Security Management Strategies for the CIOWhen it comes to analyzing a network, protecting enterprise data, or fighting malware, there are a variety of free and open source products available to help. In our screencasts, SearchSecurity.com's best experts will walk you through today's popular information security tools and how to use them.
Want to see an on-screen demo of a particular free or open source security or compliance tool that hasn't been featured yet? Email us your suggestions.
Requires Free Membership to View
Screencasts:
ThreadFix
How
to use ThreadFix to simplify the vulnerability management process
Keith Barker of CBT Nuggets demonstrates how Denim Group's ThreadFix helps simplify the enterprise
vulnerability management process.
Zed
Attack Proxy
Zed
Attack Proxy tutorial: Uncover Web app vulnerabilities using ZAP
Keith Barker of CBT Nuggets offers a OWASP Zed Attack Proxy tutorial. Learn how to find and nullify
Web application vulnerabilities using ZAP.
Dexter
Use
the Android static analysis tool Dexter to safely deploy apps
Keith Barker of CBT Nuggets details how Dexter can be used for the static analysis of Android
applications.
Mandiant
Redline
Use
the Mandiant Redline memory analysis tool for threat assessments
Keith Barker of CBT Nuggets shows how to use the Mandiant Redline memory analysis tool to conduct
threat
assessments and defeat rootkits.
MAP
toolkit
How
to use Microsoft's MAP toolkit security assessment application
Keith Barker, CISSP and trainer for CBT Nuggets, reveals how to use the MAP Toolkit security
assessment application to perform an IT infrastructure assessment and discover what is really on
your network.
NDPMon
How
to utilize NDPMon for better IPv6 monitoring, network visibility
Keith Barker, CISSP and trainer for CBT Nuggets, shows how enterprise users of NDPMon can utilize
the free and open-source security tool for more effective IPv6 monitoring.
Splunk
Splunk
tutorial demonstrates how to use Splunk for security
In this SearchSecurity.com screencast, Keith Barker, CISSP and trainer for CBT Nuggets, provides a
tutorial of Splunk to exhibit how to use Splunk for security. Keith analyzes the features available
in the free version of Splunk, including a powerful set of predefined searches that can be tweaked
to achieve specific results.
Zenmap
Zenmap
tutorial: Mapping networks using Zenmap profiles
In this SearchSecurity.com screencast, Keith Barker, CISSP and trainer for CBT Nuggets LLC, walks
users through a Zenmap tutorial. He'll provide a brief overview of Zenmap before delving into all
that Zenmap's predefined profiles offer. Keith will also divulge one of the features that sold him
on Zenmap's uses: its graphical network topology generator.
Wireshark
How
to use Wireshark to detect and prevent ARP spoofing
In this SearchSecurity.com screencast, Keith Barker, CISSP and trainer for CBT Nuggets, instructs
viewers on how to use Wireshark to detect and prevent Address Resolution Protocol (ARP) spoofing
attacks. ARP duplicate IP address detection is already turned on by default, but Barker delves
further into Wireshark's features to uncover the "Detect ARP request storms" function.
pfSense
Configure
pfSense as an SMB-caliber firewall
In this SearchSecurity.com screencast, Keith Barker, CISSP and trainer for CBT Nuggets, provides a
brief tutorial of pfSense, a free, open source firewall based on FreeBSD. Barker walks viewers
through a configuration of pfSense and shows how to use its main features, including stateful
packet filtering.
FOCA
Employ
the FOCA tool as a metadata extractor
Mike McLaughlin shows viewers how to use the FOCA tool to extract metadata concerning user, system
and software information, among others.
Burp
Suite
Burp
Suite tutorial highlights Burp Proxy, other key tools
In this screencast, penetration tester Mike McLaughlin offers a brief Burp Suite tutorial that
highlights the key features available in both the free and paid versions of the tool.
GHDB
How
to use GHDB to identify security holes, Googledorks
Mike McLaughlin shows viewers how to utilize the GHDB to identify Googledorks, which are Google
search terms that identify security vulnerabilities or collect information from servers.
ShareEnum
ShareEnum
eases network enumeration, network share permissions
Mike McLaughlin demonstrates how to use ShareEnum, a free tool for network enumeration.
WPScan
How
to use WPScan to provide WordPress plug-in security
In this screencast, Mike McLaughlin demonstrates how to use WPScan, a tool that exposes security
vulnerabilities in WordPress plug-ins.
