Sunday, December 1, 2019
FilterLists
https://filterlists.com
bmon
sudo apt-get install bmon
To launch the utility, simply use the command bmon. The default is to display bytes per second. To display bits per second, launch the application with a -b switch.
https://www.networkworld.com/article/3447936/viewing-network-bandwidth-usage-with-bmon.html
Flan Scan
https://www.kitploit.com/2019/11/flan-pretty-sweet-vulnerability-scanner.html
https://github.com/cloudflare/flan
Sparrow-WiFi
https://www.kitploit.com/2019/11/sparrow-wifi-next-gen-gui-based-wifi.html
https://github.com/ghostop14/sparrow-wifi
Rebel Framework
https://www.kitploit.com/2019/09/rebel-framework-advanced-and-easy-to.html
https://github.com/reb311ion/rebel-framework
Projector Central
https://www.projectorcentral.com/
Friday, November 1, 2019
How to enable dark mode for all sites with Chrome
https://www.howtogeek.com/446198/how-to-force-dark-mode-on-every-website-in-google-chrome/
Neverware CloudReady
After the installation has completed, one component to update would be the optional media codecs under Settings.
https://www.neverware.com/freedownload
Bitwarden
https://bitwarden.com/
Potentially Unwanted Application (PUA) test file
https://www.amtso.org/feature-settings-check-potentially-unwanted-applications/
Other test files are available on the same site at:
https://www.amtso.org/security-features-check/
Disable interactive ads with a Roku
Tuesday, October 1, 2019
Configuring auto-login with Windows 10
Examples of finding files within Linux
which ping
/bin/ping
The locate command returns any file which contains the text. To focus on a particular path, use the grep command as well. The switch "-i" will specify locate to ignore case-sensitivity.
locate chrome | grep /home/sam
The find command is similar; it has several parameters such as:
-iname - file name
-mtime - modified time
-perm - permissions
The example below looks for all files in the home directory that have been created or modified in the past seven days:
find ~/ -mtime -7
https://distrowatch.com/weekly.php?issue=20190812
Quick method to copy system information from a Windows client to a text file
systeminfo | clip
Use a text editor such as Notepad and paste the data in from the clipboard.
AntennaPod
https://antennapod.org
Ehtools Framework
https://www.kitploit.com/2019/09/ehtools-framework-of-serious-wi-fi.html
https://github.com/entynetproject/ehtools
https://ehtools.pro
Sunday, September 1, 2019
How to disable web site notifications within Google Chrome
chrome://settings/content/notifications
Toggle the parameter so the text displayed is "Block".
Boot time with Linux
grep systemd /proc/1/comm && echo I am using systemd || echo I am not using systemd
Use the following command to list start-up services in order of how much time is required.
systemd-analyze blame
https://distrowatch.com/weekly.php?issue=20190610
Syncthing
https://syncthing.net/
Remote Desktop Access via Chrome
https://9to5google.com/2019/06/05/chrome-remote-desktop-web/
https://remotedesktop.google.com/support
VMware Ports and Protocols web site
https://ports.vmware.com/
Airgeddon
https://github.com/v1s1t0r1sh3r3/airgeddon
https://www.kitploit.com/2019/08/airgeddon-v921-multi-use-bash-script.html
Thursday, August 1, 2019
Pi-hole Notes
Etcher can be used to create a boot-able Micro SD card. The commands to install the application within Linux can be found at https://www.fossmint.com/etcher-usb-sd-card-bootable-image-creator-for-linux/.
Raspbian can be downloaded via https://www.raspberrypi.org/downloads/raspbian/. The minimal version (Lite) can be used.
The default credentials for Raspbian is pi for the user name, and raspberry for the password. Once logged in, use the command sudo raspi-config to load the configuration utility. Use option 1 to enter a new password, and option 5 (Interfacing options) and then 2 (SSH) to enable the SSH daemon.
Use the command sudo nano /etc/dhcpcd.conf and remove the comments from the static IP section.
