SlideShare a Scribd company logo

Ten Tools for Security Professionals

M
McGrewSecurity

A short lecture that I gave to the Information and Computer Security class at Mississippi State University this semester

TechnologyBusiness
1 of 41
Download to read offline
Ten security tools you can pick up and use right now (and a few extras) CSE 4/6243 January 28, 2008 Wesley McGrew rwm8@cse.msstate.edu
Introduction Focus is on “everyday” kinds of tools. Many security tools are double-edged swords The same tool that can be used to test your defenses can be used in an attack Use these tools in the lab! Never attack a network or system without explicit and specific permission!
Introduction This list is inspired by previous “tool” lectures given by Russ Ward and myself http://sectools.org/ also a great resource Focus is on free tools, unless otherwise stated also plenty of good commercial tools out there, such as Core Impact
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals
Ten Tools for Security Professionals

Recommended

Penetration testing tools and phases
Penetration testing tools and phasesPenetration testing tools and phases
Penetration testing tools and phases
TestingXperts
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurations
Megha Sahu
 
Manage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceManage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and Compliance
Eng Teong Cheah
 
DISA's Open Source Corporate Management Information System (OSCMIS)
DISA's Open Source Corporate Management Information System (OSCMIS)DISA's Open Source Corporate Management Information System (OSCMIS)
DISA's Open Source Corporate Management Information System (OSCMIS)
Joshua L. Davis
 
Security misconfiguration
Security misconfigurationSecurity misconfiguration
Security misconfiguration
Micho Hayek
 
Security testing operation vijay
Security testing operation vijaySecurity testing operation vijay
Security testing operation vijay
lavanyam210
 
Ekwik technology
Ekwik technology Ekwik technology
Ekwik technology
roman reigns
 
Managing Application Config and Secrets
Managing Application Config and SecretsManaging Application Config and Secrets
Managing Application Config and Secrets
Eng Teong Cheah
 

Recommended

Penetration testing tools and phases
Penetration testing tools and phasesPenetration testing tools and phases
Penetration testing tools and phases
TestingXperts
 
security misconfigurations
security misconfigurationssecurity misconfigurations
security misconfigurations
Megha Sahu
 
Manage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and ComplianceManage Artifact Versioning, Security and Compliance
Manage Artifact Versioning, Security and Compliance
Eng Teong Cheah
 
DISA's Open Source Corporate Management Information System (OSCMIS)
DISA's Open Source Corporate Management Information System (OSCMIS)DISA's Open Source Corporate Management Information System (OSCMIS)
DISA's Open Source Corporate Management Information System (OSCMIS)
Joshua L. Davis
 
Security misconfiguration
Security misconfigurationSecurity misconfiguration
Security misconfiguration
Micho Hayek
 
Security testing operation vijay
Security testing operation vijaySecurity testing operation vijay
Security testing operation vijay
lavanyam210
 
Ekwik technology
Ekwik technology Ekwik technology
Ekwik technology
roman reigns
 
Managing Application Config and Secrets
Managing Application Config and SecretsManaging Application Config and Secrets
Managing Application Config and Secrets
Eng Teong Cheah
 
Lab Meeting - 20140902 - Root Guard-Protecting Rooted Android Phones
Lab Meeting - 20140902 - Root Guard-Protecting Rooted Android PhonesLab Meeting - 20140902 - Root Guard-Protecting Rooted Android Phones
Lab Meeting - 20140902 - Root Guard-Protecting Rooted Android Phones
Syuan Wang
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6
AfiqEfendy Zaen
 
OWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationOWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfiguration
Nikola Milosevic
 
Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017
Laura Bell
 
Explore Security Testing
Explore Security TestingExplore Security Testing
Explore Security Testing
shwetaupadhyay
 
Machine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and ClusteringMachine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and Clustering
Ashwini Almad
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
phanleson
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibility
VodqaBLR
 
Active Testing
Active TestingActive Testing
Active Testing
frisksoftware
 
Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack
Papitha Velumani
 
Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testing
frisksoftware
 
A5: Security Misconfiguration
A5: Security Misconfiguration A5: Security Misconfiguration
A5: Security Misconfiguration
Tariq Islam
 
Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attackSecurity evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack
Shakas Technologies
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault
 
Sorting Out The Trash
Sorting Out The TrashSorting Out The Trash
Sorting Out The Trash
frisksoftware
 
Engineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseEngineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and Response
Jinnah University for Women
 
An Introduction to Malware Classification
An Introduction to Malware ClassificationAn Introduction to Malware Classification
An Introduction to Malware Classification
John Seymour
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding Practices
Thomas Kurian Ambattu,CRISC,ISLA-2011 (ISC)²
 
Static analysis for security
Static analysis for securityStatic analysis for security
Static analysis for security
Fadi Abdulwahab
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksAssessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber Attacks
Cimation
 
Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
Dr. Anish Cheriyan (PhD)
 
Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011
Atlantic Security Conference
 

More Related Content

What's hot

OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6
AfiqEfendy Zaen
 
OWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationOWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfiguration
Nikola Milosevic
 
Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017
Laura Bell
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault
 

What's hot (20)

Lab Meeting - 20140902 - Root Guard-Protecting Rooted Android Phones
Lab Meeting - 20140902 - Root Guard-Protecting Rooted Android PhonesLab Meeting - 20140902 - Root Guard-Protecting Rooted Android Phones
Lab Meeting - 20140902 - Root Guard-Protecting Rooted Android Phones
 
OS Database Security Chapter 6
OS Database Security Chapter 6OS Database Security Chapter 6
OS Database Security Chapter 6
 
OWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfigurationOWASP Serbia - A6 security misconfiguration
OWASP Serbia - A6 security misconfiguration
 
Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017Continuous Security - NDC Sydney 2017
Continuous Security - NDC Sydney 2017
 
Explore Security Testing
Explore Security TestingExplore Security Testing
Explore Security Testing
 
Machine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and ClusteringMachine Learning for Malware Classification and Clustering
Machine Learning for Malware Classification and Clustering
 
Ch08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System VulnerabilitiesCh08 Microsoft Operating System Vulnerabilities
Ch08 Microsoft Operating System Vulnerabilities
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibility
 
Active Testing
Active TestingActive Testing
Active Testing
 
Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack
 
Building & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus TestingBuilding & Leveraging White Database for Antivirus Testing
Building & Leveraging White Database for Antivirus Testing
 
A5: Security Misconfiguration
A5: Security Misconfiguration A5: Security Misconfiguration
A5: Security Misconfiguration
 
Security evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attackSecurity evaluation of pattern classifiers under attack
Security evaluation of pattern classifiers under attack
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
 
Sorting Out The Trash
Sorting Out The TrashSorting Out The Trash
Sorting Out The Trash
 
Engineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and ResponseEngineering Security Vulnerability Prevention, Detection, and Response
Engineering Security Vulnerability Prevention, Detection, and Response
 
An Introduction to Malware Classification
An Introduction to Malware ClassificationAn Introduction to Malware Classification
An Introduction to Malware Classification
 
5 Important Secure Coding Practices
5 Important Secure Coding Practices5 Important Secure Coding Practices
5 Important Secure Coding Practices
 
Static analysis for security
Static analysis for securityStatic analysis for security
Static analysis for security
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksAssessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber Attacks
 

Similar to Ten Tools for Security Professionals

A Comparison Study of Open Source Penetration Testing Tools
A Comparison Study of Open Source Penetration Testing ToolsA Comparison Study of Open Source Penetration Testing Tools
A Comparison Study of Open Source Penetration Testing Tools
ijtsrd
 
Break it while you make it: writing (more) secure software
Break it while you make it: writing (more) secure softwareBreak it while you make it: writing (more) secure software
Break it while you make it: writing (more) secure software
Leigh Honeywell
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
Amit Kumbhar
 
Current Topics paper A4 submission 4.30.2015 Master Copy
Current Topics paper A4 submission 4.30.2015 Master CopyCurrent Topics paper A4 submission 4.30.2015 Master Copy
Current Topics paper A4 submission 4.30.2015 Master Copy
Tommie Walls
 
Iaetsd evasive security using ac ls on threads
Iaetsd evasive security using ac ls on threadsIaetsd evasive security using ac ls on threads
Iaetsd evasive security using ac ls on threads
Iaetsd Iaetsd
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
HarrisGeorg69
 

Similar to Ten Tools for Security Professionals (20)

Penetration testing dont just leave it to chance
Penetration testing dont just leave it to chancePenetration testing dont just leave it to chance
Penetration testing dont just leave it to chance
 
Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011Arved sandstrom - the rotwithin - atlseccon2011
Arved sandstrom - the rotwithin - atlseccon2011
 
Best Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docxBest Practices, Types, and Tools for Security Testing in 2023.docx
Best Practices, Types, and Tools for Security Testing in 2023.docx
 
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical ApproachIRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
IRJET- Penetration Testing using Metasploit Framework: An Ethical Approach
 
A Comparison Study of Open Source Penetration Testing Tools
A Comparison Study of Open Source Penetration Testing ToolsA Comparison Study of Open Source Penetration Testing Tools
A Comparison Study of Open Source Penetration Testing Tools
 
Break it while you make it: writing (more) secure software
Break it while you make it: writing (more) secure softwareBreak it while you make it: writing (more) secure software
Break it while you make it: writing (more) secure software
 
smpef
smpefsmpef
smpef
 
What are DevSecOps Tools and Why Do You Need Them?
What are DevSecOps Tools and Why Do You Need Them?What are DevSecOps Tools and Why Do You Need Them?
What are DevSecOps Tools and Why Do You Need Them?
 
SEC 572 Entire Course NEW
SEC 572 Entire Course NEWSEC 572 Entire Course NEW
SEC 572 Entire Course NEW
 
Understanding Vulnerabilities in Software
Understanding Vulnerabilities in SoftwareUnderstanding Vulnerabilities in Software
Understanding Vulnerabilities in Software
 
Pentesting with linux
Pentesting with linuxPentesting with linux
Pentesting with linux
 
CyberSecurity Assignment.pptx
CyberSecurity Assignment.pptxCyberSecurity Assignment.pptx
CyberSecurity Assignment.pptx
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
 
Current Topics paper A4 submission 4.30.2015 Master Copy
Current Topics paper A4 submission 4.30.2015 Master CopyCurrent Topics paper A4 submission 4.30.2015 Master Copy
Current Topics paper A4 submission 4.30.2015 Master Copy
 
The Basics of Hacking and Penetration Testing Tools
The Basics of Hacking and Penetration Testing ToolsThe Basics of Hacking and Penetration Testing Tools
The Basics of Hacking and Penetration Testing Tools
 
Sec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.comSec 572 Education Organization / snaptutorial.com
Sec 572 Education Organization / snaptutorial.com
 
Iaetsd evasive security using ac ls on threads
Iaetsd evasive security using ac ls on threadsIaetsd evasive security using ac ls on threads
Iaetsd evasive security using ac ls on threads
 
Sec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.comSec 572 Education Specialist-snaptutorial.com
Sec 572 Education Specialist-snaptutorial.com
 
Malware Evasion Techniques
Malware Evasion TechniquesMalware Evasion Techniques
Malware Evasion Techniques
 
Sec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.comSec 572 Enhance teaching / snaptutorial.com
Sec 572 Enhance teaching / snaptutorial.com
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Recently uploaded (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 

Ten Tools for Security Professionals

  • 1. Ten security tools you can pick up and use right now (and a few extras) CSE 4/6243 January 28, 2008 Wesley McGrew rwm8@cse.msstate.edu
  • 2. Introduction Focus is on “everyday” kinds of tools. Many security tools are double-edged swords The same tool that can be used to test your defenses can be used in an attack Use these tools in the lab! Never attack a network or system without explicit and specific permission!
  • 3. Introduction This list is inspired by previous “tool” lectures given by Russ Ward and myself http://sectools.org/ also a great resource Focus is on free tools, unless otherwise stated also plenty of good commercial tools out there, such as Core Impact