As I troubleshoot various types of connectivity, I struggle to remember where all the nifty tools are that I pick up during the troubleshooting process. Here’s a central location of Cybersecurity links and tools for troubleshooting.
Privacy
- Privacy Tools
Concerned about privacy? This has a good collection about figuring out how to increase your privacy footprint (I realise that the description is somewhat ironic! ha!) on the Internet. - Am I Unique?
A website that determines if your browser gives away more information than it should and ultimately if websites can track you as you surf across the internet.
SSL/TLS
- BadSSL
Need a bad certificate? There’s a plethora of options available here. It offers expired, wrong host, self-signed, untrusted-root, revoked, pinning-test, SHA1-intermediate, sha256, etc. It’s a great way to test your TLS inspection service to see if it’s picking up on these things or if your policies are matching correctly. - Certificate Lookup
This is probably the most comprehensive repository of any publicly issued certificate out on the Internet. Search with keywords or certificate SHA1/SHA256 hash values. - Vulnerable Private Keys
A good website offering a REST API client that will help identify if the public key thumbprint of a private key has been compromised. - Cipher List
Provides configurations for various servers to utilise secure cipher suites. - How’s my SSL?
Need to understand what SSL/TLS capabilities your browser is offering when trying to connect securely to websites? - SSL Labs – Browser Capabilities
Like the website link above, provides information relating to the SSL/TLS capabilities of your browser are. - SSL Labs – Server test
Need to test your website to see what SSL/TLS capabilities or what SSL/TLS vulnerabilities there are? Free service! - CipherSuites.Info
Provides a great visual way to see if the cipher suite being used is secure/weak/insecure/recommended (based on whitepapers from researchers and notes from IETF). Can query the information through an API. - IndicateTLS FireFox Addon
Excellent FireFox addon that provies detailed information when connecting to websites (and all of the URL’s that are referenced) and provide their SSL/TLS information. Highly recommend for troubleshooting TLS connections!
Example screenshots
- PKI Tutorials
Want to create a real-world scenario PKI with OpenSSL? This is a great tutorial for various PKI scenarios. I like that this offers an easy guide to look at some of the powers of OpenSSL. - Microsoft Trusted Root Certification Program – List of Participants
An extensive list of Public Certificate Authorities that are used in Microsoft products to ensure secure connections. - IIS Crypto From their website: IIS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012, 2016 and 2019. It also lets you reorder SSL/TLS cipher suites offered by IIS, change advanced settings, implement Best Practices with a single click, create custom templates and test your website.
- TestSSL.sh
testssl.sh is a free command line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Linux
- https://makelinux.github.io/kernel/
Visual Representation of how the Linux Kernel Architecture looks. - SSH Audit
Great tool to provide additional context of how secure an SSH server is.
DNS
- DNSLytics
Provides a useful source of information when investigating hostnames, domain names, IP addresses (IPv4/IPv6), and AS numbers. Also provides browser plugins to perform lookups (albeit with some advertising) - DNS Twister
This website will help identify typosquatting websites out there that might be used for nefarious/malicious purposes. - DNS Perf
DNS Performance Analytics and Comparison between all the major DNS providers around the world. Provides a quick way to see what which servers/services are performing. Offers an API to assist with DevOPS. - ViewDNS
Provides useful DNS tests, ASN lookups, GeoLocation, Chinese Firewall Test, MX lookups. Also offers an API to help automate queries! - DNSSpy
What information is your domain revealing to the world? Provides a great summary. - DNSChecker
Great website that shows what the result of a DNS query is around the world. Very helpful to check DNS propagation! - intoDNS
Useful website to show common DNS records information that are associated with a domain.
Other
- Grep CIDR
Great tool for searching through log files when looking for a particular IP address subnet. - Cuckoo Sandbox
Cuckoo Sandbox is the leading open source automated malware analysis system. - Scam Alert
Think you’ve been scammed? This is a good website to check to see if the bitcoin address you paid to is part of a verified scam. - Ventoy
This nifty utility will allow you to easily copy multiple ISO images to a USB boot disk and then allow you to boot each ISO separately rather than having to “burn” the ISO onto the disk/drive before it can be used. - Jabber Compliance Check
Website for testing Jabber/XMPP compliance. It does ask for username (JID)/password and I’m not sure if they keep this on record. Use at your own risk! - Terms of Service; Didn’t Read
Looks to be a good website which help you decipher all of the long terms of service of major websites giving you a very simple and easy to understand explanation of what you’re signing up for. - JSON Generator
Need some JSON formatted content? This website offers a great way to generate JSON content in a simple manner to help fill JSON queries with random content. - Better Crypto
Great site that provides configurations for various services (apache,ngix,IIS,postfix,exim,etc.) that help improve the security posture of the service. - URLScan.io
Not sure if a URL might be malicious or not? This website is great for checking to see what the website does in a controlled manner without infecting your own device. - Gophish
An Open Source phishing framework that allows you to create campaigns and track responses in real time.
Personal Blog 