{"id":55429,"date":"2022-08-09T09:00:58","date_gmt":"2022-08-09T01:00:58","guid":{"rendered":"https:\/\/version-2.com\/?p=55429"},"modified":"2022-08-29T14:53:45","modified_gmt":"2022-08-29T06:53:45","slug":"security-tools-pt-1","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2022\/08\/security-tools-pt-1\/","title":{"rendered":"Security Tools \u2013 Pt. 1"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"55429\" class=\"elementor elementor-55429\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4da8c5f9 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4da8c5f9\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;decf9c3&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-133ba185\" data-id=\"133ba185\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fc2da8d post-content elementor-widget elementor-widget-text-editor\" data-id=\"fc2da8d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg\" \/><\/p>\n\n<h3>Intro<\/h3>\n<p>On first glance, the collection of tools that I chose for this article might seem all over the place. However, the idea behind this article is to talk more about some of the most important and well-known tools in the Infosec space.<\/p>\n<p>Thus, I talk about Volatility (DFIR tool) and Metasploit (exploitation and exploit development) as well as Yara(Malware research &amp; analysis) MITRE(Threat Intel knowledge base) and Sysmon(Advanced logging tool, that we can also use to hunt for threats).<\/p>\n<h3>Volatility<\/h3>\n<p>Volatility is a memory forensics tool, developed by Volatility labs. It is a standard tool in virtually every Incident Responder\u2019s\/Blue Teamer\u2019s toolkit, it can be easily expanded through a bunch of plugins that are available, and, most importantly, it is completely free.<\/p>\n<p>There are many ways to acquire memory captures from a system, and we won\u2019t go into that. We\u2019ll just mention that the tools would differ depending on our system\u2019s state (on\/off). For example, for offline systems, specifically Windows OS, we can do this through the <strong><em>hiberfil.sys <\/em><\/strong>which is located in <strong><em>%SystemDrive%<\/em><\/strong><em> &#8211; <\/em>if the disks are unencrypted.<\/p>\n<p>This file is the compressed image of the previous boot, but that doesn\u2019t mean we can\u2019t do some forensics on it!<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6ni73b21y7x0jnw5s9a2qd9.png\" \/><\/p>\n<p><em>Notice I am using volatility standalone (because I am running Window\/CMD in the image) otherwise the command would just be <strong>volatility<\/strong>.<\/em><\/p>\n<p><strong><em>Imageinfo<\/em><\/strong> is the command that gives the profile on which we can work. You need to identify the right one.<\/p>\n<p>Further, we can look for hidden processes with <strong><em>psxview<\/em><\/strong><em>, <\/em>we can use <strong><em>ldrmodules <\/em><\/strong>if we need more details \u2013 it will show <strong><em>inMem<\/em><\/strong><em>, <\/em><strong><em>inInit<\/em><\/strong><em>, <\/em><strong><em>inLoad<\/em><\/strong> (if they are<em> False<\/em>)<em>\u2026 <\/em>and all of these are quite bad as they indicate that module has been injected. Injected code is obviously very bad and we can look for it with <strong><em>malfind<\/em><\/strong><em>, <\/em>and even dump it to a file<em>.<\/em><\/p>\n<p>Also, some of the usual hypervisor formats are:<\/p>\n<ul>\n \t<li>.vmem \u2013 Vmware<\/li>\n \t<li>.mem \u2013 Parallels<\/li>\n \t<li>.sav \u2013 VirtualBox<\/li>\n<\/ul>\n<p>Generally, the most common format is <strong>.raw<\/strong> \u2013 raw files are collections of unaltered, unprocessed data.<\/p>\n<p>\nFurther, we might want to check see what the community says about these processes and upload the dumps to <a href=\"https:\/\/www.virustotal.com\/gui\/home\/upload\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">VirusTotal<\/a>.<\/p>\n\n<h3>MITRE ATT&amp;CK<\/h3>\n<p><a href=\"https:\/\/attack.mitre.org\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">MITRE ATT&amp;CK<\/a> is a global knowledge base, which documents adversary TTP\u2019s (Tactics, Techniques, and Procedures). Their mission is to enable better Cybersecurity by connecting communities together. The framework, which is used for Threat Modelling is free, open, and available to anyone. If your role has anything to do with Cybersecurity \u2013 from SOC Analyst, to a Red Team Operator, or Pentester, you should know your MITRE ATT&amp;CK.<\/p>\n<p><a href=\"https:\/\/mitre-attack.github.io\/attack-navigator\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">ATT&amp;CK\u00ae Navigator<\/a> is a great place to start, and there you can see different matrices, from Enterprise to Mobile and ICS. They all describe how adversaries reach their goals, and what specific actions they might take for the said goals to be obtained. For example, they might deploy Rootkits if the goal is to evade your systems and hide their malicious activity.