analyze and detect potential threats in files and websites.
09/04/2023 Custom Word List Generator (cewl) used in penetration testing and ethical hacking. It is short for "Custom Word List Generator" and is designed to create custom wordlists for password cracking or other security testing purposes by scraping text from a given target, typically a website.
07/10/2023 Splunk Every cyber professional needs various sources of cyber alerts and documentation such as log files, metrics, sensors, clickstreams, and other machine-generated data
07/10/2023 Virtual Private Network (VPN)s The Fortinet Client VPN creates an encrypted tunnel between the user's device and the corporate network, ensuring secure communication over public networks like the internet.
07/10/2023 GNS3 GNS3 (Graphical Network Simulator-3) is an open-source network simulation platform that allows users to build and emulate complex network topologies.
07/04/2023 Hydra Another great password-cracking tool. Great for password cracking on a live target. I used it via SSH password cracking along with web-based password cracking.
07/04/2023 JohnTheRipper JohnTheRipper or (John) is a great hash-cracking tool. And a fun tool to play around with to get up to par with hashing algorithms and password complexity. This tool pairs very well with hashid or hashidentifier on Kali to construct your syntax for the correct command of execution.
06/22/2023 gobuster Scanning a target host servicing port 80. As it is a web service I'm using a syntax (extension) of PHP, HTML, and text to find a very hidden directory. Successfully I might add
06/19/2023 searchsploit Once you have a service version on a target of service being run on that host. Use searchsploit! It will compare that service version to all the current vulnerabilities installed on this tool and inform you as the attacker how to proceed next. Or as a defender, you can run updates or configure your network to protect against these attacks! (Keep your hacking tools up to date!) :)
06/19/2023 dirb the terminal-based version of dirbuster! The larger the wordlist, the longer it will take. But, this brute-forcing directory tool has worked wonders on soooo many targets
02/15/2024 Wireshark "find a device on your network" look for the unique MAC address in the DHCP packets. This helps you spot any new or unknown devices trying to connect
02/14/2024 Wireshark ARP attack .pcap Great pic of what an ARP attack looks like in a Pcap file displayed in Wireshark
02/08/2024 Viewing Brute-Forcing via SSH on Jumphost Viewing Brute-Forcing via SSH on Jumphost via elastic " a SIEM tool "
09/05/2023 Log Formats A log format defines the structure and organisation of data within a log file. It specifies how the data is encoded, how each entry is delimited, and what fields are included in each row. These formats can vary widely and may fall into three main categories: Semi-structured, Structured, and Unstructured.
09/05/2023 Basic Security Log Outlines While the specific details may differ based on the type of log, a log entry usually includes the following information-A timestamp of when an event was logged -The name of the system or application that generated the log entry-The type of event that occurred-Additional details about the event, such as the user who initiated the event or the device's IP address that generated the eventThis information is typically stored in a log file, which contains aggregated entries of what occurred at any given time on a system.
09/04/2023 LOGS/LOGS/LOGS/LOGS/LOGS/LOGS SOC, Log training in full swing, All self taught and determined