# Example static IP configuration:
interface eth0
static ip_address=192.168.1.200/24
#static ip6_address=fd51:42f8:caae:d92e::ff/64
static routers=192.168.0.1
static domain_name_servers=8.8.8.8 fd51:42f8:caae:d92e::1
Within the web interface, blocked sites can be viewed within the logs via Tools -> Tail pihole.log
Jun 22 21:44:36 dnsmasq[651]: query[A] aol.com from 192.168.1.10
Jun 22 21:44:36 dnsmasq[651]: /etc/pihole/black.list aol.com is 0.0.0.0
The log can be viewed via an SSH session via the command sudo tail -F /var/log/pihole.log or pihole -t. Certain domains can be searched for by using the command such as grep aol.com /var/log/pihole.log.
The command pihole -up can be used to update the Pi-hole application itself.
pi@raspberrypi:/ $ pihole -up
[i] Checking for updates...
[i] Pi-hole Core: up to date
[i] Web Interface: up to date
[i] FTL: up to date
[✓] Everything is up to date!
Regex examples can be found at https://github.com/mmotti/pihole-regex/blob/master/regex.list and https://www.reddit.com/r/pihole/comments/b3fj60/regex_megathread/.
The domain lists can be updated using the pihole -g command.
pi@raspberrypi:~ $ pihole -g
[i] Pi-hole blocking is enabled
[i] Neutrino emissions detected...
[✓] Pulling blocklist source list into range
[i] Target: raw.githubusercontent.com (hosts)
[✓] Status: Retrieval successful
[i] Target: mirror1.malwaredomains.com (justdomains)
[✓] Status: Retrieval successful
[i] Target: sysctl.org (hosts)
[✓] Status: No changes detected
[i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
[✓] Status: No changes detected
[i] Target: s3.amazonaws.com (simple_tracking.txt)
[✓] Status: No changes detected
[i] Target: s3.amazonaws.com (simple_ad.txt)
[✓] Status: No changes detected
[i] Target: hosts-file.net (ad_servers.txt)
[✓] Status: No changes detected
[✓] Consolidating blocklists
[✓] Extracting domains from blocklists
[i] Number of domains being pulled in by gravity: 137133
[✓] Removing duplicate domains
[i] Number of unique domains trapped in the Event Horizon: 114873
[i] Number of whitelisted domains: 0
[i] Number of blacklisted domains: 0
[i] Number of regex filters: 17
[✓] Parsing domains into hosts format
[✓] Cleaning up stray matter
[✓] Force-reloading DNS service
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled
Additional lists such as https://raw.githubusercontent.com/chadmayfield/pihole-blocklists/master/lists/pi_blocklist_porn_top1m.list can be added via the web interface under Settings -> Blocklists tab. A web site with details on additional lists can be found at https://firebog.net.
Kali NetHunter App Store for Android
https://store.nethunter.com/
Commando VM
https://www.fireeye.com/blog/threat-research/2019/03/commando-vm-windows-offensive-distribution.html
https://isc.sans.edu/forums/diary/Commando+VM+The+Complete+Mandiant+Offensive+VM/25136/
Rifiuti2
https://abelcheung.github.io/rifiuti2/
https://www.kitploit.com/2019/07/rifiuti2-windows-recycle-bin-analyser.html
Whonix
Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible.
Sysinternals Sysmon
https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
A pre-built configuration file can be found at:
https://github.com/SwiftOnSecurity/sysmon-config
To install Sysmon and use the configuration file, download the Sysmon utility and extract the .ZIP file. If you download the .XML file using a browser and attempt to use it, an error may be returned with the text of "DTD is prohibited."
To avoid this error, click on the link for the .XML file and then copy/paste the contents into a text editor such as Notepad++, and then save the file using the original file name.
To verify the service was installed and logging is occurring, launch an elevated PowerShell session and enter the following commands.
Get-Service sysmon
Get-WinEvent -LogName 'Microsoft-Windows-Sysmon/Operational' -MaxEvents 10
The logs can be manually viewed via the Computer Management MMC (compmgmt.msc) using the path Event Viewer -> Applications and Services Logs -> Microsoft -> Windows -> Sysmon -> Operational.
