MLD Labs, LLC
----------------------- MLD Labs, LLC ---------------------------
Longing for the days of CP/M,Fidonet,and fiddling with EMM386.EXE
Home
About
Invoice/Billing
Services
Projects
Contact
Virtual Machines
Consulting
Free software recommendations for your environment
_______________________________
< I am an expert, listen to me! >
-------------------------------
\ ^__^
\ (oo)\_______
(__)\ )\/\
||----w |
|| ||
Here are some tools you can leverage at no cost to improve your environment:
ACTIVE DIRECTORY AUDIT
--------------------
pingcastle | Pingcastle, audit AD, highly recommend
ANALYTICS
---------
graylog | This is a big project... but graylog can do it! (SIEM/Compliance/DevOps/IT Operations)
Grafana.org | Add this to your analytics pipe!
Prometheus | Very important, all of these packages work together
ANDROID
-------
DDG Browser | DuckDuckGo (DDG) Browser, a lightweight fast browser
Blue Mail | Bluemail, a nice email client with lots of support
Signal | Signal, a great replacement for SMS
CODE ANALYSIS
-------------
Awesome Static Analysis Tools | Various awesome static code analysis tools
Awesome Dynamic Analysis Tools | Various awesome dynamic code analysis tools
Burp Suite Enterprise | Add this into your CI pipeline
Coverity Scan | Free JAVA C/C++, c# static analysis
Black Duck | Manage open source risks
OWASP Zap | OSAWP Zap can be intergated into your CI/CD pipeline
Sonar Cloud | Sonar Cloud
CONFIGURATION MANAGEMENT
-----------------------
rudder | Built on cfengine and powershell desired configuration. Recommend
CHROME EXTENSIONS
----------------
EFF HTTPS Everywhere | Good extension which switches sites to https
uBlock Origin | Good Extension efficient blocker
Decentraleyes | Forced common javascript libraries across sites to connect to a local repo
CLOUD/Continous Delivery(CI)
------
Paxautoma Operos | Pax Automa Operos (Build your own cloud infrastructure on bare metal)
Spinnaker | Opensource multi-cloud continous delivery platform
Anchore | Validate docker images as part of your CI
Secure DevOps Kit for Azure (AzSK) | Secure DevOps kit for Azure (AzSK)
DISK IMAGING / INITIAL DEPLOYMENT
---------------------------------
FOG | open source PXE boot Disk imaging and inventory management
LINUX HARDENING
---------------
Lynis | Security auditing tool for Linux/macOS and Unix based systems
CIS Benchmarks | CIS Benchmarks (CIS Controls version 7 maps to NIST 800-171)
Top 100 linux security tools | Linux top 100 security tools updated every week
checksec | Check packages if hardening compile flags set
fail2ban | Critical application to run
INVENTORY
---------
osquery | Facebook released product to investigate your infrastructure
fleet | Manage osquery
MAIL
----
https://www.mail-tester.com | free check the spamminess of your email server
https://www.everycloudtech.com/free-mail-flow-monitor | free mail flow monitor
https://dmarc.postmarkapp.com | free DMARC analytics
https://www.fraudmarc.com/ | more free DMARC analytics
https://starttls-everywhere.org/ | Don't forget to add your starttls record for your domain!
OFFICE SUITE
------------
Cloud based office suite -OR-
LibreOffice | Opensource Office Suite
LOGGING
-------
syslog-ng | see our page on syslog-ng hints
WEB FILTERING
-------------
OpenDNS FamilyShield | FamilyShield is a free web filtering system targetting families with children
OpenDNS Home | Free Minimal setup required with 50 customizable filtering categories for Home Use
OpenDNS Premium | Free for businesses. Log/filter security threats and web content
Quad 9 | Free DNS security threats protection (business/home); 18 threat feeds + more
Fortiguard Test your Metal | Fortiguard
WEB APPLICATION FIREWALL
-----------
OWASP ModSecurity Core Rule Set | OWASP Core Rule Set (free)
Comodo Web Application Firewall | Comodo FREE Modsecurity Rules (nginx/litespeed/apache)
3RD PARTY SOFTWARE UPDATE
-------------------------
Sumo | Find missing patches, use as leverage for an autopatching tool
Patch my PC | Excellent autopatcher
IOBit Driver Booster | Autopatch Drivers
SOFTWARE COMPRESSION
--------------------
7-zip | 7-zip software compression tool.. supports everything
MALWARE CLEANUP
---------------
Malware Remover | Malware Remover (I always recommend burn-down the host... but...)
Loki IOC Scanner | Loki a great IOC scanner
MALWARE ANALYSIS
--------------
Virus Total | Virus Total, scan suspect file with multiple virus scanners
Hybrid Analysis | Do a more detailed analysis of a sample
PASSWORD MANAGEMENT
------------------
bitwarden
1password
duo 2fa
hashicorp vault
WEB SERVER CHECKLIST
-------------------
htbridge SSL check | HTBridge SSL Check
qualys SSL check | Qualys SSL check
Comodo SSL Analyzer | Comodo SSL Analyzer
security headers check | Security Headers check
htbridge security headers check | Security Headers check
report-uri CSP monitoring | Use a FREE CSP/XSS/Expect-CT monitoring tool as part of your setup to discover CSP violations
securityheaders for mldlabs.com | See a sample of proper security header values (using mldlabs.com as the subject)
cipherli Strong Ciphers | Website that helps with strong ciphers for your server
varvy page request tool | Check if your web pages need optimizing!
letsencrypt | Free SSL via ACME
Certify | Certify SSL Manager for IIS
IISCrypto | Excellent tool in assisting configuring crytpo settings for windows
pagespeed
FEDERATION
----------
rcfed FederationMetaData.xml checker | Great web tool for checking your FederationMetaData.xml file
WEB SITE STUFF
--------------
Matomo | Matomo formerly PIWIK, private open source analytics
Cachet | Put a status page system up for your site!
SMO | check your markup tags!
brow.sh | Excellent text based browser
TRADEMARK MONITORING
--------------------
htbridge trademark monitoring | htbridge trademark monitoring
WEB SITE ANALYSIS
-----------------
urlscan.io | urlscan.io excellent tool for reputation of remote site
apility.io | apility.io excellent tools for checking reputation
urlvoid.com | urlvoid.com, website reputation checker
MOBILE APP SECURITY
-------------------
htbridge Mobile App Scanner | Scan both Android and iphone mobile apps for security flaws
MONITORING
------------
https://certificatemonitor.org/ | Free Certificate Expiry Monitor
Hetrix Tools monitoring | Excellent free RBL and service monitor, highly recommend
Uptime Robot | More monitoring
WINDOWS
----------
Awesome windows stuff | Various awesome windows tools
WINDOWS HARDENING
-----------------
CIS Benchmarks | CIS Benchmarks (CIS Controls version 7 maps to NIST 800-171)
OS Armor | Free HIPS (Strongly recommend)
Sys Hardener | Free System Hardener
Blackbird Windows cleanup | Increase privacy, make windows 10 lighter
Binisoft Windows Firewall Control | This is a fantastic tool for people who need an extra layer of security
Immunet | Supplementary AV, resource draw is noticeable
VULNERABILITY SCANNING
----------------------
Qualys FreeScan | Qualys offers 10 free vulnerability scans a month, easy, quick, no setup required
Beyond Security | Free 1 continous site vulnerability scan
Tenable.io | 60 day evaluation
Website built in vim