September 3, 2021

What’s in your toolkit?


As a security engineer I use many tools in my day to day work, ranging from nmap, and other built in tools of Kali to resources on the web, database I’ve aggregated over time, even data I’ve harvested over time and physical hardware as well.

I was wondering what tools other professionals on here use from there day to day?

Here is a list of probably the most common ones. I build solutions as well as find the problems so there are a few coding IDE’s in there I’ll omit them, except saying visual studio code for windows is my preferred choice. That’s a personal thing, I know peeps out there hate VC

* Kali Linux, that’s a big list so lets just include this now.. This is however on a separate laptop a Panasonic CF-52 which in blunt terms is an indestructible bit of kit! its old now but is great out in the field for testing and deploying. Its steel encased, and I’ve dropped it down a flight of stairs and I swear I heard it laughing at me!
* Kali – Nmap
* Kali – MDK (good for wifi attacking)
* Kali airmon-ng (great for wifi monitoring)
* Burpsuite (windows version..)
* Homedale – This is a wifi scanner I use for windows ([https://the-sz.com/products/homedale/index.php](https://the-sz.com/products/homedale/index.php)) I’ve a windows machine as well.
* Tor – both as a browser and a service
* Vagrant

For online resources :

* [https://news.ycombinator.com/](https://news.ycombinator.com/) – Great news resource
* [https://www.exploit-db.com/](https://www.exploit-db.com/) – Very good db of current and old exploits
* [https://www.ncsc.gov.uk/section/keep-up-to-date/threat-reports](https://www.ncsc.gov.uk/section/keep-up-to-date/threat-reports) (I’m u.k based, so this is regional…)
* [https://threatpost.com/](https://threatpost.com/) – Nice reading.
* [https://apt.thaicert.or.th/cgi-bin/aptgroups.cgi](https://apt.thaicert.or.th/cgi-bin/aptgroups.cgi) – I would recommend looking at this even for the interest value!
* [https://www.shodan.io/](https://www.shodan.io/) – This is basically become google for me.

As mentioned I’ve a lot of offline resources I turn to if I hit a problem. A good one if you are starting out is called cybok [https://www.cybok.org/knowledgebase](https://www.cybok.org/knowledgebase) which is a fantastic aid to memory.

Right your go!

Comments

MaxProton

One key bit of kit I forgot but might interest you is an SDR USB module. (software defined radio) its great for doing frequency analysis etc, I use a free bit of software with it called AIRSPY. Just worth noting.

bitslammer

Your tools seem in line with those of a pen-tester or red/blue team analyst.

I don’t have a set toolset so much as I bounce around the various tools the other security teams have internally. That might be anything from Tenable, to Exabeam, to Dependency-Check, to RSA Archer to other internal tools and resources.

I’m also often out referencing things like NIST 800-53/181, the CSA-CCM as well as a long list of regulatory requirements we adhere to in various countries.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.