In 20 years of systems administration and incident response, there are a handful of tools I find myself coming back to over and over again. Naturally, the SysInternals suite is on the list, along with Wireshark and Didier Stevens PDF tools. I've also included portable installations of Python Some are useful for examining a system, others are useful for examining a suspicious file or attachment. So... I started a GitHub project to document my favorite free and/or open-source tools.
I'll bet my readers have some of their own favorites: by all means, please comment below, or submit a pull request on GitHub, and I'll update the list!
Thursday, November 9, 2017
IR Toolkit
Do you have something to add? A question you'd like answered? Think I'm out of my mind? Join the conversation below, reach out by email at david (at) securityforrealpeople.com, or hit me up on Twitter at @dnlongen