The .XML file includes comments concerning some of the parameters included.
Below is an example of a log entry from using the nslookup command.
Network connection detected:
RuleName:
UtcTime: 2019-02-23 23:41:00.742
ProcessGuid: {8fcfd9c4-da0c-5c71-0000-0010dc068801}
ProcessId: 1636
Image: C:\Windows\System32\nslookup.exe
User: sam
Protocol: udp
Initiated: true
SourceIsIpv6: false
SourceIp: 192.168.254.27
SourceHostname: computer
SourcePort: 60836
SourcePortName:
DestinationIsIpv6: false
DestinationIp: 192.168.254.254
DestinationHostname:
DestinationPort: 53
DestinationPortName: domain
Monday, July 1, 2019
Installing Firefox on an Amazon table
The first item is to enable installation of applications from unknown sources. The current path is Settings -> Security and Privacy -> Apps from Unknown Sources.
Open the Silk Browser. Access the web page https://wiki.mozilla.org/Mobile/Platforms/Android. A direct link to the .APK download should be present. To download the file, click and hold on the download link. A dialog box will appear with several options such as to open in a new tab. Select the Download link option.
A dialog box will appear stating this type of file can harm your device. Click on the OK button. The file should be downloaded to the tablet.
Once the download has completed, click on the Open link. A list of privacy and device access parameters should be displayed. Click on the Next button, and then on the Install button.
One negative aspect of this method is future updates. Since the application was not installed via an App Store, it will not be automatically patched.
Free Mac security utilities
https://objective-see.com/products.html
Dnstap
http://dnstap.info/
https://www.blackhillsinfosec.com/tap-into-your-valuable-dns-data/
PcapXray
https://www.kitploit.com/2019/06/pcapxray-v25-network-forensics-tool-to.html
https://github.com/Srinivas11789/PcapXray
KeePassXC
https://keepassxc.org/
Attack Surface Analyzer
https://github.com/Microsoft/AttackSurfaceAnalyzer
https://www.microsoft.com/security/blog/2019/05/15/announcing-new-attack-surface-analyzer-2-0/
SyncBack
https://www.2brightsparks.com/
Saturday, June 1, 2019
How to Restart Video Driver in Windows 10
Windows Key + Control Key + Shift Key + B Key
https://winaero.com/blog/restart-video-driver-windows-10/
DeepBlueCLI
https://github.com/sans-blue-team/DeepBlueCLI
https://www.activecountermeasures.com/log-analysis-part-2-detecting-host-attacks-or-how-i-found-and-fell-in-love-with-deepbluecli/
EvtxECmd
https://binaryforay.blogspot.com/2019/04/introducing-evtxecmd.html
http://windowsir.blogspot.com/2019/05/evtxecmd.html
LogonTracer
https://github.com/JPCERTCC/LogonTracer
https://www.activecountermeasures.com/log-analysis-part-3-lateral-movement/
DF and DU commands within Linux
df -BM
The -h switch is for human readable.
The following command will display summary disk usage for the current directory.
