SEARCH RESULTS
 
Showing 1-5 of 5 records
1
 
Expand article

January's toolsmith - Gpg4win

2008-01-03 19:47:00 by Russ McRee in HolisticInfoSec.org
 
...toolsmith column in the ISSA Journal features Gpg4win , a suite that integrates GPG into your Windows envronment. Next month will be discussing more powerful NSM opportunities with HeX , a FreeBSD-based Live CD loaded with network security monitoring tools. toolsmith offers insights on tools useful to the infosec practitioner, typically open...
 
Tags: toolsmith offers insights, issa journal, issa, powerful nsm opportunities, network security, toolsmith column, toolsmith page, live cd, january
 
 
 
 
Expand article

Malware analysis tools

2007-12-26 11:54:00 by Russ McRee in HolisticInfoSec.org
 
...toolsmith featured the suite in the July 2007 column API-Logger can be used as a standalone tool or you can run the .exe through SysAnalyzer which includes API-Logger output Other important pieces in my sandbox included VMWare Server (Linux host, Windows VMs), PE Explorer , RAPIER 3.2 , Wireshark , Mandiant Red Curtain (MRC) , and the...
 
Tags: tools, api-logger, includes api-logger output, includes, malware analysis, toolsmith page, toolsmith, mandiant red curtain, systinternals tools
 
 
 
 
Expand article

NSM-Console and HeX update

2008-01-10 12:50:00 by Russ McRee in HolisticInfoSec.org
 
...toolsmith , I was extremely pleased to discover NSM-Console , from Matthew Lee Hinman. I've not yet seen such an efficient, useful, all encompassing framework for offline packet analysis. NSM-Console includes modules for aimsnarf ngrep (gif/jpg/pdf/exe/pe/ne/elf/3pg/torrent tcpxtract tcpflow chaosreader bro-IDS snort tcpdstat capinfos tshark...
 
Tags: nsm-console, nsm-console includes modules, hex system, matthew lee hinman, discover nsm-console, offline packet analysis, february toolsmith, tcpflow, ngrep
 
 
 
 
Expand article

Live from the 20th Annual FIRST Conference

2008-06-26 08:53:00 by Russ McRee in HolisticInfoSec.org
 
...toolsmith Take a look at these, if you aren't already familiar with them BitBlaze - Binary Analysis for COTS Protection and Malicious Code Defense F-Response - The First Truly Vendor Agnostic Solution for Remote Forensics and eDiscovery Maltego - Maltego is an open source intelligence and forensics application. It allows for the mining and...
 
Tags: steve mancini, volatility, volatility framework, anti-virus industry sucks, total unknown, maltego, par osterberg medina, vendor agnostic solution, total
 
 
 
 
Expand article

Expanding Response: Deeper Analysis for Incident Handlers

2008-10-10 08:38:00 by Russ McRee in HolisticInfoSec.org
 
...toolsmith column in the ISSA Journal , and includes details on Argus , HeX , NSM-Console , and NetworkMiner Abstract The perspective embraced for this discussion is that of an analyst who is working a process to determine the exact nature of malicious software on his network. He is in receipt of the above mentioned .exe and .pcap files and...
 
Tags: network, paper includes tools, incident handlers, network capture, deeper analysis, paper, gcih gold, includes details, pcap files
 
 
 
 
 
Showing 1-5 of 5 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia