Summary:

Rob Fuller AKA Mubix joins me to talk about security tooling every organization should have. This was a result of a discussion Rob and I were having about Thinkst Canary and RunZero. Two fantastic tools that are low cost, easy implementation, and provide a ton of value to a security team.

Episode Highlights:

• Lots of tooling to talk about

• You might hear Rob mention that he’s used one of the tools I suggest in a pentest engagement

Guest Information:

Rob Fuller aka Mubix - Twitter

https://malicious.link/

Resources and Mentions:

RunZero

• https://www.runzero.com/

• Canaries (Thinkst)

• https://canarytokens.org/

• https://canary.tools/

• Shodan.io

• https://www.shodan.io/

• OSQuery / Fleet

• https://github.com/fleetdm/fleet

• https://fleetdm.com/

• Netbird / TailScale

• https://netbird.io/

• https://tailscale.com/

• Sysmon / GrayLog / Logstash / Cribl / Zeek / Wazuh

• https://github.com/SwiftOnSecurity/sysmon-config

• https://graylog.org/

• https://www.elastic.co/logstash

• https://cribl.io/

• https://zeek.org/get-zeek/

• https://wazuh.com/

• Security Onion

• GoDot - Game Dev -> Security Awareness / Security Appreciation

• https://godotengine.org/

• PDQ

• https://www.pdq.com/ 

• GOAD

•  https://github.com/Orange-Cyberdefense/GOAD

• Velociraptor

• https://docs.velociraptor.app/training/

• MISP

• https://www.misp-project.org/

LinkedIn Suggestions

• WisQuas - Lost Rabbit Labs - Noa Park suggestion

• https://www.lostrabbitlabs.com/wisquas 

• Deprovisioning tool - Arvil Nagpal - Abbey Labs

  • https://www.abbey.io/
    

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]