Yesterday there were a couple of cool things out there that I thought I’d point to.
First of all I wanted to re-mention Maltego from yesterday since it appears that very few in law enforcement have heard of this fundamental tool. Maltego basically allows you to discover and visualize relationships between atributes like Facebook or Twitter account names, email addresss, phone numbers and other information. It’s the first step when trying to understand where people fit into the digital world, and with whom they are or have been associated. There’s an excellent free version and a super-fantastic, blow-your-mind awesome paid version. it is cross platform – Windows, Mac and Linux – Get it right now.
The second cool thing was the announcement of the release of BackTrack 5, a live Linux distribution built for penetration testing. If you’ve ever wondered about how offensive computer people work, BackTrack is a great way to get yourself immersed in that world. On the disk, into which you can boot a computer without having to install permenantly any of the software you’ll find all the tools you need to staring banging and crashing into the world of digital penetration testing, Wireless cracking, etc. In the words of the project,
BackTrack is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date. Our community of users range from skilled penetration testers in the information security field, government entities, information technology, security enthusiasts, and individuals new to the security community.
Feedback from all industries and skill levels allows us to truly develop a solution that is tailored towards everyone and far exceeds anything ever developed both commercially and freely available. The project is funded by Offensive Security. Whether you’re hacking wireless, exploiting servers, performing a web application assessment, learning, or social-engineering a client, BackTrack is the one-stop-shop for all of your security needs.
If you want to expand your cyber horizons and better understand how people exploit computer vulnerabilities without investing anything other than time and effort, go download BackTrack.
Finally, yesterday, there were several posts from the excellent Dragon NewsBytes service at Team Cymru on tools to investigate PDF files for malicious content. DNB pointed at blogs from
- PDF Stream Dumper, a free tool for the analysis of malicious PDF documents; and
- Several other tools, on the excellent blog, Lenny Zeltser on Information Security — 6 Free Tools for Analyzing Malicious PDF Files
Speaking of Team Cymru, if you’re badged law-enforcement, you may be able to get onto their free and utterly incomprehensibly outstanding service, The Botnet Analysis and Tactical Tool for Law Enforcement (BATTLE). BATTLE displays IRC and HTTP botnet data on an interactive world map in near real time. It is intended to provide enough information to enable law enforcment to identify botnets and attacks that are of interest to them. For all the details, including how Law Enforcement Officers can request access to to the portal, check out the BATTLE page.