Posts

Showing posts from September, 2016

Toolsmith In-depth Analysis: motionEyeOS for Security Makers

Image
It's rather hard to believe, unimaginable even, but here we are. This is the 120th consecutive edition of toolsmith; every month for the last ten years, I've been proud to bring you insights and analysis on free and open source security tools. I hope you've enjoyed the journey as much as I have, I've learned a ton and certainly hope you have too. If you want a journey through the past, October 2006 through August 2015 are available on my web site here, in PDF form, and many year's worth have been published here on the blog as well.
I labored a bit on what to write about for this 10th Anniversary Edition and settled on something I have yet to cover, a physical security topic. To that end I opted for a very slick, maker project, using a Raspberry Pi 2, a USB web cam, and motionEyeOS. Per Calin Crisan, the project developer, motionEyeOS is a Linux distribution that turns a single-board computer into a video surveillance system. The OS is based on BuildRoot and uses m…

Best toolsmith tool of the last ten years

As we celebrate Ten Years of Toolsmith and 120 individual tools covered in detail with the attention they deserve, I thought it'd be revealing to see who comes to the very top of the list for readers/voters.
I've built a poll from the last eight Toolsmith Tools of the Year to help you decide, and it's a hell of a list.
@Mandiant's Memoryze (2008)@Paterva'sMaltego (2009)@SANSForensics' SIFT (2010)@zaproxy and @psiinon's OWASP Zed Attack Proxy (2011)@Modsecurity and @IvanRistic's Modsecurity for IIS (2012)@LaNMaSteR53Recon-ng (2013)@joshsokol's Simple Risk (2014)@beenuarHook Analyser (2015)  Amazing, right? The best of the best.

You can vote in the poll to your right, it'll be open for two weeks.

Toolsmith Tidbit: Will Ballenthin's Python-evtx

Image
Andrew Case (@attrc) called out Will Ballenthin's (@williballenthin) Python-evtx on Twitter, reminding me that I'm long overdue in mentioning it here as well.
Will's Python-evtx description from his website for same follows:
"python-evtx is a pure Python parser for recent Windows Event Log files (those with the file extension “.evtx”). The module provides programmatic access to the File and Chunk headers, record templates, and event entries. For example, you can use python-evtx to review the event logs of Windows 7 systems from a Mac or Linux workstation. The structure definitions and parsing strategies were heavily inspired by the work of Andreas Schuster and his Perl implementation Parse-Evtx."

Assuming you've running Python 2.7, install it via pip install python-evtx or download source from Github: https://github.com/williballenthin/python-evtx

Toolsmith Release Advisory: Kali Linux 2016.2 Release

Image
On the heels of Black Hat and DEF CON, 31 AUG 2016 brought us the second Kali Rolling ISO release aka Kali 2016.2. This release provides a number of updates for Kali, including:
New KDE, MATE, LXDE, e17, and Xfce builds for folks who want a desktop environment other than Gnome.Kali Linux Weekly ISOs, updated weekly builds of Kali that will be available to download via their mirrors.Bug Fixes and OS Improvements such as HTTPS support in busybox now allowing the preseed of Kali installations securely over SSL.  All details available here: https://www.kali.org/news/kali-linux-20162-release/
Thanks to Rob Vandenbrink for calling out this release.