MBSA
Windows
MBSA scan demo: Conducting a Windows security review
Mike McLaughlin demonstrates the Microsoft Baseline Security Analyzer. He covers how to conduct a
Windows MBSA scan that can quickly determine a Window machine's patch levels and other key security
settings.
NMAP
NSE
NMAP
NSE tutorial: Network asset and vulnerability identification
This brief NMAP NSE tutorial shows how to use NMAP NSE scripts to identify potential attack
targets, detect versions of various devices and services, and much more.
Broken
Web Apps
How
to use OWASP Broken Web Apps to prevent vulnerabilities
In this video demo, learn how to use the OWASP Broken Web Apps project, which allows would-be pen
testers to attack applications that are intentionally insecure in order to help them hone their
skills at securing their own apps.
Mantra
An
inside look into OWASP’s Mantra tool
In this month’s SearchSecurity.com screencast video, learn about Mantra from expert penetration
tester Mike McLaughlin of First Base Technologies.
WebScarab
WebScarab
tutorial: Demonstration of WebScarab proxy functionalities
In this WebScarab tutorial video, get step-by-step advice on how to install and use this free tool,
including the WebScarab proxy features, among others.
eEye
Retina
How
to use the free eEye Retina scanner community edition
Looking for a tool that can scan dozens of network ports and, when it's done, create color-coded
reports for executives with its findings, all for free? In this screencast, Peter Giannoulis of The
Academy Pro explains how to use the free community edition of the eEye Retina scanner.
Secure
Browsing
Secure
Browsing: Free plug-in lessens social networking security risks
Looking for ways to improve employees' browsing security? Learn about the free Secure Browsing
plug-in from M86 Security.
Netcat
Netcat
tutorial: How to use the free Netcat command-line tool
Helpful for penetration testers and network admins who need to debug infected systems, the netcat
command-line tool boasts many free features for enterprise use.
P0f
P0f:
A free collection of passive OS fingerprinting tools
Learn how to use P0f to fingerprint any OSes connecting to or from your system, as well as
firewalls, IDSes or honeypots for even greater visibility.
ngrep
ngrep:
Learn how to find new malware with ngrep examples
Learn how to use the free tool ngrep to find new malware that antivirus or IPS might not pick up
on.
OSSEC
Pt. 2
Video:
OSSEC screenshots show how to use the free IDS
In part two of this screencast, Peter Giannoulis of TheAcademyPro.com uses OSSEC screenshots to
demonstrate a few of the many functions this free IDS boasts.
OSSEC
Pt. 1
How
to install an OSSEC server on Linux and an OSSEC Windows agent
In part one of this screencast, learn how to install the free, host-based intrusion detection
system OSSEC, with step-by-step instructions on setting up an OSSEC server on Linux with an OSSEC
Windows agent.
XSSer
XSSer
demo: How to use open source penetration testing tools
In this video demo, learn how to use XSSer, open source penetration testing tools for detecting
various Web application flaws and exploiting cross-site scripting (XSS) vulnerabilities against
applications.
NeXpose
How
to use NeXpose: Free enterprise vulnerability management tools
Learn how to use NeXpose Community Edition, a free collection of vulnerability management tools
that offers pre-defined scan templates, and the ability to scan networks, OSes, desktops and
databases.
Sysinternals
Using
the Microsoft Sysinternals suite for a computer systems audit
If you're an auditor, or are looking to perform an internal audit, Microsoft's suite of
Sysinternals tools could greatly help you. Learn how to use these free tools in this video.
Angry IP
Free
port scan: How to use Angry IP scanner
This month, Peter Giannoulis from TheAcademyPro.com shows how to use the Angry IP scanner for a
thorough, free port scan that gathers MAC address, port, hostname and NetBIOS information.
Netsparker
Netsparker:
Free Web app security testing tool
Learn how to use the community version of Netsparker: A Web app testing tool that scans and tests
for vulnerabilities such as SQL injection and cross-site scripting. And the best part? The
community version is entirely free.
StreamArmor
Detect
rootkit alternate data streams (ADS) with StreamArmor
In this month's screencast, Peter Giannoulis of TheAcademyPro.com explains how to use StreamArmor
to detect alternate data streams that may be hiding rootkit data.
