Systematic Way To Utilize Security Tools

Hi all,

At one of my client engagements they provided us with about 24 web-based opensource tools to work with to research malicious activity.

For you experienced guys is their anywhere to find a logical sequence of steps to use in systematically engaging these listed tools to research malicious activity as opposed to just using every single tool and checking things off in a checklist? For instance I meant something like the below example scenario :

To check if a site is malicious

1. Engage tool #1 and key in IP address, If no answer found, then engage tool #A.

2. Take info from tool #A and key into this other tool #2 to obtain better details.
3. Take info from tool #2 and key into tool #3 to obtain the user email address.

Thanks in advance for any help, suggestions, etc.

Find more posts tagged with

cybersecurity tools

incident response process

Comments

fitzlopez

I don't know the answer but am curious to know what the 24 tools are.

tedjames

If you have an IP, I'd start with a port scan using nmap. Then, if you have Tenable/Nessus, run a vulnerability scan. Then try to exploit those vulnerabilities with Metasploit and other tools.

If you have a good web scanner like Tenable, OWASP ZAP, Burp, etc., generate a site map and then run some web vuln scans.

Check with OWASP for sure. Lots of great web app testing info.

I'm curious as to the tools you have at your disposal. Why not just install a VM with Kali Linux? You'll get way more than 24 tools, and they're free!