du -h -s *
https://www.howtogeek.com/409611/how-to-view-free-disk-space-and-disk-usage-from-the-linux-terminal/
Wednesday, May 1, 2019
Linux clean up commands
Cleaning up of partial package -> sudo apt autoclean
Cleaning up of the apt cache -> sudo apt-get clean
Cleaning up of any unused dependencies -> sudo apt autoremove
Windows Event Forwarding Guidance
https://github.com/palantir/windows-event-forwarding
Swappa
https://swappa.com/
Osmedeus
https://github.com/j3ssie/Osmedeus
https://www.kitploit.com/2019/04/osmedeus-fully-automated-offensive_27.html
EasySploit
https://github.com/KALILINUXTRICKSYT/easysploit
https://www.kitploit.com/2019/04/easysploit-metasploit-automation-easier.html
Suricata
Monday, April 1, 2019
Manage start-up with Linux that uses systemd
systemctl list-unit-files
To view only active entries:
systemctl list-units --type=service
To view the status of a specific service such as bluetooth:
systemctl status bluetooth
To disable an entry such as bluetooth:
sudo systemctl disable bluetooth
https://www.commandlinux.com/man-page/man1/systemctl.1.html
One method to install Google Chrome with Linux Mint
sudo wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" | sudo tee /etc/apt/sources.list.d/google-chrome.list
sudo apt update
sudo apt install -y google-chrome-stable
https://www.itzgeek.com/how-tos/linux/linux-mint-how-tos/how-to-install-google-chrome-on-linux-mint-19-tara.html
Etcher
https://www.balena.io/etcher/
VDI script for Windows 10
https://blogs.technet.microsoft.com/askpfeplat/2019/03/20/windows-10-build-1803-vdi-optimization-script-primer/
https://github.com/TheVDIGuys/W10_1803_VDI_Optimize
Bitdefender Traffic Light
https://www.bitdefender.com/solutions/trafficlight.html
Otter Browser
https://otter-browser.org
Friday, March 1, 2019
Google “Private DNS” with Android 9
- Go to "Settings" → "Network & Internet" → "Advanced" → "Private DNS".
- Select Private DNS provider hostname.
- Enter
dns.google
as the hostname of the DNS provider. - Click Save.
https://android-developers.googleblog.com/2018/04/dns-over-tls-support-in-android-p.html
Emsisoft Browser Security Extension
https://www.bleepingcomputer.com/news/security/emsisoft-browser-security-protects-you-from-malicious-sites/
https://chrome.google.com/webstore/detail/emsisoft-browser-security/jfofijpkapingknllefalncmbiienkab?hl=en
Extend Windows Server Evaluation
Windows Server evaluation versions will by default “deactivate” after 180 days. To extend this period up to 6 times, launch an elevated command prompt and enter the following command.
slmgr – dlv
After a few seconds, a pop-up window should appear displaying information about the licensing status of the server.
https://www.petri.com/how-to-extend-windows-server-evaluation
Install software on multiple computers remotely with PowerShell
A PowerShell script is available that allows software installation on multiple computers.
https://gallery.technet.microsoft.com/scriptcenter/Install-software-on-9278d883
http://terenceluk.blogspot.com/2019/02/using-installsoftwareremotelyps1-to.html
Logging Cheat Sheets for Windows
The following web site offers cheat sheets concerning the configuration of logging for Windows.
Web site of honeypot resources
The web site below contains a list of resources concerning honeypots.
Web site to determine when a Chromebook will lose support
Google has a web site that lists when a particular Chromebook model will lose update support.
Friday, February 1, 2019
Ubiquiti WiFiman
Ubiquiti offers a WiFiman mobile app that provides a suite of tools to monitor, analyze, and improve Wi-Fi performance.
https://blog.ubnt.com/2018/12/11/introducing-wifiman/
https://itunes.apple.com/us/app/ubiquiti-wifiman/id1385561119?mt=8
https://play.google.com/store/apps/details?id=com.ubnt.usurvey
How to configure Squid on a Linux server
