Skip to main content

Give me all your Warez: Technical Resources

I've discussed some good news and informational resources with you previously, now I wish to provide you with yet another living page which will give you an idea of what software tools are available, and what you should be looking at using. Bear in mind that there will be other programs that have similar capabilities, and you may prefer those. That's fine, this isn't supposed to be a "definitive guide of must haves", more of a "this is what is out there, these things are the most common/well know versions" guide. If you know of anything better, leave a comment and I'll add it to the list, or remove something if that's the way things go.

Operating Systems

In short: all of them. You will need to be experienced in most major releases of each platform. This is easier said than done, because unless you buy a Mac or Macbook, getting hold of macOS is actually quite difficult, even through, ahem, less than legal means (or so I'm told).

Microsoft Windows: Now I appreciate that there are a fair few version and releases of Windows, both desktop and server, but it's worth spending some time with them all if you can. You can download most of them for free from MS themselves, but they will only be trial versions, lasting about 180 days. Server-wise, look at 2003, 2008R2, 2012 and 2016, and if you can, 2000. For the desktop, anything 2000 onward, with a focus on 2000 Professional, XP, 7 and 10 (Vista was never really popular with anyone, let alone businesses).

GNU/Linux: There's a lot to cover here, so I'll strip it down to the basics as much as I can. Firstly, if you are looking to do pen testing of any kind, you will need to be proficient in either Kali Linux or ParrotOS. These two Linux distros were designed and built as offensive security operating systems, coming pre-loaded with a whole host of tools and goodies. Also worth your time are distros like CentOSFedora and Ubuntu (not my favourite by any stretch of the imagination, but other like it. No accounting for taste.), which are among the most popular for desktop and servers.

This might seem a lot, but there are about 1500 active distributions at any one time, plus a whole lot more based upon the Linux kernel (Android being one, and pfSense and SmoothWall firewalls being others). It is worth taking the time to understand Linux, its file permissions, commands, and differing package management systems, as you will almost certainly come across one distro or another at some point.

IOS/JunOS: These two operating systems are rather specific, but will give you a definite advantage. The Internetwork Operating System (not to be confused with the Apple offering of similar nomenclature) and the Junos Network Operating System are both proprietary OS's for routers. Understanding these systems will give you a good overview of networking architecture.

macOS: As I mentioned earlier, this might be the hardest to learn, given you need to own an expensive Mac to use it. But due to the increasing popularity of Apple products, this is fast becoming a must, particularly for digital forensics.

Shells and Scripting tools

Precision and automation are everyone's friends, doubly so when you have several repetitive tasks to do per day. Learning how to use the command line and how to create small scripts to run specific tasks at specific times will help save time, money and effort, and free you up to get on with other aspects of your job. 

Bash: The Linux holy of holies, the command line. One of the most powerful tools an IT professional can have at their fingertips. Conquer the dark arts of the terminal, and you will go very far, grasshopper.

Powershell: Something Microsoft got very right, despite the fact it’s also one of the weakest security points in Windows. Not only does this perform the same functions as the Command Prompt, but it also allows for scripting, and allows for the use of UNIX commands as well as aliasing. Useful to know.

Python: The scripting language that can be used as an actual high-level programming language. Small, simple to use, reasonably easy to learn and extraordinarily flexible: it has uses for simple scripts to machine learning and data analytics.

General Tools and Links

https://opensource.com/resources/projects-and-applications?sc_cid=7016000000127ECAAY






Comments

Post a Comment

Popular posts from this blog

Logical Fallacies - Why do they matter?

I came across a wonderful poster image by a talented artist, Michele Rosenthal , which depicts a robot debate: Granted, these aren't all the logical fallacies that exist, but it covers the most obvious, and most abused ones. But why are they important? We currently live in an age where we have access to more information that at any other point in history, and yet somehow we still think that arguing from emotion, or with our cognitive dissonance blinders on, is both right and acceptable: it isn't, not by any stretch of the imagination. Postmodernism may have a place, but not here. Yes, you absolutely are allowed to feel they way you want to, but debates are places for facts and ideas that need to be scrutinised rigorously, not with playground threats and character assassinations. "I feel" is not an argument that belongs in a debate - your feelings are valid for you, yes, but you can not simply refute the evidence-based assertion of vaccinations work with the st...
Post a Comment
Read more

The Alphabet Soup: A Quick Guide to Post-Nominals

This week, I’ll walk you through the ever-growing list of post-nominal letters you can add to your name through qualifications and certifications. Being a student myself, I’ll start with exploring the academic route, then go through the more popular, and best recognised, vendor and standards organisations’ certifications, highlighting their worth for your CV and career development. It’s not a comprehensive list, by any stretch of the imagination, and is geared towards a more general CyberSec professional, rather than focusing on any one aspect of the industry. I’ll try and shy away from too much debate by running away very quickly to avoid the one about CEH vs. OSCP, and leave it to you instead. *Disclaimer* I am a university student, and haven’t actually done any of the following certifications, at least not to completion. I have explored each in a reasonable amount of depth to see their benefits and worth and consulted with holders of a few to gain their insider opinions. I a...
Post a Comment
Read more

It's all about the angles

I could describe the surroundings for you perfectly, down to the way the grain went on each of the wood panels on the floor, I could talk to you at great length concerning the cobwebs knocking at my door or the baying crane flies attacking the windows, baying for the bleeding luminescence seeping from the screen. I could go so far as to describe each and every instrument playing on the track I was listening to, the perfectly clear Irish lung-pipes of Cara Dillon’s songbird vocals. But I won’t, because none of that matters, at least not in this context, or perspective. It all comes down to angles you see. Not the angles of everything around us, but our angles. The tilt of the head to listen more intently, the hunch, or straightening of the back to become comfortable. The adjustment of glasses to see an image properly, or in this instance, to see the image no-one else may have seen. It doesn’t take much to shift your physical perception of anything, but it opens up a myriad new worlds, ...
Post a Comment
Read more