What are some tools that a Info Sec pro must have?

Is there like a tool pack to buy from somewhere for a Info Sec pro? where it includes Pentest/Vulnerability tools etc? I know backtrack and metasploit are few, thanks

Comments

  • docricedocrice Member Posts: 1,706 ■■■■■■■■■■
    It depends on the area of infosec your'e talking about. If you're a webapp person, then maybe Burp might be one. If you're into IDS / IPS. then Snort should belong into your basic toolkit (at least from a knowledge perspective) regardless of whether you support it on your business network.

    The most important tool I think is curiosity and the itch to solve mysteries.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,663 Admin
    There are a number of threads here discussing pen test certifications. All of these certs are heavily tools-based because, well, pen testers need their tools. Whatever (free) tools are commonly found across these types of certs is what you should look at first. Start checking out nmap, Wireshark, Snort, Splunk, Nessus, Metasploit, and most any other tool that has a book written about it. ;)
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    Also, aside from the mechanics of tool usage, having a good repository of knowledge references is a key tool in the box. If one specializes in the legal, privacy, governance, or risk management aspects of infosec, I recommend familiarizing with various knowledge tools like ISACA, NIST, and privacyassociation.org. If you are interested in web app pentesting, review the processes and tools at OWASP.org.
  • the_hutchthe_hutch Banned Posts: 827
    HLRS wrote: »
    Is there like a tool pack to buy from somewhere for a Info Sec pro?

    If you take the official CEH course from EC-Council, you are given the option to purchase their toolkit, which consists of 6 DVDs of content for $99. While most of it is open source tools, there is also a lot of malware (viruses, trojans, worms, logic bombs, etc...) on it. That was really the selling point for me, because malware can be much more difficult to get your hands on than open source tools. But in order to purchase the $99 toolkit, you are first going to have to purchase the $1699 course.
  • the_hutchthe_hutch Banned Posts: 827
    The malware has been fun to play with in my own lab, but realistically, most companies are never going to agree to the use of malware in a penetration test on their network, so you will probably never professionally use them. If I had to do it over again, I wouldn't have purchased it...or the course (but that's a different story). Also included is the world-class EC-Council distro of OpenSUSE...which is terrible. I'm pretty sure I'd have more success hacking a system by opening backtrack and slamming my head against the keyboard for 15 minutes, than I would by meticulously using this distro for months on end.
  • HLRSHLRS Banned Posts: 142
    Yea its pretty good, its a lot of tools, I downloaded their material. *cough* *torrents*
Sign In or Register to comment.