Tools of the Trade

Learn about the various open source tools that can be used to help with cyber security anaylsis

Learn about useful open source cyber security tools that can help you in competition

cURL

cURL

cURL is a command line tool that support sending and receiving files using URLs. It support protocols such as HTTP, FTP, TELENT, and SMTP.

DFF

DFF

Digital forensics framework (DFF) is forensics software that collects, preserves, and reveals digital evidence without compromising the system or the data
Source: Jeremy Martin

Firebug

Firebug

Firebug is a plugin for Firefox that enables a developer to debug and edit HTML, Javascript, and CSS in a web page in real-time.

Hex Editor

Hex Editor

A hex editor allows a user to see and edit the raw contents of a binary file, which are represented as hexadecimal values. These tutorials show how to search for strings in order to hack binary files
Source: Aecial Shark

Hex Editor

A hex editor allows a user to see and edit the raw contents of a binary file, which are represented as hexadecimal values. These tutorials show how to search for strings in order to hack binary files
Source: Kris Occhipinti

Host and NSLookup

Host and NSLookup

Host and NsLookup (name server lookup) are command line tools for querying domain name system (DNS) servers in order to map a host name to its IP address.

Linter

Linter

A linter is a lint program, a program designed to identify and flag suspicious constructs in source code. The original program called Lint was designed for C; today there are lint programs for many programming languages. This video demonstrates the use of JSLint, a Javascript linter.
Source: Tuts+ Code

Metasploit Framework and Armitage

Metasploit Framework

Metasploit Framework is a penetration testing toolkit for developing and executing exploits that attempt to compromise other computer systems.
Source: Don Does 30

Metasploit Framework

Metasploit Framework is a penetration testing toolkit for developing and executing exploits that attempt to compromise other computer systems.
Source: Don Does 30

Armitage

Armitage is a GUI for the Metasploit Framework.
Source: Jeremy Martin

Netcat

Netcat

Netcat reads and writes data to and from network connections using TCP or UDP. It is used to explore and debug networks.
Source: Hak5

Netcat

Netcat reads and writes data to and from network connections using TCP or UDP. It is used to explore and debug networks.
Source: Lot of Learning

Nmap and Zenmap

Nmap

Nmap (network mapper) is a security scanner that discovers hosts and services on a computer network, thus creating a “map” of the network. It is used for network exploration and security auditing.
Source: Sean Browne

Zenmap

Zenmap is a GUI for Nmap.
Source: Hak5

OpenPuff

OpenPuff

OpenPuff is a steganography tool that allows you to encrypt and hide data in audio, image, and videos files.
Source: Jordan Genung

Scalpel

Scalpel

Scalpel is a file carver that extracts matching files from a set of image files or raw device files. It is useful for digital forensics investigation and file recovery.
Source: Lecture Snippets

Sleuth Kit and Autopsy

Sleuth Kit

Sleuth Kit is a collection of command line, forensic analysis tools that analyze disk images and recover files.
Source: rizwan ghafoor

Autopsy

The Sleuth Kit can be used via Autopsy 3, its custom front-end application for Windows.
Source: Jeremy Martin

Sqlmap

Sqlmap

Sqlmap is a penentration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers.
Source: CoolDezine

Steghide

Steghide

Steghide is a program that can be used to hide data in image or audio files.
Source: chisto

Strings

Strings

Strings is a command line tool that finds printable strings in binary files. Read More.

Wireshark

Wireshark

Wireshark is a packet analyzer used for troubleshooting networks and developing communications protocols. It can examine data from a live network.

ZAP

ZAP

Zed attack proxy (ZAP) is a penetration testing tool used to find vulnerabilities in web applications. This is an OWASP-created playlist of 12 short videos on ZAP.
Source: psiinon