<\/p>\n<h3>Yara<\/h3>\n<p>Yara, or <em>Yet another ridiculous acronym<\/em> is a tool used for malware detection and research. You can find much more about Yara <a href=\"https:\/\/github.com\/virustotal\/yara\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">here<\/a>, and <a href=\"https:\/\/yara.readthedocs.io\/en\/stable\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">here<\/a>.<\/p>\n<p>A quote from VirusTotal is truly revealing of what kind of importance Yara holds in the Cybersecurity community today:<\/p>\n<p><em>&#8220;The pattern matching swiss knife for malware researchers (and everyone else).&#8221;<\/em><\/p>\n<p>Yara works by identifying binary as well as text patterns (strings contained in a file, etc.)<\/p>\n<p>To detect those patterns, Yara uses rules, which you can think of as labels that we can write if we want to determine maliciousness of a file. Applications can use strings to store text data, and that string can be a Bitcoin address stored as a string inside some Ransomware.<\/p>\n<p>Yara rules are easy to read and understand, and were made to resemble C. We are not going into details as to how you would create your Yara rules, instead, you can check out this awesome <a href=\"https:\/\/medium.com\/malware-buddy\/security-infographics-9c4d3bd891ef#18dd\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">article<\/a> by an Infosec Researcher named <em>fr0gger_<\/em>, where you can find out more by looking at his Anatomy of a Yara rule infographic.<\/p>\n<p>Also, if you find this tool awesome (as we do!) and decide to follow down the path, be sure not to miss<\/p>\n<p><a href=\"https:\/\/www.nextron-systems.com\/valhalla\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Valhalla<\/a> \u2013 an online Yara rule feed, made by Nextron-Systems.<\/p>\n<h3>Metasploit<\/h3>\n<p>Metasploit is the biggest and most well-known Exploitation framework. There are two versions, the paid one having a GUI \u2013 its called Metasploit Pro, and the free version being CLI-based.<\/p>\n<p>Metasploit framework is basically a bundle of tools which can do scanning, exploitation, post-exploitation, exploit development, and more. Even though its mainly geared for Pentesters, it is invaluable for Exploit Developers.<\/p>\n<p>The main components of Metasploit are: <strong><em>Modules, msfconsole<\/em><\/strong>, and <strong><em>standalone tools<\/em><\/strong>. The <strong>msfconsole<\/strong> is your CLI interface, modules are there to support your various exploits, payloads, and more\u2026 and your standalone tools can help you with exploit development, as well as with pentesting.<\/p>\n<h3>Sysinternals<\/h3>\n<p>Sysinternals is a tool, rather, a collection of (70+) tools, that were created by Mark Russinovich, way back in the 90\u2019s by him and Bryce Cogswell under the name of a software company called Wininternals \u2013 where he was a co-founder. In 2006 Microsoft acquired his company, and Mark Russinovich started working for Microsoft. Currently, he is the CTO of Microsoft Azure.<\/p>\n<p>The Sysinternals suite is used literally by everyone. From seasoned IT veterans like Sysadmins and the like, to Red Teamers and even adversaries! And this is no surprise, since in the 70ish tools that come with the Sysinternals Suite you are covered on many, many fronts, such as: system information, security utilites, process utilites, networking utilities, and more.<\/p>\n<p>These tools are real, and you should really learn to use them if you\u2019re working in IT, it shouldn\u2019t matter if you\u2019re a Support Engineer, or a Security Engineer, Sysinternals is a must. (We will briefly look into one of those below &#8211; Sysmon)<\/p>\n<h3>Sysmon<\/h3>\n<p>Sysmon is a tool for logging and monitoring events on Windows machines. It is also a part of the Windows <a href=\"https:\/\/docs.microsoft.com\/en-us\/sysinternals\/downloads\/sysinternals-suite\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Sysinternals Suite<\/a> (which is now also available in Microsoft Store \u2013 though originally made by Mark Russinovich). You can think of Sysmon as a Windows Event Log viewer on steroids. Similar to Process Explorer from the Sysinternals Suite and the in-built Task Manager.<\/p>\n<p>Sysmon collects detailed logs, and even traces events \u2013 which can help with pinpointing abnormalities in your environment. Ideally, you would use Sysmon in conjunction with a SIEM (System Information and Event Management tool \u2013 most known example being <a href=\"https:\/\/www.splunk.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Splunk<\/a>) which can further parse the logs, and provide even more insight about your systems and the potential abnormal behavior.<\/p>\n<p>Sysmon requires a config to work, so you can either create, or download a config. With this, you can fine tune what you would like to log.