For example the script collection Let’s Encrypt. It is designed to make life easier for system administrators by equipping web servers with encryption capabilities. To do this, the admins only have to answer a few questions – the corresponding certificates for the users are generated automatically and ensure that all data transferred in this context is protected.
7. GNU Privacy Guard for encryption
Provides a complete implementation of the PGP standard for communications protection purposes GNU Privacy Guard.
The goal is to enable end users to encrypt and sign their email messages. Both Secure Shell and S/MIME interactions are supported.
8. Yara for pattern matching
Many malware specialists rely on the open source project to identify and classify malware samples Children.
However, the open-source tool can do even more and is also helpful when it comes to incident response and IT forensics: It searches for identical patterns in files or running processes based on preconfigured and user-defined rules. In addition, signature information from viruses can also be included via the open-source tool ClamAV as well as rule sets from the YaraRules repository maintained by the community. It is important at this point to be aware of the limitations of signature-based detection – and not to rely exclusively on this open source tool.
Yara can either be run via the command line or integrated into appropriate scripts using a Python library.
9. OSquery for endpoint queries
Simply search for malicious processes, plugins or security gaps on Windows, Mac and Linux endpoints using SQL queries – that’s the idea behind it OSqueryan open-source tool developed by software engineers at Facebook.
The software collects operating system information such as running processes, loaded kernel modules, open network connections, browser plugins or file hashes in a relational database. You can query these using simple SQL queries – without any complex Python code. OSquery thus solves a significant problem in an uncomplicated and elegant way.
The tool’s components include the interactive OSqueryi shell, which can be used with PowerShell, and the OSqueryd daemon, which is used for (low-level) host monitoring and allows database queries to be scheduled. (fm)
This article originally appeared at our sister publication CSOonline.com.
