Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

ToolNotesLink(s)

Virtual Machine Validation Workstation

Due to the small chance that a report will contain malicious a proof-of-concept or Trojan horse, recovery and containment may be easier if analysts use virtual machines for validation workstations. 

TODO LINK TO VMWARE, KVM, VirtualBox, etc.

https://www.linux-kvm.org/page/Main_Page

https://www.vmware.com/

https://www.virtualbox.org/

(or any other virtualization tool)

Web BrowsersAnalysts should have access to Internet Explorer, Firefox, Chrome, and Edge with any necessary enterprise certificate authorities installed.TODO LINK TO BROWSER DOWNLOADS

Internet Explorer

https://www.microsoft.com/en-us/download/internet-explorer.aspx

Firefox

https://www.mozilla.org/en-US/firefox/

Chrome

https://www.google.com/chrome/

Edge

https://www.microsoft.com/en-us/windows/microsoft-edge

Burp SuiteRequires Java JRE.https://portswigger.net/burp/
OWASP ZAPRequires Java JRE.https://github.com/zaproxy/zaproxy/wiki/Downloads
Firefox Add-onsThere are several Firefox add-ons which can aid in validating reports.

Web Developer Add-on
https://addons.mozilla.org/en-US/firefox/addon/web-developer/

Firebug
https://addons.mozilla.org/en-US/firefox/addon/firebug/

Proxy Switcher
https://addons.mozilla.org/en-US/firefox/addon/proxy-switcher/

Tamper Data
https://addons.mozilla.org/en-US/firefox/addon/tamper-data/

RESTClient
https://addons.mozilla.org/en-US/firefox/addon/restclient/

Cookies Manager+
https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/

cURLCommand-line interaction with HTTP/HTTPS services.https://curl.haxx.se/
sqlmapRequires Python 2.7.http://sqlmap.org/
Metasploit Framework
https://www.rapid7.com/products/metasploit/download/
testssl.sh

Requires Linux platform.

https://testssl.sh/

...