Digital Podcast

Tool Time! NSM, SysMon and Malware Analysis Tools


Join Now to Share


InfoSec ICU show

Summary: In a special edition of InfoSecICU, its tool time! Brandon and Gerry discuss their experiences and lessons learned with a bevy of security related software tools that you may utilize in your organization. NSM as a philosophy is covered, followed by SysMon. The guys round out discussing approaches and appropriateness of malware analysis tool sets.<br> <a href="https://podcast.musc.edu/podcast/infosec/e27-infosecicu/" target="_blank" rel="noopener">Show Notes</a><br> <br> Resources:<br> Network Security Monitoring (NSM) <a href="http://nsmwiki.org/Main_Page" target="_blank" rel="noopener">http://nsmwiki.org/Main_Page</a><br> SecurityOnion <a href="https://securityonion.net/" target="_blank" rel="noopener">https://securityonion.net/</a><br> RocNSM <a href="http://rocknsm.io/" target="_blank" rel="noopener">http://rocknsm.io/</a><br> SysMon <a href="https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon" target="_blank" rel="noopener">https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon</a><br> PEStudio <a href="https://www.winitor.com/" target="_blank" rel="noopener">https://www.winitor.com/</a><br> ApateDNS <a href="https://www.fireeye.com/services/freeware/apatedns.html" target="_blank" rel="noopener">https://www.fireeye.com/services/freeware/apatedns.html</a><br> IDA Pro <a href="https://www.hex-rays.com/products/ida/" target="_blank" rel="noopener">https://www.hex-rays.com/products/ida/</a><br> WinDbg <a href="https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools" target="_blank" rel="noopener">https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools</a><br> VirusTotal <a href="https://www.virustotal.com/" target="_blank" rel="noopener">https://www.virustotal.com/</a><br> Joe Sandbox <a href="https://www.joesecurity.org/" target="_blank" rel="noopener">https://www.joesecurity.org/</a><br> Strings <a href="https://en.wikipedia.org/wiki/Strings_(Unix)" target="_blank" rel="noopener">https://en.wikipedia.org/wiki/Strings_(Unix)</a><br> Wireshark <a href="https://www.wireshark.org/" target="_blank" rel="noopener">https://www.wireshark.org/</a><br>  <br> One Cool Things<br> Gerry: 80’s Retro Synthwave Collection<br> The Midnight <a href="https://youtu.be/_pUL7u-mYqA" target="_blank" rel="noopener">https://youtu.be/_pUL7u-mYqA</a><br> FM-84 <a href="https://youtu.be/rSGnNMnvM6M" target="_blank" rel="noopener">https://youtu.be/rSGnNMnvM6M</a><br> Timecop1983  <a href="https://youtu.be/egAB2qtVWFQ" target="_blank" rel="noopener">https://youtu.be/egAB2qtVWFQ</a><br> Brandon: Caffe Shakerato <a href="http://saltandwind.com/recipes/102-caffe-shakerato-recipe" target="_blank" rel="noopener">http://saltandwind.com/recipes/102-caffe-shakerato-recipe </a><br> Contact<br> Email <a href="mailto:infosecicu@musc.edu">infosecicu@musc.edu</a><br> Twitter:<br> <br> * <a href="https://twitter.com/Gerald_Auger" target="_blank" rel="noopener">Gerry Auger (@Gerald_Auger)</a><br> * <a href="https://twitter.com/sgcardinal" target="_blank" rel="noopener">Steven Cardinal (@sgcardinal)</a><br> <br>