• There’s so many, not sure where to begin.

    Wireshark – few things trump Wireshark (more particular when you have it on both end-points or port-mirroring).  Generally, my first go-to tool.  I like Angry IP but prefer the NMAP option – and other useful tools on Kali although there is a Windows iteration of NMAP as well.

    Burp Suite Proxy and Fiddler 4 – between the two you have the ability to see higher up relative to the code, modify and forward – handy for code or websites coded by third-parties when the burden of proof is left to you.  Force browser traffic through the local proxy and then combine this information with Wireshark.  Examples such as where you see spurious retransmit and RST in Wireshark that then translate to 404 and 503 errors at the browser level but you would not see otherwise without Burp Proxy.  I had one recently where a well known external website simply would not work if traffic originated on that customer LAN network.  Laptop/PC going out standard WiFi or any internet connection except for that network the website worked perfectly fine.  On that network, spurious retransmits and this occurred where the referrer from Site A to Site B (Content, media, and so forth) was the FQDN of a BigIP (per WireShark).  The combination of the tools is the greater power.  All of which are free – Burp Suite Community Edition.  Visual Studio Code Community (and extensions), Visual Studio Code, GitHub Bash, Desktop and GUI, with Atlassian SourceTree

    Kali Linux and smaller brother Tails (portable on USB – memory resident only and zero footprints) Kali Linux in-of-itself is just hardened Linux – it’s the toolsets, scripts, and plethora of options provided in Kali Linux.  Tor browser, of course.   Too much to go in with Kali.  You can download the VM’s today with all the tools installed.  Back when I first started using it you had to piece it together.   Same with WireShark / tshark – I was collecting pcap’s while others were collecting coins.

    Oracle Box – When you need Kali Linux on Windows without having to dual boot.  Or, to quickly spin up a Windows VM – create a sandbox while running Kali in parallel to test or validate a vulnerability.  Or, quick documentation of process or procedures.

    Nox & BlueStacks – Android emulators, handy for testing applications such as Citrix Workspace or Receiver, Citrix MDM, or playing games of course.

    Pretty much all the Sysinternals Tools (aka Mark Russinovich tools prior to Microsoft purchase in the 90’s) – Combined with the WinDBG tools installed in the Operating System and corresponding symbols so that you can view the stacks.  Process Monitor, Process Explorer, and the others I’ve used to port applications from one OS to the other (Citrix hosted applications) in scenarios where I had no documentation, no original installation files, and no internal development teams.  I had one scene where the entire development team resigned on the same day in the owner’s office.  I accepted the contract on the challenge alone.   And, PSTOOLs  – all portable, for example.

    Chrome Extensions – I’ve been a fan of the Firefox and Chrome extensions for a long time in several aspects from personal security to simply keeping up or organizing my research.  A majority of my time, these days, is research – whether for personal, work, blogging, writing and so forth.

    Research wise, I value several specific Chrome extensions such as:

    Evernote, OneTab, Mercury Reader, Instapaper, Kami PDF, and Document Annotation, Google Link to Text Fragment, Hypothesis Web, and PDF Annotation.  Session Buddy (Tab management) Better Chrome History. These have saved me much time.

    Grammarly – forces me to pay attention when writing emails or documentation.  Proper grammar and spelling can make a difference and when your in a rush or strict deadlines, too many emails to respond too and it does matter relative to perception.

    Security | Browser PerformanceBlur (Similar to LastPass but with anonymous proxy email addresses, phone numbers, credit cards so you can sign up for these sites that require signup but with a randomly generated email, phone #, and so forth)  and then their DeleteMe option (separate site) that focuses on removing any fingerprint or personal information you might have left behind).  uBlock and NoScript.  

    Extensity – if you have not tried this Chrome extension it provides a flip switch profile based Extensions tool to create profiles based on specific Chrome extensions and flip the profile to suit your need rather than having every extension enabled or having to turn one on and another off.  This allows you to create extension “profiles” and organize your extensions for Chrome by use-case.

    Notepad++ on its own but more so for the add-ins and bolt-on options.

    The Piriform Suite – CCleaner, Recuva.

    For the screenshots, videos – whether for training videos I’ve made for Tier 1, 2, and 3 or documentation – prefer the Techsmith SnagIT and Camtasia Studio and Screencast.   Also, Handbrake and Audacity, as well.

    PowerShell just goes without saying but have to mention Github and other repositories and the tools for collaboration.  The various SDK’s such as with Citrix, Azure, Office 365, Exchange Online, this list just keeps going – and then vSphere of course RV Tools as well.

    I find certain tools like IFTTT and Zapier useful relative to multitasking and automation – whether email or simplified document management to creating useful time-saving workflows.  Saves time, where time is the least of my assets.  It’s about getting more in a day than is possible sometimes.

    I’ve made good use of open-source tools such as Grafana and Zabbix (and Prometheus) in a quick fix and need for monitoring – phenomenal dashboards.  Great options when your customer is starting with no monitoring or alerting.

    Visio is a given but I actually prefer LucidCharts for quick high-level diagrams or process flows.

    Putty/WINSCP – Citrix NetScaler (OpenBSD Kernel) handy but most of this is rolled up in mRemoteNG and I did prefer Remote Desktop Manager until the vulnerability alert was released and Microsoft pulled it from their website.

    I suppose this is good for starters.

    Day to day the one I use or rely most heavily on administration, reporting, and automation is PowerShell – hands down.  And, it only get’s better each year that passes.  Although I do still have some CMD / Batch tools I still use such as taskkill, tasklist, takeown and so forth.

  • Brian Murphy changed their profile picture 2 years, 3 months ago

  • Brian Murphy became a registered member 2 years, 3 months ago

© 4sysops 2006 - 2022


Please ask IT administration questions in the forums. Any other messages are welcome.


Log in with your credentials


Forgot your details?

Create Account