TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP,...
-
Upload
dinhkhuong -
Category
Documents
-
view
215 -
download
0
Transcript of TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP,...
![Page 1: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/1.jpg)
#RSAC
SESSION ID:
Ron Woerner, CISSP, CISM
Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag
TECH-R02
Chief Security AdvisorRWX Security Solutions, LLC@ronw123
![Page 2: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/2.jpg)
#RSAC
– President / Chief Trusted Advisor – Cybersecurity Instructor, Bellevue University– 25+ years experience in IT / Security– CISSP, CISM– Blogger, podcaster & writer – Given tons’o presentations on security and Internet safety
Ron Woerner - BIO
![Page 3: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/3.jpg)
#RSAC
3
Thoughts aremy own
Use at your own risk
![Page 4: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/4.jpg)
#RSAC
4
Apologies in advance forbroken links
Content as of January 2019
![Page 5: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/5.jpg)
What the $%$# are we doing here?
Tools, applications, websites, references,
other stuff that can help you do you job.
Cybersecurity tips to keep yourself, others, and
hopefully your company out of trouble.
![Page 6: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/6.jpg)
#RSAC
“The art and science of skillfully maneuvering humans to
take an action that may or may not be in their own best interests.”
Chris Hadnagy, Social Engineering, The Science of Human Hacking
The Easiest Hack
![Page 7: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/7.jpg)
#RSAC
If you only remember 1 slide…
https://www.dhs.gov/see-something-say-something
https://www.stopthinkconnect.org/ https://www.lockdownyourlogin.com/
https://staysafeonline.org/
![Page 8: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/8.jpg)
#RSAC
#1 Technical Tool
https://www.google.com/advanced_search
![Page 9: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/9.jpg)
#RSAC
Time TravelGoogle Cache
Archive.org – Wayback Machine
![Page 10: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/10.jpg)
#RSAC
Lists of tools, tips, & tricksSecToolsTools Watch – Top Security ToolsOlderGeeksHowToGeek.com, Geek School
![Page 11: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/11.jpg)
#RSAC
Security Checklists / PublicationsNIST– CSRC: http://csrc.nist.gov/– Publications: http://csrc.nist.gov/publications/PubsSPs.html
Center for Internet Security – Controls: https://www.cisecurity.org/controls/– Benchmarks: https://www.cisecurity.org/cis-benchmarks/– CIS Controls Self-Assessment Tool, or CIS CSAT
DISA IASE Security Technical Implementation Guides (STIGs): https://iase.disa.mil/stigs/Pages/index.aspx
U.S. Cyber Consequences Unit (US-CCU) Cyber Security Matrix
![Page 12: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/12.jpg)
#RSAC
Cheat SheetsPeerlyst – Complete List of InfoSec Cheat SheetsLenny Zeltser – IT and Information Security Cheat Sheets: https://zeltser.com/cheat-sheets/
Malware Archeology (Auditing) –https://www.malwarearchaeology.com/cheat-sheets/
OWASP –https://www.owasp.org/index.php/OWASP_Cheat_Sheet_Series
![Page 13: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/13.jpg)
#RSAC
Personal Labs – Virtual Environments Oracle VM VirtualBoxVMWare Workstation
Windows 10 – Hyper-VMacOS Parallels
LifeHacker – How to Set Up a Virtual Machine for Free
![Page 14: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/14.jpg)
#RSAC
System Inventory & Automation“Asset management isn’t sexy. Penetration testing and red team and analysis gets all the job reqs, because it’s far more flashy. Effective security is boring.” Nathan W Burke
Center for Internet SecurityCSC Basic Controls
1. Inventory and Control of Hardware Assets2. Inventory and Control of Software Assets
![Page 17: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/17.jpg)
#RSAC
Network EnumerationShodan (https://www.shodan.io/) – Search engine for Internet-connected devices.
![Page 18: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/18.jpg)
#RSAC
Network EnumerationCensys (https://www.censys.io/) - Find and analyze every reachable server and device on the Internet.
