IT Pro Tuesday #147
Get this in your inbox each week.
Welcome back to IT Pro Tuesday!
This week, we're asking for your favorite tools and tips we can share with the community... those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we'll be featuring them in the coming weeks.
As always, we’re updating the full, searchable list on our website here. Enjoy.
But on with this week's tools...! Here are the most-interesting items that have come across our desks, laptops and phones this week. Hornetsecurity has no known affiliation with any of these unless we explicitly state otherwise.
A Website
urlscan allows you to scan and analyze websites by submitting a URL to find out if if it is targeting users. It automatically assesses the domains and IPs contacted, the resources (JavaScript, CSS etc.) requested from those domains and additional information about the page itself then takes a screenshot of the page and records the DOM content, JavaScript global variables, cookies created and a lot of other details. hard_cidr appreciates that it "gets a lot of good info on a website and takes a screenshot."
A Tip
A great idea, kindly shared by gartral:
I automated the clock cards (mag strip badges) re-encoding the strips that *always* fail between 4-6 weeks of daily use. Cards have a barcode that identifies the person for certain systems. Cards have mag strips that identifies them for the doors… Took a tedious job Security absolutely despised doing and turned it into a self-help kiosk.
Workflow went from: Get buzzed in by security > have chat with guard > wait 5+ minutes for guard to fumble around… < repeat last step 1x > Get freshly written card
to: Get buzzed in > Shrug at Security > Scan badge > Enter AD Password > Swipe Card > Continue your day.
Another Website
MITRE ATT&CK is a global knowledge base of cybercrime tactics and techniques that is compiled from real-world observations. It is intended to fuel development of threat models and methodologies in the private sector, government and the cybersecurity product and service community. rujopt finds it "useful for describing threats and quantifying your SIEM's visibility/detection/response coverage."
A Free Tool
Security Content Automation Protocol (SCAP) is a compliance checker tool for evaluating the hardening of your machines. It used to be available only for DoD, government or contractor use but was recently released to the public by DISA. This automated program scans a machine (locally or remotely) to determine security posture based on Security Technical Implementation Guidelines (STIGs)—the checklists that identify what constitutes an open or closed vulnerability and how to remediate it. swatlord notes that "STIGs (the rules SCC derives from) are what the DoD and DISA think should be set in order to harden machines... some of the items they hit against are no longer standard practice (eg expiring passwords). This is why it’s important to not just blindly remediate open STIG items without understanding how it impacts your environment."
Another Free Tool
gProfiler is an easy-to-use, open-source tool that produces a unified visualization of what your CPU is working on, displaying stack traces of your processes across native programs, Java and Python runtimes and kernel routines. It's a lightweight combination of different sampling profilers that requires minimal overhead, so it can be truly continuous. You can even upload results to the Granulate Performance Studio, which aggregates results from different instances over different periods to provide a holistic view of what is happening on your entire cluster. Comes with a pre-made Container image, and needs no changes or modifications to get started. Thanks for this one go to NoamGranulate.
P.S. Bonus Free Tools
netmiko is a multi-vendor library to simplify Paramiko SSH connections to network devices. It provides a fairly uniform programming interface across a broad set of devices and handles many of the low-level SSH details that can be time consuming and problematic.
Problem Steps Recorder is a useful tool for creating documentation that can be found in all versions of Windows since Windows 7 (client) and Windows 2008 R2. It quickly and easily captures each step of your procedures on the fly during execution and allows you to add comments—although sadly, keystroke capture is not included. Our appreciation for the recommendation goes to in00tj.
Have a fantastic week and as usual, let us know any comments.