IT Pro Tuesday #141

Get this in your inbox each week.

Welcome back to IT Pro Tuesday!

This week, we're asking for your favorite tools and resources we can share with the community... those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we'll be featuring them in the coming weeks.

As always, we’re updating the full, searchable list on our website here. Enjoy.

But on with this week's tools...! Here are the most-interesting items that have come across our desks, laptops and phones this week. Hornetsecurity has no known affiliation with any of these unless we explicitly state otherwise.

A Free Tool

ViewDNS offers a nice, online collection of DNS and OSINT tools. The tools are also offered as an API to give webmasters the ability to easily integrate them into their own sites. A free API "sandbox" account has a monthly limit of 250 queries. Our appreciation for the recommendation goes to CingularIT.

Cheatsheet

The Most Common OpenSSL Commands is a list of essential commands and their usage for those who want to leverage the incredible versatility of OpenSSL but aren't all that comfortable dealing with certs. SheeEttin explains, "You don't need any understanding of openssl at all [for it to be useful]. You probably only need this... and a basic understanding of certs and cert formats. Also, never publish your private key."

Another Free Tool

TRex is an open-source tool that generates realistic L3-7 traffic for testing end-to-end network perfomance. Stateless functionality includes support for multiple streams, the ability to change any packet field and provides per-stream/group statistics, latency and jitter. Advanced Stateful functionality includes support for emulating L7 traffic with fully featured scalable TCP/UDP support. Emulation functionality includes client-side L3 protocols i.e ARP, IPv6, ND, MLD, IGMP, ICMP, DOT1X in order to simulate a scale of clients and servers. Can scale up to 200Gb/sec with one server. Thanks for this one go to StubArea51.

A Tip

Building on our recent tip about logging terminal sessions, ahelsby adds:

[W]hen logging your terminal sessions – make sure you don’t log your password to those plain text log files! You can also log all of your powershell work too – I use the following to save to a temporary directory and update the window title with the filename

$transcriptlog = "c:\temp\powershelllogs\" + $env:username + (get-date -uformat "%y%m%d-%H%M%S"") + ".txt"
try{
   stop-transcript|out-null
}

catch [System.InvalidOperationException]{}
start-transcript $transcriptlog
$host.ui.rawui.WindowTitle = $transcriptlog

If using powershell, install the psreadline module and then add the following to your $profile so your history does not contain any commands with the secret words in it.

Set-PSReadLineOption -AddToHistoryHandler {
    param([string]$line)
    $sensitive = "password|asplaintext|token|key|secret|credential"
    return ($line -notmatch $sensitive)
}

One More Free Tool

kube-state-metrics is an add-on agent that listens to your Kubernetes API server to generate metrics on the state of objects like deployments, nodes and pods. Exposes raw data so you can get it unmodified and perform your own heuristics. SuperQue suggests it for Kubertnetes users, "To see the status, you use kube-state-metrics to get the Kubernetes status of your services into Prometheus/Grafana."

P.S. Bonus Free Tools

Hashtab is an intuitive Windows tool for calclulating and displaying hash values from more than 2 dozen popular hashing algorithms. Simply select your file, go to properties and select the "File Hashes" tab to get started. Combines drag-n-drop simplicity with copy/paste and a built-in browse option. T-A-Z suggest it "to quickly calculate checksums for files."

Read the Docs is an open-source solution that helps organize your software documentation and keep it up to date through versioning. Hosts your documents and automatically builds them as you push code to Git, Mercurial, Bazaar or Subversion. Can host and build multiple versions of docs by having a separate branch or tag in your version control system. Kindly recommended by webfork2.

Have a fantastic week and as usual, let us know any comments.