Cyberpatriot Computer Tools

Started by Holding Pattern, May 01, 2015, 09:08:05 AM

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Holding Pattern

May 01, 2015, 09:08:05 AM
What tools are you using in Cyberpatriot competitions?

My personal favorite is autoruns, found at sysinternals.com.

Its latest feature will submit every file in the startup of a system to 50+ antivirus companies. In moments you can identify any viruses in the startup stream.

A new one I found is the Microsoft Message Analyzer. It is the MS answer to Wireshark. Packet analysis.

Holding Pattern

#1
May 01, 2015, 06:53:58 PM
The next cool tool to have is a giant flash drive.


If buying one today, I highly suggest future proofing and getting a USB 3.0 flash drive. 32GB is sufficient for most uses, and will cost about $32 at most. Sandisk is my preferred choice of brand as they have regular sales and have been doing this for so long that they kinda have the process down.

I'm running a 64GB Sandisk Extreme, only because I'm slowly collecting large swaths of video and picture data from cadets/parents/senior members in preparation for us one day actually having a squadron historian.

Currently I have installed a program on there called Portable Apps. Portable Apps from portableapps.com takes many popular programs and allows them to be run from a flash drive. This is especially useful from a competition standpoint as you can have a web browser preconfigured with favorites that links to all the critical programs you may need to install on a computer.

Speaking of installing on a computer...

ninite.com is a place where you can download an installer for more than 50 applications that are commonly used by most people. Click the checkboxes of the apps you want, hit the download button, and run the program.

The magic is that there are no "accept" buttons, "next" buttons, or "ok" buttons to hit for the entire process after that. Also, if it detects an application is already installed, it will update that application for you to the most recent version, or skip the install if it already is the most recent version.

Spaceman3750

#2
May 02, 2015, 04:30:10 AM
"Identify any viruses in the startup stream" - except for the ones AV isn't detecting yet (or may never detect). It happens a lot. Sand boxing is a great tool to making your own malicious/not malicious decision and there are a couple of free ones out there. Malwr.com is my favorite for public sandboxes.

Holding Pattern

#3
May 02, 2015, 05:43:07 AM
Quote from: Spaceman3750 on May 02, 2015, 04:30:10 AM
"Identify any viruses in the startup stream" - except for the ones AV isn't detecting yet (or may never detect). It happens a lot. Sand boxing is a great tool to making your own malicious/not malicious decision and there are a couple of free ones out there. Malwr.com is my favorite for public sandboxes.

The good news is that autoruns also verifies digital signatures now, so you can literally set up a filter that shows only files that test positive for a virus or negative for a valid digital signature.

Your run of the mill undetectable virus will show up on that if it is part of the startup stream.

Holding Pattern

#4
May 08, 2015, 09:39:12 AM
For my next magic tool to bring up...

http://www.kls-soft.com/wscc/

Windows System Control Center.

A GUI from which you can harness the power of all the sysinternals tools and nirsoft tools all from one location. Best of all, it will download them for you and keep them updated.
Print
Go Up Pages1
User actions