tag:blogger.com,1999:blog-20011960.post3417282493940897460..comments2024-01-15T00:25:02.006-08:00Comments on HolisticInfoSecâ„¢: Pick a toolsmith topicRuss McReehttp://www.blogger.com/profile/05647342839278416757noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-20011960.post-66250388211341591232009-07-22T07:25:43.086-07:002009-07-22T07:25:43.086-07:00How about CAINE? It's a liveCD distribution u...How about CAINE? It's a liveCD distribution useful in assisting digital forensic examination. I'm primarily a HELIX/Sleuthkit sort of guy, but I've used CAINE on occasion and there's alot going on (includes Sleuthkit).<br /><br />The Link: http://www.caine-live.net/Anonymoushttps://www.blogger.com/profile/14448014136237620242noreply@blogger.comtag:blogger.com,1999:blog-20011960.post-40367455193727619012009-07-20T10:32:06.532-07:002009-07-20T10:32:06.532-07:00Fuzzing is something that might be interesting to ...Fuzzing is something that might be interesting to talk about. While the subject is quite vast, for an introduction I would suggest FileFuzz (<a rel="nofollow">http://labs.idefense.com/software/fuzzing.php#more_filefuzz</a>). It is a Windows tool that make it easy to fuzz files with a brute force approach. On the web side, WebScarab and Burp fuzzing modules might be interesting to talk about too (although burp's fuzzer is throttled on the free version so it's pretty much useless).<br /><br />Another neat tool is the Capture the Flag series from LAMPSecurity (<a rel="nofollow">http://lampsecurity.org/capture-the-flag-6</a>). It is a set of VMWare images that contains hosts that are to be compromised. CTF6 was just released this week and I didn't have time to test it but CTF5 was very fun to play, with a good diversity of vulnerabilities. There are also instructions if people get stuck, although it pretty much ruins the fun.eksehttps://www.blogger.com/profile/16232667801876603914noreply@blogger.com