top of page

Tools

NMAP

Free and open-source tool used to check for vulnerabilities, scan network ports, and can accomodate network mapping endeavors. Nmap can be used to find which devices are running on a particular network, discover their open ports and services, and detect vulnerabilities.

Link: https://nmap.org/download.html

​

Wireshark​

Open-source network protocol analyzer that captures packets from network connections. Wireshark can be used to examine the details of traffic at a variety of levels ranging from connection-level information to the bits that make up a single packet.

Link: https://www.wireshark.org/download.html

​

OpenVAS GreenBone

Open Vulnerability Assessment System (OpenVAS) is a vulnerability scanner. It is  an all-in-one vulnerability scanner with a variety of built-in tests and a Web interface designed to make setting up and running vulnerability scans fast and easy while providing a high level of user configurability.

Link: https://www.openvas.org/

​

WPScan​

WPScan is a security and vulnerability  scanner designed for testing the security of websites built using WordPress. WPScan is used to scan WordPress websites for known vulnerabilities both in WordPress and commonly used WordPress plugins and themes.

Link: https://wpscan.com/how-to-install-wpscan/

​

SQLMap​​

Open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections

Link: https://sqlmap.org/

​

AutoRecon​

AutoRecon is a multi-threaded network reconnaissance tool that is used to perform automated service enumeration.  AutoRecon performs port and service detection scans. From those initial results, the tool will launch further enumeration scans of those services using a number of different tools.

Link: https://github.com/Tib3rius/AutoRecon

​

RedHat subscription​

Red Hat Subscription Management (RHSM) is the service which manages your Red Hat subscriptions and entitlements. You can access your content through RHSM using Red Hat Satellite, Subscription Asset Manager (SAM), and the award-winning Customer Portal. RHSM replaces Red Hat Network (RHN) Hosted.

Link: https://access.redhat.com/articles/143253

​

WordFence – WordPress Plug-In​

Wordfence is a PHP-based web-application firewall that filters out malicious traffic from WordPress websites. WordFence is able to block IP Addresses in real-time and block the newest exploits. It can logs attacks against a WordPress site and allow viewing of live traffic. It can also block attacks based on IP address, IP Range, Hostname, User Agent, and/or Referrer, as well as any combination of those.

Link: https://www.wordfence.com/products/wordfence-premium/

 

Redirection – WordPress Plug-In

This plugin is a redirect manager for WordPress. It allows website administrators to manage 301 redirections, and to keep track of 404 errors. This can help reduce errors and it can used on sites with the number of redirects ranging from a few to thousands.

Link: https://wordpress.org/plugins/redirection/

​

HPing3​

Network tool able to send custom TCP/IP packets and to display target replies like ping program does with ICMP replies. hping3 handle fragmentation, arbitrary packets body and size and can be used in order to transfer files encapsulated under supported protocols.

Link: https://github.com/antirez/hping

​

GoldenEye​

HTTP DoS Test Tool. This tool can be used to test if a site is susceptible to Denial-of-Service (DoS) attacks. This tool can be used to open several parallel connections against a URL to check if the web server can be compromised.

Link: https://www.kali.org/tools/goldeneye/

​

Hydra​

Open source, password brute-forcing tool designed around flexibility and high performance in online brute-force attacks.

Link: https://github.com/vanhauser-thc/thc-hydra

​

Burpsuite

Security application used for penetration testing of web applications.   Its similar to a proxy that  can be used to track, examine, and alter requests made by our browsers before they are forwarded to a distant server.

Link: https://portswigger.net/burp/pro

​

Wappalyzer

We used Wappalyzer to instantly reveal the technology stack and software version for the target server’s website. We also utilized this tool against our own server to see what our attackers would see.

Link: https://www.wappalyzer.com/

​

Advanced Instrusion Detection Environment (AIDE)

AIDE is utility that takes inventory of and monitors file integrity to use as a detection source for intrusions. This security utility was setup on our website to give us insight into any potential intrusions during the attack phase of this project.

Link: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/security_guide/sec-using-aide#doc-wrapper

​

Nagios

Nagios Core is a monitoring/alerting solution that was implemented to make it easier for our team to review logs and signs of intrusion, as well as general activity on our server.

Link: https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/4/html/monitoring_ceph_with_nagios_guide/nagios-core-installation-and-configuration

​

Fail2Ban

Fail2Ban is a intrusion prevention daemon that is used to monitor service logs and ban clients that fail authentication checks. It was primarily used as an additional layer of protection against brute-force attacks.

Link: https://www.redhat.com/sysadmin/protect-systems-fail2ban

​

SELinux

SELinux was used to define access controls for various parts of our server. We utilized this tool to enforce security policies and make access controls mandatory. Additionally, SELinux worked to reduce the attack surface of our server and isolate certain processes.

Link: https://www.rootusers.com/how-to-enable-or-disable-selinux-in-centos-rhel-7/

​
Cockpit Project

Cockpit is a web-based GUI that we utilized to allow access to the server through means other than SSH. This was easier for team members to utilize as some of the information it provided was important but not easily found through typical SSH access (login history, login sessions, server-related alerts).

Link: https://cockpit-project.org/

​

WPHide - WordPress Plug-In

WP Hide is a useful plugin for obfuscating the location of the WordPress admin page, WordPress core files, themes, plugins, and more aspects of a WordPress website. We used this tool to hide our own WordPress admin page and implement additional security controls.

Link: https://wordpress.org/plugins/wp-hide-security-enhancer/

​

Kali Linux

Kali Linux is an operating system that includes and is designed for penetration testing and ethical hacking. We utilized this operating system in virtual machines for attacks, vulnerability scanning, and reconaissance.

Link: https://www.kali.org/

​

Parrot Security

Parroty Security is another operating system that includes and is designed for penetration testing and ethical hacking. We utilized this operating system in virtual machines for attacks, vulnerability scanning, and reconaissance as well.

Link: https://www.parrotsec.org/

​

​

bottom of page