Gathers all packets over the network, analyzes them, and presents results in plain English - wired and wireless - can make identification of unknown, unusual or malicious traffic
. Finds out what services are running on a remote device - and determines what OS is running on a remote device - and presents it visually; good way to find unexpected devices
. Tells what kind of wireless traffic you have, and can attempt to crack passwords
. Some hashes are weak and have no salting, so if you have them, this software can try brute forces, dictionaries, rainbow tables, etc
. Software that looks for missed patches, missed updates, missed signatures, etc; it's an active tool, but isn't actually a pentest
. Software that looks across all devices and systems and checks for required configuration settings, required software, required virus updates, etc
. Bad guys use "templates" for malware and add their own special code to do specifically what they want - prebuilt malware where you fill in the blanks on what you want
. DBAN - Deriks Boot and Nuke, for an entire drive, or Microsofts SDelete for individual files or components (don't forget caches and temp files)
. In plain sight but hidden - a bit of data embedded inside of an image; special software can do this; can also be things such as watermarks, etc which may include date and time stamps, etc
. Set up an attractive target for the bad guys to attract them, and once there, trap them; may times they are just doing recon to analyze what kind of attacks may come in
. Banners are the welcome screens that divulge software version numbers and other system information on network hosts - remote tools can grab this info for hackers
.
|