Security Assessments, Security Management

What’s in Your [Security] Wallet?

Posted on by Ron Woerner in Security Assessments, Security Management

No, this isn’t a blog about the credit card you use or identity theft. This is about the tools you have on hand as a security professional.

Like any tradecraft, Security Professionals should have a set of tools, in this case applications, that they keep handy for when they need them. Fortunately, there are many security tools readily and freely available that fit nicely on a 2-4Gb USB thumb drive. These tools have a variety of purposes to help the IT or Security professional diagnose and troubleshoot problems. A quick note before I dive into my tools of choice, sectools.org contains an almost complete set of security apps that should be known by all security professionals.

  • Windows SysInternals (http://technet.microsoft.com/en-us/sysinternals) – This is the toolbox for Windows. Maintained by Mark Russinovich, these are the applications not included with the Windows Operating Systems, but should be. The tools that I use most are Process Explorer, Autoruns, and Zoomit.
  • Wireshark (http://www.wireshark.org/) – Wireshark is an open-source network analyzer that works on many platforms. You can use it to look into network packets for both security and troubleshooting.
  • Firecat (https://addons.mozilla.org/en-US/firefox/collections/clausv/firecat1_5_plus/) – This is a collection of add-ons for Firefox that allow you to (A) safely browse and (B) test the security of a web application.
  • NMap (http://nmap.org/) – Nmap is the network scanning and security auditing tool. Often featured in movies, this open-source application is used for network inventory, managing service upgrade schedules, and monitoring host or service uptime.
  • Backtrack / Kali (http://www.kali.org/) – This is a Linux-based operating system that comes complete with most security tools. You need to install it on a clean thumb drive and boot from it.

A couple of quick notes:

  • These are just a small handful of good tools, but there are many others out there. If there’s one you think I missed, please reply to this post with your favorite. A caveat is that the tool must have a useful, free or open-source version readily available. It also must be small enough to fit on a thumb drive.
  • Neither I nor my employer are directly associated with these sites and tools. As always, use at your own risk.

What’s in your (security) wallet? Do you have a favorite tool that you keep in your security tool belt? Let us know.