Pages

Kevin Mitnick, in his book The Art of Intrusion, offers sound and succinct advice:

Ensuring proper configuration management is a critical process that should not be ignored. Even if you properly configure all hardware and software at the time of installation and you keep up-to-date on all essential security patches, improperly configuring just a single item can create a crack in the wall.[1]

So what defines a "best practice"?

Processes and activities that have been shown in practice to be the most effective.[2]

[Read More]

HolisticInfoSec.io’s Russ McRee speaks regularly on information security topics in the hope of sharing knowledge and resources with a wide audience.

Past Events

(ISC)2 Security Congress DFIR Redefined: Deeper Functionality for Investigators with R
October 29, 2019

Secure Iowa Conference 2019 Keynote
October 8, 2019

Derbycon 7 DFIR Redefined: Deeper Functionality for Investigators with R
September 2017

BSides Augusta 2017 Keynote
September 16, 2017

Emcee at Microsoft’s BlueHat v14, Redmond, WA, October 10, 2014

Digital Guardian 08/5/2020 Top 50 InfoSec Blogs You Should Be Reading

JAGWIRE NEWS August University 08/25/2017 Augusta University to host cybersecurity conference

12 WRDW 07/03/2017 Organizers prepare for this year’s Augusta Cyber Week

Reciprocity Labs 04/25/2017 69 Information Security Blogs You Should Be Reading

E&E News 10/06/2015 GRID: Friendly hackers break into a utility and make a point

Idaho Statesman 11/18/2014 Hackers are having their way, nearly unchecked

Digital Guardian (Verdasys) 10/22/2014 Top 50 InfoSec Blogs You Should Be Reading

HolisticInfoSec.org’s Russ McRee writes regularly regarding information security topics in the hope of sharing knowledge and resources with a wide audience.

February’s toolsmith snapshot focuses on network-wide ad blocking via your own Linux hardware with Pi-hole.
Older article copies, particularly from September 2015 through August 2018 are available here and older PDF copies prior to September 2015 are available here.
Award winning toolsmith offers insights on tools useful to the information security practitioner, typically open source and free.

Employ simplicity as a tool used to keep your systems running securely and efficiently. Simplicity helps eliminate network clutter, performance issues, cost, and reduces risk. Give yourself the space to step back, analyze and test carefully to ensure all your systems and networks meet a secure standard. Streamlining processes greatly enhances uptime and quality of service, as well as aiding in secure systems.

Bruce Schneier, in 1999, wrote for Information Security, "You can't secure what you don't understand." His predictions hold true:

Templates for your use in your organizations and endeavors to improve your security posture.

Incident Response Test Plan

Presentations

HolisticInfoSec.org’s Russ McRee presents regularly regarding information security topics in the hope of sharing knowledge and resources with a wide audience.

Cloud Security Alliance Seattle Chapter: May 2016 Chapter Meeting Attack & Detect: Red vs. Blue PowerShell 25 MAY 2016

Advisories

2008

HIO-2008-0228 Interspire Shopping Cart XSS

2009

HIO-2009-0305 e107 Multiple e107_admin CSRF & XSS Vulnerabilities

2010

HIO-2010-0223 Web Wiz Forums CSRF Vulnerabilities

HolisticInfoSec.io is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in toolsmith. As well we know, those who would do harm never rest: protect your own.

Russ McRee writes award-winning toolsmith, published monthly as often as possible. ;-)

As of August 2018, toolsmith is exclusively published via holisticinfosec.io.
From September 2015 through August 2018, toolsmith was exclusively published at the HolisticInfoSec blog.
From November 2006 through August 2015, toolsmith was published in the ISSA Journal.

Thank you for your continued patronage and support.

