Cyber Security Through Technology Risk Management

In Linux/Unix like operating systems everything is logged. Many valuable log files are automatically created for you by Linux. You can find them in your /var/log directory.  This folder contains logs related to different services and applications. In this folder apart from other logs files we have some files such as utmp , wtmp and btmp . These files contains all the details about login’s and logout’s which are from local as well as from remote systems and system status such as uptime etc.

CapTipper is a Python tool independently developed by one of checkpoint researchers, Omri Herscovici, which is used to analyze, explore and revive HTTP malicious traffic. It provides the security researcher with easy access to the files and understanding of the network flow, and is useful for researching exploits, as well as various pre-conditions, versions, obfuscations, plugins and shellcodes.

TCPING is an utility written in GO language that operates similarly to PING however it works over a tcp port, This utility can be very useful for troubleshooting network connectivity and performance issue at Layer 3 and Layer 4. Support Windows, Darwin, Linux, Android, ios, Freebsd, Netbsd, Openbsd, Aix, Dragonfly, illumos, Plan9, Solaris and other operating systems.