![Page 20: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/20.jpg)
#RSAC
Network Vulnerability Detection
Titania Nipper Studio: https://www.titania.com/products/nipper-studio
Solarwinds: https://www.solarwinds.com/downloads– Firewall Browser– Network Configuration Manager– IP Address Manager
Firewall Audit Tool: https://www.wallparse.com/
![Page 21: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/21.jpg)
#RSAC
Windows AdministrationSysInternals Suite
AutorunsProcess ExplorerProcess Monitor
Video: Mark Russinovich, Malware Hunting
![Page 22: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/22.jpg)
#RSAC
Windows AdministrationGodMode
Create a new folder and edit it so that it is named the following and then press enter.– GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
When done, you should have an icon on your desktop
![Page 23: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/23.jpg)
#RSAC
Windows AdministrationWindows Update Agent (WUA)
Using WUA to Scan for Updates Offline, which includes a sample .vbs script. For a PowerShell alternative, see Using WUA to Scan for Updates Offline with PowerShell.
Replaces MBSA
PowerShell– Using Windows PowerShell– PowerShell.exe Command-Line Help
![Page 24: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/24.jpg)
#RSAC
Linux on WindowsWindows Subsystem for Linuxhttps://docs.microsoft.com/en-us/windows/wsl/about
Run bash.exeHTG Article: https://www.howtogeek.com/270810/how-to-quickly-launch-a-bash-shell-from-windows-10s-file-explorer/
![Page 26: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/26.jpg)
#RSAC
Patching & Updating
BatchPatchhttps://batchpatch.com/
Chocolatey https://chocolatey.org/
![Page 27: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/27.jpg)
#RSAC
Network Evaluation / Troubleshooting
Introduction video
TcpDump
![Page 28: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/28.jpg)
#RSAC
Linux Distros
https://livecdlist.com/
https://distrowatch.com/
![Page 29: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/29.jpg)
#RSAC
Linux / Unix SecurityHardening Linux Systems - https://www.beyondtrust.com/blog/harden-unix-linux-systems-close-security-gaps/
Linode’s Getting Started with SELinux GuideThe Geek Stuff
![Page 30: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/30.jpg)
#RSAC
Security / Pen Testing DistrosKalihttps://www.kali.org/downloads/
Parrot Security OShttps://www.parrotsec.org/download-security.php
Tails https://tails.boum.org/
![Page 31: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/31.jpg)
#RSAC
Pen Testing Framework
https://www.metasploit.com/
https://www.offensive-security.com/metasploit-unleashed/requirements/
![Page 32: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/32.jpg)
#RSAC
Social EngineeringIntelTechniques (OSInt) – https://inteltechniques.com/menu.html
Maltego – https://www.paterva.com/
Cree.py – Geolocation Information Aggregator, http://www.geocreepy.com/
Peek You - www.peekyou.com
![Page 33: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/33.jpg)
#RSAC
Social Engineering Toolkit (SET)https://www.trustedsec.com/social-engineer-toolkit-set/
![Page 34: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/34.jpg)
#RSAC
Security Testing
OWASP Zed Attack Proxy (ZAP)
Portswigger Burp Suite
Vega
Netsparker
GuardiCore Infection Monkey
![Page 35: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/35.jpg)
#RSAC
Digital ForensicsDEFT X
OSForensics
FTK
WinHex
![Page 36: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/36.jpg)
#RSAC
Personal Security – Password Vaults
LastPassKeePassLogMeOnce1PasswordRoboFormDashlane
![Page 37: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/37.jpg)
#RSAC
Personal Security – Encryption7-Zip
AES Crypt
Veracrypt
![Page 39: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/39.jpg)
#RSAC
Security Books
https://cybercanon.paloaltonetworks.com/
![Page 40: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/40.jpg)
#RSAC
Help add to the list
![Page 41: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/41.jpg)
#RSAC
“Apply Slide” Immediate: –Pick 1 or 2 tools / techniques –Play / Try it out / ExperimentNext 4-6 Weeks (rinse and repeat in 3 & 6 mos):–Review this slide deck–Pick more tools (3-5)–Experiment with tools in a virtual environment–Review the awareness websites
![Page 42: TECH-R02 Cybersecurity Tips, Tools, and Techniques for ... · #RSAC SESSION ID: Ron Woerner, CISSP, CISM. Cybersecurity Tips, Tools, and Techniques for Your Professional Toolbag.](https://reader030.fdocuments.net/reader030/viewer/2022041122/5d1a7abe88c993e6408c1c92/html5/thumbnails/42.jpg)
Cybersecurity Tips, Tools, & Techniques
Ron Woerner, CISSP, CISMron.woerner @ rwxsecurity.comTwitter: @ronw123