I did a sim project for tier 1 and 2 techs, I used alot of the free
bees out there and local ms tools via all on one style. Id google
barts pe plugins, you might not use the boot cd how ever most of the
base tools are already ripped and can be added to flash or indego rose
all in one app.

When I did this I had is scan the system for spyware, reg keys, temps,
and av then provide access to the tools.

Some of the tools you list are easier to script or automate if you use
native tools like

Tasklist
Netstat

I would also dig around in autoit archives, alot of this is already
done or a foundation is built, plus the scripting Lang plugs nicely
into vbs, wshell, kix and so on to use tools.

Hit the forums and look up

fw log viewer
Win cleaner

Auto it is a windows script Lang based on all the cool parts of
batching and scripting.

I'll dig through old projects and share if you like.

On Nov 4, 2009, at 12:48 PM, "exzactly" <exzactly (at) hotmail (dot) com [email concealed]> wrote:

> I am currently working on a (free)toolkit to pass down to Tier 3 and
> Tier 2
> to be used in the event of a breach/infection or suspected breach/
> infection.
> In a nutshell I want to give them some tools to use to gain further
> information about the system and processes and/or malicious tools
> running on
> it. This toolkit is designed for a Windows desktop and Server
> environment. I
> am looking at building out tools that are fairly easy to use and do
> not
> require much training. Currently I have the following tools on it:
>
> (SysInternal tools)
> Autoruns
> PortMon
> Process Explorer
> Process Monitor
> Ps Tools
> Logon Sessions
>
> Other tools:
> Adaware
>
>
> Is there anything else folks out there are using to provide their
> lower
> level support guys with some tools for informational gathering
> purposes....the tools have to run offline as systems are removed in
> the
> event of a breach or infection...I am not looking for a full blown
> forensics
> kit, just something I can train folks unfamiliar with tool fairly
> quickly...
>
>
> ---
> ---------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs
> an SSL certificate. We look at how SSL works, how it benefits your
> company and how your customers can tell if a site is secure. You
> will find out how to test, purchase, install and use a thawte
> Digital Certificate on your Apache web server. Throughout, best
> practices for set-up are highlighted to help you ensure efficient
> ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ---
> ---------------------------------------------------------------------
>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]