IT Pro Tuesday #122
Get this in your inbox each week.
Hello IT Pro,
Welcome back to IT Pro Tuesday!
To start off, a quick heads up about a new threat being tracked by Hornetsecurity Security Lab: XLM macros are being used in XLSB documents to distribute QakBot malware. Because both XLM macros and the XLSB document format are uncommon, these new malicious documents have a very low static detection rate by current anti-virus solutions. Read more here.
This week, we’re looking for your favorite tools to share with the community. Please let us know those that help you do things more easily so you get better at your job!
As always, we’re updating the full, searchable list on our website here. Enjoy.
But on with this week's tools...! Here are the most-interesting items that have come across our desks, laptops and phones this week. Hornetsecurity has no known affiliation with any of these unless we explicitly state otherwise.
A Free Tool
DnsLeakTest sends your client a series of domain names to resolve within a specific test domain in order to find any traffic originating from your computer that is not being routed through the anonymity network. Enables you to locate traffic leaks outside the secure connection that an attacker monitoring your traffic could use to log your activity. Thanks go to raad_altaie for this one!
Scripts
Automating with PowerShell: Deploying Azure Functions is a blog post that contains scripts for single-click deployment buttons for a number of Azure functions. Lime-TeGek explains, "deploying Azure functions can get confusing at times; do you need AppInsights, do you need to activate option y or option x, and the interface changes every couple of years, so [this] only selects the items really required to run the function and nothing else. It also downloads the code for you so you can immediately get started. All you have to do is click on the little "Deploy with Azure" button and you are off to the races."
Another Free Tool
Dnspython is a DNS toolkit for Python queries, zone transfers, dynamic updates, nameserver testing and more. High-level classes perform queries for data of a given name, type and class. Low-level classes allow direct manipulation of DNS zones, messages, names and records. Almost all RR types are supported. Our thanks to TheMeanMemer for this suggestion.
One More Free Tool
Polr is an open-source link shortener that allows you to host your own URL shortener so you can brand and control your URLs. SgtKashim describes it as an "excellent lightweight URL shortener. Nice for getting branded URL shortening on the cheap, and it's got a decent little API for programatically generating shorts."
A Tutorial
BashGuide is intended to help beginning users learn good practice techniques for using BASH. Requires no knowledge aside from being able to log into a Unix-like system and open a command-line interface. Provides guidance on writing simple scripts. Kindly suggested by ASIC_SP.
P.S. Bonus Free Tools
Path Length Checker is a simple app for determining the paths and the length of all the files and directories in a given directory. Our appreciation for this recommendation goes out to KingOfYourHills.
vmPing is a graphical ping utility for monitoring multiple hosts, with color-coding to indicate the status of each host. Handles both ICMP pings and TCP 'port pings,' where the application continuously connects to a specified port and displays whether or not the port is open. Also includes a quick traceroute utility and a basic packet generator/stress tester. bighoss-ora-pro likes it when working "heavily in virtual environment connectivity, super nice allocation of connectivity and also allows you to save IPs if you need to ping them later."
Have a fantastic week and as usual, let us know any comments.