• August 2015 - There Is No Privacy - Hook Analyser vs. Hacking Team
• July 2015 - Malware Analysis with REMnux Docker Containers
• June 2015 - IoT Fruit - Pineapple and Raspberry
• May 2015 - Attack & Detection: Hunting in-memory adversaries with Rekall and WinPmem
• April 2015 - Rapid Assessment of Web Resources (RAWR!)
• March 2015 - Faraday IPE: When Tinfoil Won’t Work for Pentesting
• February 2015 - Sysmon 2.0 & EventViz
• January 2015 - Kansa vs. Cleaver - PowerShell IR Tactics
• December 2014 - Artillery
• November 2014 - Inside and Outside the Wire with FruityWifi & WUDS
• October 2014 - HoneyDrive: Honeypots in a Box
• September 2014 - Jay and Bob Strike Back: Data-Driven Security
• August 2014 - Threats & Indicators: A Security Intelligence Lifecycle
• July 2014 - ThreadFix: You Found It, Now Fix It
• June 2014 - Testing and Research with BlackArch Linux
• May 2014 - Microsoft Threat Modeling Tool 2014 - Identify & Mitigate
• April 2014 - Browse this: & Oryon C Portable & WhiteHat Aviator
• March 2014 - SpiderFoot
• February 2014 - SimpleRisk: Enterprise Risk Management Simplified
• January 2014 - Tails - The Amnesiac Incognito Live System
• December 2013 - Hey Lynis, Audit This
• November 2013 - OWASP Xenotix XSS Exploit Framework
• October 2013 - C3CM 3: Part 3 - ADHD: Active Defense Harbinger Distribution
• September 2013 - C3CM: Part 2 - Bro with Logstash and Kibana
• August 2013 - C3CM: Part 1 - Nfsight with Nfsen and Nfdump
• July 2013 - EMET 4.0: These Aren’t the Exploits You’re Looking For
• June 2013 - Visual Malware Analysis With ProcDOT
• May 2013 - Recon-ng
• April 2013 - Implementing Redmine for Secure Project Management
• March 2013 - Redline: APT1 and You - We’re All Owned
• February 2013 - Social-Engineer Toolkit (SET): Pwning The Person
• January 2013 - Violent Python: A Book Review Applied to Security Analytics
• December 2012 - ModSecurity for IIS Part 2 of 2 - Web Application Security Flaw Discovery and Prevention
• November 2012 - Arachni: Web Application Security Scanner Part 1 of 2 - Web Application Security Flaw Discovery and Prevention
• October 2012 - Network Security Toolkit (NST): Packet Analysis Personified
• September 2012 - SearchDiggity: Dig Before They Do
• August 2012 - NOWASP Mutillidae: Hack Like You Mean It
• July 2012 - Collective Intelligence Framework
• June 2012 - Security Investigations with PowerShell
• May 2012 - Buster Sandbox Analyzer
• April 2012 - Log Parser Lizard
• March 2012 - Pen Testing with Pwn Plug
• February 2012 - Splunk App: Windows Security Operation Center
• January 2012 - ZeroAccess analysis with OSForensics
• December 2011 - Registry Decoder
• November 2011 - OWASP ZAP - Zed Attack Proxy
• October 2011 - Log Analysis with Highlighter
• September 2011 - Memory Analysis with DumpIt and Volatility
• August 2011 - PacketFence - Open Source Network Access Control
• July 2011- RIPS: Static source code analyzer for PHP vulnerabilities
• June 2011 - Xplico
• May 2011 - Security Onion
• April 2011 - OpenVAS-4
• March 2011 - OSINT with FOCA 2.6
• February 2011 - El Jefe 1.1: The Boss Will See You Now
• January 2011 - Armitage: Cyber Attack Management for Metasploit
• December 2010 - SamuraiWTF: The Life Cycle of a Web Application Vulnerability Analysis
• November 2010- Confessor & MOLE
• October 2010 - The NirSoft Collection
• September 2010 - REMnux
• August 2010 - Suricata: An Introduction
• July 2010 - NetWitness Investigator
• June 2010 - Web Security Tools: skipfish and iScanner
• May 2010 - SIFT Workstation 2.0: SANS Investigative Forensic Toolkit
• April 2010 - Dradis: Effective Information Sharing for Pentest Teams
• March 2010 - NetGrok and AfterGlow: Visualizing the Zeus attack against government and military
• February 2010 - Firefox Addons for Security Practitioners
• January 2010 - Single Packet Authorization: The Ghost in the Machine
• December 2009 - Maltego: Transform & Correlate *2009 Toolsmith Tool of the Year
• November 2009 - Fiddler with Watcher: Passive security auditor
• October 2009 - OSSEC
• September 2009 - OffVis 1.0 Beta: Office visualization tool
• August 2009 - AIRT: Application for Incident Response Teams
• July 2009 - Malzilla: Exploring scareware and drive-by malware
• June 2009 - MIR-ROR: Motile Incident Response - Respond Objectively, Remediate
• May 2009 - SUMO Linux: Security utilizing multiple options
• April 2009 - Tamper Data: CSRF examined
• March 2009 - Adito: Open-source,browser-based SSL VPN
• February 2009 - Mandiant Memoryze with Audit Viewer *2008 Toolsmith Tool of the Year
• January 2009 - Part 2 of 2: The Integrity Project - WebJob
• December 2008 - Part 1 of 2: The Integrity Project - FTimes
• November 2008 - Bipartisan server politi…er, security
• October 2008 - fwsnort-1.0.5: iptables intrusion detection
• September 2008 - PTA: Practical Threat Analysis
• August 2008 - NetworkMiner: Network Forensic Analysis Tool
• July 2008 - PHPIDS: Attack my website, please!
• June 2008 - Security Visualization: What You Don’t See Can Hurt You
• May 2008 - MojoPac: Get Your Mojo Working
• April 2008 - The XSS Epidemic: Tools for discovery and remediation
• March 2008 - WinPatrol
• February 2008 - Packet Analysis with the Hex System
• January 2008 - Gpg4win: Email Security using GnuPG for Windows
• December 2007 - Mandiant Red Curtain: Malware identification for incident responders
• November 2007 - Argus: Auditing network activity
• October 2007 - Security Officers Management & Analysis Project (SOMAP)
• September 2007 - SensePost: Wikto, Scully, and CrowBar
• August 2007 - CIS Benchmarks
• July 2007 - Malcode Analysis Software Tools
• June 2007 - Search Engine Security Auditing
• May 2007 - Core Impact 6.2: Anatomy of an ethical penetration test
• April 2007 - Nessj: Application/network security scanner client
• March 2007: Managing Badware and Policy Violation with Aanval and Bleeding Edge Threat Snort Rules
• February 2007 - RAPIER v. 3.1
• January 2007 - Activeworx IDS Policy Manager 2.0: Rules management for multiple sensors
• December 2006 - Web Application Security Testing 101: Paros Proxy and Badstore
• November 2006 - Security Analysis with Wireshark
• October 2006 - Infosec LiveDistros: Must-haves for the information security practitioner