Malwarebytes
How
to use Malwarebytes to scan for and remove malware
Peter Giannoulis offers a video demonstration of Malwarebytes' Anti-Malware, a free tool that can
eliminate many of the especially difficult or hidden viruses and malware on infected
machines.
hping
How to use
hping to craft packets
In this month's screencast, Peter Giannoulis of TheAcademyPro.com explains how to use the hping
command-line tool to craft packets for numerous security scenarios in Windows, Mac, Linux and Unix
OSes.
TrueCrypt
How
to use TrueCrypt for disk encryption
In this month's screencast, Peter Giannoulis of TheAcademyPro.com details how to not only use
Truecrypt to create an encrypted drive on a Windows PC, but he also explains how to create a hidden
drive within a drive as an additional data protection measure.
Vistumbler
Find
rogue wireless access points with Vistumbler
The wireless detection tool Vistumbler is a lot like Netstumbler, except it supports Windows Vista
and Windows 7. In this demo, learn how to use the tool to find rogue wireless access points on your
network. Peter Giannoulis also reveals how to export access point GPS locations to Google
Earth.
OpenVAS
How
to launch an OpenVAS scan
Watch Peter Giannoulis as he demonstrates OpenVAS, an open vulnerability assessment system. OpenVAS
is a free network secuity scanning tool, much like Nessus. In his presentation, Peter explores the
tool's set of NVTs, or network vulnerability tests, that will detect security problems in remote
systems and applications.
N-Stalker
Scanning
with N-Stalker offers basic Web application security assessment
This month, Peter Gianonulis reviews a valuable Web application scanner that will assess your
publicly facing servers, detect vulnerabilities and mitigate threats. Peter demonstrates how to
conduct a basic assessment for Web spidering, HTTP fingerprinting and cross-site scripting. In
fact, N-Stalker has 20,000 signatures -- not bad for a free product.
BackTrack
4
BackTrack
4 offers full pack of penetration testing tools
This month, Peter Giannoulis provides a demo of BackTrack 4, the final version of the venerable
pen-testing live Linux-based CD distribution. The penetration testing tools are installed and ready
to go, and they can save you valuable time. Watch as Giannoulis samples the many testing features
and demonstrates how to get BackTrack 4 up and running in a virtualized environment.
Smoothwall
Smoothwall
offers firewall defense in lean times
You may think that Linux distributions are only for the highly trained IT professional, but
Smoothwall, in fact, requires no knowledge of Linux whatsoever. Peter Giannoulis, in his latest
screencast, shows you the features of the open source firewall and how to install it in a VMware
image.
Rootkit
Hunter
Rootkit
Hunter demo: Detect and remove Linux rootkit
Peter Giannoulis looks at a a free, Linux-based malware detection tool and rootkit scanner: Rootkit
Hunter. The tool, which scans for backdoors and local exploits, can also detect behavior that may
not be easily caught by AV, including default files and hidden files used by rootkits.
Samurai
Samurai
offers pen-testing nirvana
In this screencast, Peter Giannoulis reviews the Samurai Web testing framework, a collection of the
best Web penetration testing tools put together on a a live Linux CD. If you're a pen tester, or if
you perform vulnerabilitiy assessments, you don't have to build all of these tools on your own
dedicated operating system.
MBSA
How
to perform Microsoft Baseline Security Analyzer (MBSA) scans
Learn about the Microsoft Baseline Security Analyzer (MBSA), a free tool provided by Microsoft
finds misconfigurations in Windows operating systems. The MBSA uses Microsoft's recommended
security configuration to determine how you can further secure your system.
Maltego
Maltego
demo: Identifying a website's trust relationships
Learn how the Maltego tool can be most effectively used during the information-gathering phase of a
penetration test. In this on-screen demo, Peter Giannoulis reveals some of the trust relationships
of SearchSecurity.com itself.
Cain
and Abel
Recovering
lost passwords with Cain & Abel
Brute-forcing Windows passwords is easier than you think. Peter Giannoulis explains how the Cain
and Abel tool can be used to recover your precious credentials.
Network
Miner
How
to gather host-level data with Network Miner
One particular open source network sniffer hasn't received the attention that it deserves, at least
according to Peter Giannoulis. Watch as Peter demonstrates how to use Network Miner, a free,
Windows-based tool, to identify ports, protocols, operating systems and other services.
Metagoofil
Collecting
metadata with Metagoofil
Metagoofil, a free tool, provides users with the ability to extract hidden metadata from public
documents, including Word docs, PowerPoints and PDFs. Learn how penetration testers can use this
tool to analyze a network and assess the security of a website or Web server.
