Software

Product List by Product and Date Posted
Product Date Posted

DoD Software Content Automation Protocol Tool

Software

The DoD SCAP Tool is a restricted to government employees and federal contractors and is used to perform vulnerability and compliance checks of IT systems and components using the STIGS. This tool should be used to conduct security audits if the DoD HBSS/ACAS system is not available. 

Nov 2017

QualSys SSL Client and Browser Tool

Software

This free online service performs a deep analysis of the configuration of any SSL/TLS web server on the public Internet, and client browsers. This tool should be used to conduct security audits.

Nov 2017

DHS ICS-CERT Cyber Security Evaluation Tool (CSET)

Software

CSET is a free tool that can be used by any organization and has the DoD RMF process built-in to create the network architecture diagram, has a plug-in to import GrassMarlin network discovery and inventory files, and creates a Security Plan.

Nov 2017

GrassMarlin

Software

The GrassMarlin can be used by any organization and is a passive network and discovery tool that identifies control system components and devices and creates a network architecture diagram and inventory which can be imported into the CSET or Visio tools

Nov 2017

Wireshark

Software

Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark Packet Captures (pcaps) are used to analyze network (wired and wireless) traffic.  BACnet and Modbus pcap files can be used in the TDE for training and practice to detect and contain malware.

Nov 2017

Glasswire

Software

Glasswire is a COTS product (free and purchase versions) can be used by any organization and is a simple but very powerful network, firewall, application, alerting and logging tool. Any organization can use the tool to create a Test and Development Environment and simulate the DoD Host Based Scanning System.

Nov 2017

Microsoft SysInternals Suite

Software

The suite of tools can be used by any organization to evaluate OS and system performance and search for malware and isolate process and threads. The tool is used in conjunction with the CYBERCOM Advanced Industrial Control Systems Tactics, Techniques and Procedures.

Nov 2017

OSForensics

Software

OSForensics is COTS product (free and purchase versions) that can be used by any organization for forensics of IT systems. The tool is used in conjunction with the CYBERCOM Advanced Industrial Control Systems Tactics, Techniques and Procedures.

Nov 2017

FireEye Redline

Software

FireEye Redline is COTS product (free) that can be used by any organization for forensics of IT systems. The tool is used in conjunction with the CYBERCOM Advanced Industrial Control Systems Tactics, Techniques and Procedures. 

Nov 2017

VirusTotal

Software

VT is a free tool that can be used by any organization to analyze suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware. The tool is used in conjunction with the CYBERCOM Advanced Industrial Control Systems Tactics, Techniques and Procedures.

Nov 2017

WhiteScope

Web Site

WhiteScope is a free service that compares file contents and file hashes with "known good" files from ICS/SCADA installation media. This service is used in conjunction with the CYBERCOM Advanced Industrial Control Systems Tactics, Techniques and Procedures.

Nov 2017

Yara

Software

Yara is a free tool that can be used by any organization which allows for quick, effective, and automatic YARA signature creation from a number of malicious filetypesi (Executables, Office, PDF, Java, HTML, and more). DHS ICS-CERT issues Alerts and Advisories of malware with a Yara signature. The tool is used in conjunction with the CYBERCOM Advanced Industrial Control Systems Tactics, Techniques and Procedures.

Nov 2017

MalwareBytes

Software

MalwareBytes is a COTS product (free and purchase versions) can be used by any organization and is a simple but very powerful AV and Malware detection tool. Any organization can use the tool to create a Test and Development Environment and simulate the DoD Host Based Scanning System.

Nov 2017

Avast

Software

Avast is a COTS product (free and purchase versions) can be used by any organization and is a simple but very powerful AV and Malware detection tool. Any organization can use the tool to create a Test and Development Environment and simulate the DoD Host Based Scanning System.

Nov 2017

Security Onion

Software

Security Onion is a free Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. Any organization can use the tool to create a Test and Development Environment and simulate the DoD Host Based Scanning System.

Nov 2017

Flying Squirrel

Software

Flying Squirrel is a Government-off-the-Shelf (GOTS) free software application developed by the U.S. Naval Research Laboratory that any organization can use to provide real-time discovery, analysis, and mapping of IEEE 802.11a/b/g/n wireless networks. Any organization can use the tool to create a Test and Development Environment and simulate the DoD Host Based Scanning System.

Nov 2017

VMWare Workstation Player

Software

Workstation Player is a COTS product (free and purchase versions) can be used by any organization as a virtual machine. The Kali and SamuraiSTFU tools run on a VM.

Nov 2017

Kali

Software

Kali is a COTS product (free) can be used by any organization and is a penetration testing tool. Any organization can use the tool to perform the full range of traditional IT penetration tests, and it also now has several OT penetration testing capabilities. The tool runs on VMWare.

Nov 2017

SamuraiSTFU

Software

Kali is a COTS product (free) can be used by any organization and is a penetration testing tool. Any organization can use the tool to perform the full range of traditional IT penetration tests, but Samurai is specifically design for OT penetration testing capabilities in support of the EPRI Smart Grid and Smart Meter Penetration Testing Guides. The tool runs on VMWare.

Nov 2017
Share