Infosec Tools

Here’s a collection of tools that I’ve collected over the years. This page is a work in progress.

Random

  • IP Subnet calc - the Perl script is also downloadable…I use it a fair amount.
  • Windows Linux Subsystem - Because bash!
  • Grammarly - Love the Chrome/Mozilla plugins
  • Todoist - great task mgmt app for iPhone/Win10/Mac/Web
  • Duo - I use this for two factor auth both for push and to replace Google Authenticator code generation.
    • This is one I need to watch now that Cisco has announced it will acquire it. Usually doesn’t end well for ‘free’ resources
  • ioc-parser - excellent for stripping out IOC’s from various feeds.
  • Attack Maps

Firewall Egress Testing

Malware Analysis

  • VirusTotal - Great for checking to see if others have already seen a file hash
    • I should write up my process for generating file hashes from email attachments
  • https://www.hybrid-analysis.com/
  • https://www.joesandbox.com/
    • Offers both Basic (Free) and Pro tier. Provides some comprehensive analysis and IoC’s.
  • urlscan.io - “A sandbox for the web.” You give it a URL, it gives youa break down.
  • URLVoid - Scan a website with multiple website reputation engines and domain blacklisting services.

Recon/Investigations

Nmap notes/tips

SSL Testing

  • https://www.sslchecker.com/ - validate SSL
  • https://www.ssllabs.com/ssltest - a more in-depth test of SSL settings (TLS,etc.)

OSINT Resources

  • So you wanna OSINT? Resources and Reading for those interested in OSINT
  • PasteBin
  • Shodan
  • http://osintframework.com
  • Alienvault OTX
  • Cmon.io
  • Threatcrowd
  • Virustotal
  • Team-cymru.org
  • Hybrid-analysis.com
  • Metadefender.com/#!/hash-lookup
  • Virusshare.com (have to login to search)
  • Threatexpert.com
  • Search for hash on
  • github
  • Search hash on google
  • Threat Miner
  • https://www.eyeonthre.at/site/

Phone/VoIP Resources

  • https://www.freecarrierlookup.com/

Incident Management

Playbooks

  • coming soon

    Threat Intel Reporting

  • Defang all the things - How to use python to ‘defang’ threat IOC’s
  • Templates (coming soon)

As the list grows, I will start sorting it out better.