Tor
How
Tor improves Web surfing privacy and security audits
Tor, a security tool that permits anonymous Web surfing, can be used for both good and bad. In this
demonstration, learn how network administrators can mask their locations and improve their
audits.
Nipper
How
to use Nipper to create network security reports
Nipper, a free and open source network infrastructure parser, can do more than make your config
look pretty. Learn how the tool can produce security audit reports on your network devices. Peter
Giannoulis demonstrates how to review your network topology and see where you can enhance it.
Wikto
How
to use Wikto for Web server assessment
Penetration testers who are looking for flaws in their Internet-facing Web servers can use the
freely available Wikto. See for yourself what kinds of information that Wikto can gather about a
specific website -- including its good and bad directories -- and which plug-ins will allow you to
get the most out of the free tool.
Wireshark
Catching
network traffic with Wireshark
Wireshark, a favorite network protocol analyzer, has plenty of forensic capabilities. See the kinds
of traffic that the free tool can catch, including files from tcpdump, Microsoft Network Monitor,
Sniffer Pro -- and even recorded VoIP calls.
WinHex
Recovering
lost data with WinHex
WinHex performs forensics and also specializes in low-level data processing, drive imaging and file
or program analysis. It can even prevent security leaks because of its ability to destroy or wipe
data securely. Watch Peter Giannoulis as he reviews one of the Winhex's main functions: its ability
to find and return deleted folders and lost data.
OSSTMM
An
introduction to the Open Source Security Testing Methodology Manual
The Open Source Security Testing Methodology Manual (OSSTMM) allows you to perform many security
tests on your firewalls, intrusion detection systems, passwords and much more. Watch Peter
Giannoulis as he introduces the manual and demonstrates how it can be used to defend machines from
a brute-force dictionary attack. Learn which parts of a security architecture need to be tested and
how to properly measure your results.
Metasploit
Penetration
testing with Metasploit
Metasploit allows hackers and security professionals alike to examine how well a given system can
handle known exploits and payloads. Expert Peter Giannoulis demonstrates how the freely available
tool can be used to test commercial and custom-made applications, servers and operating systems. In
his presentation, Giannoulis shows how one unfortunate Windows user's machine can be easily taken
advantage of.
Nessus
Finding
vulnerabilities with Nessus
Nessus is the granddaddy of all information security tools. While no longer an open source tool, it
still exists as freeware and is actively supported with new signatures. In this screencast, Peter
Giannoulis of Bones Consulting demonstrates how enterprises can use Nessus to assess
vulnerabilities and help protect critical systems and networks.
Network Security
Toolkit
Opening
up the Network Security Toolkit
Built upon Insecure.org's "100 Best Tools," the Network Security Toolkit is improving the jobs of
information security professionals everywhere. Tom Bowers, managing director of security think tank
and industry analyst firm Security Constructs, uses this latest screencast to explore the
collection of networking and security gear. Bowers reviews the basics of the browser-based security
toolbox, including proper configurations and tool selection.
Snort
Snort
-- Tactics for basic network analysis
Snort is a robust tool that can be used in a number of ways to assess the security posture of a
network, but it takes time to learn, and it can be tricky to obtain all the data that Snort can
provide. SearchSecurity.com contributor Tom Bowers provides a demo for those using the tool for the
first time. Bowers offers a brief introduction and history of Snort and explains what the IDS can
do for information security pros.
Google
hacking
Google
hacking, infosec style
Search engines and related tools are not only handy when it comes to finding information on the
Web, but they can also help security professionals ensure an organization's intellectual property
doesn't slip off the network and into the public domain. Tom Bowers demonstrates how a few basic
"Google hacking" methods can offer fascinating competitive intelligence for your enterprise.
.
UTM
How
to configure a UTM device
Unified threat management technologies provide protection against various network attacks, but
properly configuring UTM boxes can be a whole other battle. In this exclusive screencast, expert
David Strom gives an easy-to-follow, on-screen demonstration of the configuration options available
in SonicWall's unified threat management product. In simple steps, Strom explains how to set up a
SonicWall box, interpret its alerts and adjust security policies accordingly to ensure that a
network has optimum protection.
This was first published in February 2010
Join the conversationComment
Share
Comments
Results
Contribute to the conversation