Recon Techniques

•Understand the range of network reconnaissance techniques that may be used to test security systems

•Identify social engineering techniques and web search tools to perform reconnaissance

•Use topology discovery, host discovery, and OS fingerprinting tools

The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.

e Netcraft Toolbar uses Netcraft's databases of web site information to show you all the attributes of each site you visit on the Web, 

HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility.

It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system.

WinHTTrack is the Windows (from Windows 2000 to Windows 10 and above) release of HTTrack, and WebHTTrack the Linux/Unix/BSD release. See the download page.

Sysinternals Live is a service that enables you to execute Sysinternals tools directly from the Web without hunting for and manually downloading them. Simply enter a tool's Sysinternals Live path into Windows Explorer or a command prompt as live.sysinternals.com/<toolname> or \\live.sysinternals.com\tools\<toolname>.

You can view the entire Sysinternals Live tools directory in a browser at https://live.sysinternals.com/.

Microsoft's Enhanced Mitigation Experience Toolkit (EMET) is a free Windows-based security tool that adds supplemental security defenses to defend potentially vulnerable legacy and third-party applications.

•Use graphical and command-line tools to perform packet captures

•Use software and appliances to consolidate and manage log files from different sources

•Analyze results of network reconnaissance data from network traffic, log data, and resource monitors

Because these capabilities are natively built into our platform and designed to deliver highly automated preventative measures against cyber threats, we ensure superior security to legacy point technologies such as stateful inspection firewalls, UTMs, or endpoint security products. With our platform, organizations can confidently pursue a digital-first strategy as they implement key technology initiatives within the cloud and increasingly mobile networks, while maintaining complete visibility and control, to protect their most valued data assets and critical control systems.

•Use graphical and command-line tools to perform packet captures

•Use software and appliances to consolidate and manage log files from different sources

•Analyze results of network reconnaissance data from network traffic, log data, and resource monitors

The Security Content Automation Protocol (SCAP)

The Security Content Automation Protocol (SCAP) is a synthesis of interoperable specifications derived from community ideas. Community participation is a great strength for SCAP, because the security automation community ensures the broadest possible range of use cases is reflected in SCAP functionality. This Web site is provided to support continued community involvement. From this site, you will find information about both existing SCAP specifications and emerging specifications relevant to NIST's security automation agenda. You are invited to participate, whether monitoring community dialog or leading more substantive activities like specification authorship.

NIST's security automation agenda is broader than the vulnerability management application of modern day SCAP. Many different security activities and disciplines can benefit from standardized expression and reporting. We envision further expansion in compliance, remediation, and network monitoring, and encourage your contribution relative to these and additional disciplines. NIST is also working on this expansion plan, so please communicate with the SCAP Team early and often to ensure proper coordination of efforts.

•Analyze a vulnerability scan and interpret scan results

•Identify appropriate remediation steps and considerations

•Identify vulnerabilities common to classes of system, such as servers, network appliances, virtualized hosts, and embedded devices

•Understand the steps in a secure Software Development Lifecycle (SDLC)

•Use vulnerability scanners, interception proxies, and fuzzers to test web applications

•Describe methods to prove hardware and software authenticity

•Describe the roles and processes involved in providing effective incident response

•Understand factors used to classify and prioritize threats and incidents

•Identify the features of market-leading forensic investigation suites

•Describe the hardware, software, and documentation required for a forensics kit

•Acquire forensically secure data images from hardware evidence

•Use password cracking and image analysis utilities