Network Scanners

  • Nmap / Zenmap (GUI): scan for open ports and other hosts/devices on network
  • hping: craft custom TCP/IP packets and send them to target host; can be used for firewall testing, DoS attacks, and network testing

Web Scanners / Web App Analysis Tools

  • Nikto / Wikto (GUI): scan web server for vulnerabilities
  • Burp Suite: a web application security testing tool
  • OWASP ZAP: a web application security scanner
    • Also has a sample vulnernable project

General Security Tools

  • Nessus: a vulnerability scanner for servers, network, and devices security testing
  • Fuzzers: tool to test input validation by sending random inputs
  • Binscope: analyses binary files and source code for security issues

Exploit Framework

  • Metasploit: a penetration testing framework that can be used to exploit vulnerabilities
  • Core Impact: a commercial penetration testing framework
  • Immunity CANVAS: a framework for developing and testing exploits

Packet Sniffers

  • Wireshark (GUI): a network protocol analyzer that captures and displays network packets
  • tcpdump: a command-line packet analyzer

System Hardening

  • Update OS: sudo apt update && sudo apt upgrade -y # Ubuntu/Debian
  • Set up automatic security updates with unattended-upgrades
  • Install fail2ban
  • Only allow certain users SSH access
  • Change default ports
  • Only allow needed ports in firewall: sudo ufw allow 443
  • Add rate limit
  • Add concurrent connections limit
  • Internal communication should be through private network
  • Be wary of keys and secrets location

Laws

  • FISHA (Federal Information Security Management Act): protects federal infomation and assets
  • FERPA (Family Educational Rights and Privacy Act): protects student education records
  • HIPPA (Health Insurance Portability and Accountability Act): protects confidentiality & integrity of personal healthcare information
  • HITECH (Health Information Technology for Economic and Clinical Health Act): technology; promote and expand adoption of health info, especially the use of electronic health records
  • PCI DSS (Payment Card Industry Data Security Standard): a set of security standards for organizations that handle credit cards data
  • COPPA (Children’s Online Privacy Protection Act): protects children's online privacy that are under 13 years old
  • SOX (Sarbanes-Oxley Act): a law that sets standards for financial reporting and internal controls in public companies
  • GLBA (Gramm-Leach-Bliley Act): protects financial information of customers of financial institutions