Which security tool is your favorite?
Published: 2015-01-14. Last Updated: 2015-01-14 22:00:14 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
4 comment(s)
by Manuel Humberto Santander Pelaez (Version: 1)
Toolswatch published today the best 2014 security tools according to their readers. I like to use From that list I like OWASP ZAP, BeEF, OWASP Xenotix and PeStudio. However, I definitely miss some tools like the one contained in REMnux Distro for malware analysis, DFF and the SANS SIFT 3 distro for forensics, not to mention Wireshark and tcpdump, which I find unique for anomaly detection.
Which security tool is your favorite? Do you agree with the tools listed? Let us know via contact form or comment to this diary.
Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org
Keywords:
4 comment(s)
×
Diary Archives
Comments
Anonymous
Jan 15th 2015
9 years ago
And since the retained data is small, I can keep years of traffic data. That enables me to get the answer to the question "when was the first time we talked to that malicious IP ?"
Anonymous
Jan 15th 2015
9 years ago
Anonymous
Jan 16th 2015
9 years ago
NetCat – This tool is extremely well rounded. Some of my favorite features include tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port/interface, listening port/interface, and the remote host allowed to connect to the tunnel.
While NMap is my go to port scanner, there is built-in port-scanning capabilities, with randomizer, and dvanced usage options, such as buffered send-mode (one line every N seconds), and hexdump (to stderr or to a specified file) of trasmitted and received data.
Wireshark – Sharking the wires is one of my favorite things to do. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, delving down into just the level of packet detail you need.
Anonymous
Aug 2nd 2015
9 years ago