# # Determine network interface name # ifconfig # # Set static IP address # sudo nano /etc/netplan/50-cloud-init.yaml # # The default should be similar to the text below # network: ethernets: ens32: addresses: [] dhcp4: true version: 2 # # Modify the file to resemble the following # network: ethernets: enp0s3: dhcp4: no dhcp6: no addresses: [192.168.99.99/24] gateway4: 192.168.99.1 nameservers: addresses: [8.8.8.8] version: 2 # # Execute the following command to update and save the configuration # sudo netplan apply # # If you are logged into remotely via SSH, your connection will drop # # Once logged back in using the new static IP address, update the OS itself # sudo apt-get update sudo apt-get upgrade # # Disable IPv6 # sudo nano /etc/sysctl.conf # # Add the following lines # net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 # # Restart service # sudo service procps reload # # Verify IPv6 is disabled; a "1" should be returned # cat /proc/sys/net/ipv6/conf/all/disable_ipv6 # # Install Squid # sudo apt-get install squid3 -y # # Allow traffic to the listening port on the local firewall # sudo ufw allow 3128/tcp # # Make a copy of the original default configuration file # sudo cp /etc/squid/squid.conf /etc/squid/squid.original # # Create a text file with a list of domains to block # sudo nano /etc/squid/blacklist.txt .google.com .bing.com .yahoo.com # # Edit the configuration file for Squid # sudo nano /etc/squid/squid.conf # # At the top of the file, add the line below to include more details within the logs # debug_options ALL,2 # # Use Control-W to find the text "http_access allow localhost" # # Add a rule to block the domains from the text file created above # acl blocksitelist dstdomain "/etc/squid/blacklist.txt" # # Add rules to block URL's that contain the text specified # This would block URL's such as google.co.uk # acl Yahoo url_regex -i yahoo acl Google url_regex -i google acl Bing url_regex -i bing # # Specify the local subnet # acl localnet src 192.168.0.0/16 # # Add block rules # http_access deny blocksitelist http_access deny Yahoo http_access deny Google http_access deny Bing # # Allow the other traffic to pass # # Change the default "http_access allow localhost" to the value below # http_access allow localnet # # Use Control-W to find the text "dns_nameservers" # # Configure local DNS servers by adding the following line # dns_nameservers 8.8.8.8 8.8.4.4 # # Use Control-W to find the text "cache_mgr" # # Set email address that is returned on an error page by adding the following line # cache_mgr address@domain.com # # Use Control-W to search for text "Safe_ports" # # This would be used if an internal service used a custom port # # Add port 8383 to the SSL_ports list and add a line below http # acl SSL_ports port 443 83 acl Safe_ports port 80 # http acl Safe_ports port 8383 # # Use Control-W to search for the text "logfile_rotate" # # Uncomment the line and change the default 0 to 5 # # The command to add a cron job is listed below # logfile_rotate 5 # # Save the configuration file and then use the command below to load the new parameters # Errors will be returned if found # sudo squid -k reconfigure # # Another option is to restart the service # sudo service squid start # Logs are stored at /var/log/squid # # To transfer log files to a Windows SMB share, install the smbclient application # sudo apt-get install smbclient # # Make a copy of the log file to the user's home directory and change the permissions # sudo cp /var/log/squid/access.log /home/sam sudo chmod 777 /home/sam/access.log # # Use the smbclient to access the SMB share and transfer the file over # cd /home/sam smbclient -m SMB2 -U 'server\user' \\\\192.168.x.x\\share put access.log # # Below are some examples of commands to review the log files with the converted time stamp # sudo perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e' < /var/log/squid/access.log sudo cat /var/log/squid/access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e' # # Below is an example to view denied traffic # sudo grep "DENIED" /var/log/squid/access.log # # To rotate Squid's logs, use this command # sudo squid -k rotate # # Use the commands below to add a cron job to rotate the logs at midnight # sudo crontab -e 0 0 * * * /usr/local/squid/bin/squid -k rotate # # Create a shell script to combine the logs into one file, and then map to a SMB share # cd /home/sam nano logcopy.sh # # Copy the following lines # #!