<\/p>\n<p>With Sysmon you can filter the events, in order to reduce clutter and further hunt for threats, malware, persistence, even evasion techniques. You can also detect <a href=\"https:\/\/github.com\/ParrotSec\/mimikatz\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Mimikatz<\/a> \u2013 one of the most used Windows post-exploitation tools, for dumping credentials from memory; and <a href=\"https:\/\/www.metasploit.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Metasploit<\/a> \u2013 which needs no introduction \u2013 too.<\/p>\n<p>Mimikatz signature might be well known and an Antivirus will pick it up, but your adversary can obfuscate this, thus rendering the AV useless. The idea is to use a config that will help us focus on hunting the threat. On MITRE, we can find Mimikatz activity documented <a href=\"https:\/\/attack.mitre.org\/software\/S0002\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">here<\/a>. Information on hunting Metasploit (and more \u2013 PsExec, netstat, net, etc.) can be found <a href=\"https:\/\/attack.mitre.org\/software\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">here<\/a>.<\/p>\n<p>These are some extremely powerful features to have, and also it goes to show we don\u2019t need to break our bank to protect our systems, there\u2019s a plethora of tools out there that have much to offer. Just like Sysmon.<\/p>\n<h3>Conclusion<\/h3>\n<p>My ideal audience for this article are people newer to the Infosec field, who are naturally curious and hungry for knowledge.<\/p>\n<p>However, I hope that there\u2019s some interesting bits and pieces of info even for some of the more experienced Cybersecurity practitioners \u2013 there also might be a link or two above that you find interesting.<\/p>\n<p>Stay tuned for Part 2!<\/p>\n<p>#MITRE #yara #volatility #sysinternals #tooling<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-8085a61 post-content elementor-widget elementor-widget-shortcode\" data-id=\"8085a61\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"shortcode.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-shortcode\">\t\t<div data-elementor-type=\"page\" data-elementor-id=\"18103\" class=\"elementor elementor-18103\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-a437045 elementor-widget elementor-widget-image-box\" data-id=\"a437045\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image-box.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"elementor-image-box-wrapper\"><div class=\"elementor-image-box-content\"><h3 class=\"elementor-image-box-title\">About Version 2 Digital<\/h3><p class=\"elementor-image-box-description\">Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.\n<br><br>\nThrough an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p><\/div><\/div>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t\n\t\t<div data-elementor-type=\"page\" data-elementor-id=\"39690\" class=\"elementor elementor-39690\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-748947f elementor-section-full_width elementor-section-height-default elementor-section-height-default\" data-id=\"748947f\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;jet_parallax_layout_list&quot;:[{&quot;jet_parallax_layout_image&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;_id&quot;:&quot;c4f773e&quot;,&quot;jet_parallax_layout_image_tablet&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_image_mobile&quot;:{&quot;url&quot;:&quot;&quot;,&quot;id&quot;:&quot;&quot;,&quot;size&quot;:&quot;&quot;},&quot;jet_parallax_layout_speed&quot;:{&quot;unit&quot;:&quot;%&quot;,&quot;size&quot;:50,&quot;sizes&quot;:[]},&quot;jet_parallax_layout_type&quot;:&quot;scroll&quot;,&quot;jet_parallax_layout_direction&quot;:&quot;1&quot;,&quot;jet_parallax_layout_fx_direction&quot;:null,&quot;jet_parallax_layout_z_index&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x&quot;:50,&quot;jet_parallax_layout_bg_x_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_x_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y&quot;:50,&quot;jet_parallax_layout_bg_y_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_y_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size&quot;:&quot;auto&quot;,&quot;jet_parallax_layout_bg_size_tablet&quot;:&quot;&quot;,&quot;jet_parallax_layout_bg_size_mobile&quot;:&quot;&quot;,&quot;jet_parallax_layout_animation_prop&quot;:&quot;transform&quot;,&quot;jet_parallax_layout_on&quot;:[&quot;desktop&quot;,&quot;tablet&quot;]}]}\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-7995c19\" data-id=\"7995c19\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-ff2a228 elementor-widget elementor-widget-text-editor\" data-id=\"ff2a228\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><\/p>\n<p><b>About VRX<\/b><br><b>VRX&nbsp;<\/b>is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Intro On first glance, the collection of tools that I c [&hellip;]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[476,488,61],"tags":[477,489],"class_list":["post-55429","post","type-post","status-publish","format-standard","hentry","category-vrx","category-488","category-press-release","tag-vrx","tag-489"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Security Tools \u2013 Pt. 1 - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Tools \u2013 Pt. 1 - Version 2\" \/>\n<meta property=\"og:description\" content=\"Intro On first glance, the collection of tools that I c [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-09T01:00:58+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-29T06:53:45+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/08\\\/security-tools-pt-1\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Security Tools \u2013 Pt. 1\",\"datePublished\":\"2022-08-09T01:00:58+00:00\",\"dateModified\":\"2022-08-29T06:53:45+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/08\\\/security-tools-pt-1\\\/\"},\"wordCount\":1362,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl6nias8h1ye90mqrhd717k25.jpg\",\"keywords\":[\"vRx\",\"2022\"],\"articleSection\":[\"vRx\",\"2022\",\"Press Release\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/2022\\\/08\\\/security-tools-pt-1\\\/\",\"url\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1\",\"name\":\"Security Tools \u2013 Pt. 1 - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl6nias8h1ye90mqrhd717k25.jpg\",\"datePublished\":\"2022-08-09T01:00:58+00:00\",\"dateModified\":\"2022-08-29T06:53:45+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#primaryimage\",\"url\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl6nias8h1ye90mqrhd717k25.jpg\",\"contentUrl\":\"https:\\\/\\\/ik.imagekit.io\\\/14sfaswy6hrz\\\/blog-posts\\\/images\\\/cl6nias8h1ye90mqrhd717k25.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.vicarius.io\\\/blog\\\/security-tools-pt-1#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Tools \u2013 Pt. 1\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Tools \u2013 Pt. 1 - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1","og_locale":"zh_HK","og_type":"article","og_title":"Security Tools \u2013 Pt. 1 - Version 2","og_description":"Intro On first glance, the collection of tools that I c [&hellip;]","og_url":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1","og_site_name":"Version 2","article_published_time":"2022-08-09T01:00:58+00:00","article_modified_time":"2022-08-29T06:53:45+00:00","og_image":[{"url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg","type":"","width":"","height":""}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"8 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#article","isPartOf":{"@id":"https:\/\/version-2.com\/2022\/08\/security-tools-pt-1\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Security Tools \u2013 Pt. 1","datePublished":"2022-08-09T01:00:58+00:00","dateModified":"2022-08-29T06:53:45+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/2022\/08\/security-tools-pt-1\/"},"wordCount":1362,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg","keywords":["vRx","2022"],"articleSection":["vRx","2022","Press Release"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/2022\/08\/security-tools-pt-1\/","url":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1","name":"Security Tools \u2013 Pt. 1 - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#primaryimage"},"image":{"@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#primaryimage"},"thumbnailUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg","datePublished":"2022-08-09T01:00:58+00:00","dateModified":"2022-08-29T06:53:45+00:00","breadcrumb":{"@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.vicarius.io\/blog\/security-tools-pt-1"]}]},{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#primaryimage","url":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg","contentUrl":"https:\/\/ik.imagekit.io\/14sfaswy6hrz\/blog-posts\/images\/cl6nias8h1ye90mqrhd717k25.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.vicarius.io\/blog\/security-tools-pt-1#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Security Tools \u2013 Pt. 1"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-eq1","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/55429","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=55429"}],"version-history":[{"count":14,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/55429\/revisions"}],"predecessor-version":[{"id":55448,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/55429\/revisions\/55448"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=55429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=55429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=55429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}