/bin/bash cp /var/log/squid/access.log /home/sam chmod 777 /home/sam/access.log cp /var/log/squid/access.log.2 /home/sam chmod 777 /home/sam/access.log.2 cp /var/log/squid/access.log.3 /home/sam chmod 777 /home/sam/access.log.3 cp /var/log/squid/access.log.4 /home/sam chmod 777 /home/sam/access.log.4 cd /home/sam cat access.log access.log.2 access.log.3 access.log.4 > logs.txt smbclient -m SMB2 -U 'domain\account' \\\\192.168.x.x\\share # # Mark the file as executable # chmod 755 logcopy.sh # # Execute the script with sudo. Enter the AD user account password and use the "put logs.txt" command to copy the file to the SMB share # sudo ./logcopy.sh # # One method to determine if the default Squid error page was returned is to search within the logs for the following string # http://proxy:3128/squid-internal-static/icons/SN.png
# # Below is an example of where an URL was denied access # 1545790661.113 1 192.168.254.215 TCP_DENIED/403 3970 GET http://www.nbcnews.com/ - HIER_NONE/- text/html 1545790661.168 0 192.168.254.215 TCP_MEM_HIT/200 11704 GET http://proxy:3128/squid-internal-static/icons/SN.png - HIER_NONE/- image/png # # The information above was concerning using Squid version 3. To use Squid version 4, the following steps were used via https://github.com/diladele/squid-ubuntu. # The domain source was in Germany, so the geo-blocking parameter required some exceptions to allow the traffic to pass. # # add diladele apt key # wget -qO - http://packages.diladele.com/diladele_pub.asc | sudo apt-key add - # # add repo # # The original command below would return a "Permission denied" error: # echo "deb http://squid48.diladele.com/ubuntu/ bionic main" > /etc/apt/sources.list.d/squid48.diladele.com.list # # Per a Google search, I used the following command to get around the permission error. # sudo su -c "echo 'deb http://squid48.diladele.com/ubuntu/ bionic main' >> /etc/apt/sources.list.d/squid48.diladele.com.list" # # update the apt cache # sudo apt-get update # # install the application # sudo apt-get install squid-common sudo apt-get install squid sudo apt-get install squidclient # # verify installed version # squid -v # # Version 4 returned a warning concerning the original version 3 parameter of: # acl localnet src 192.168.0.0/16 # So this was removed from the configuration file
Appscope
Appscope is a directory of Progressive Web Apps, showcasing the best PWA examples. All apps listed run entirely in the web browser and launch instantly without an app download.
Snorpy
Snorpy is a web base application to easily build Snort/Suricata rules in a graphical way. It is simple to use starting from the Action and Protocol fields and as you pick each field, the rule builder shows the rule in the bottom window.
https://isc.sans.edu/forums/diary/Snorpy+a+Web+Base+Tool+to+Build+SnortSuricata+Rules/24522/
MailStore Home
MailStore Home lets you archive your private email from almost any email source and search through them quickly.
Tilix
Tilix is a tiling terminal emulator which uses the VTE GTK+ 3 widget library. It can display more than one terminal in the same window at the same time.
https://gnunn1.github.io/tilix-web/
https://www.omgubuntu.co.uk/2017/07/tilix-terminix-terminal-emulator-ubuntu
Tuesday, January 1, 2019
ss command within Linux
The ss (socket statistics) command provides information by displaying details on socket activity. Some command line switch examples would be:
ss -ta dumps all TCP socket
ss -ua dumps all UDP sockets
ss -wa dumps all RAW sockets
ss -xa dumps all UNIX sockets
ss -4a dumps all IPV4 sockets
ss -6a dumps all IPV6 sockets
ss –lt displays only listening sockets
ss-ltn displays the same data with port numbers
ss-t displays established TCP connections
https://www.networkworld.com/article/3327557/linux/using-ss-to-examine-network-connections.html
Microsoft Windows and Office ISO Download Tool
This tool allows an easy and comfortable way to download genuine Windows 7, Windows 8.1 and Windows 10 disk images (ISO) directly from Microsoft's servers, as well as Office 2010, Office 2013, Office 2016, Office 2019, Expression Studio and Office for Mac.
LiveTcpUdpWatch
LiveTcpUdpWatch is a tool for Windows that displays live information about all TCP and UDP activity on your system. Every line in the main table of LiveTcpUdpWatch displays the protocol (TCP/UDP/IPv4/IPv6), local/remote IP address, local/remote port, number of sent/received bytes, number of sent/received packets, connect/disconnect time (For TCP only), and the process (ID and path) responsible for this activity. LiveTcpUdpWatch uses event tracing API to get live information from Windows Kernel about every TCP/UDP packet sent/received. It captures all UDP activity with process information but without the need of using a network sniffer.
Tcpreplay
Tcpreplay is a suite of GPLv3 licensed utilities for UNIX (and Win32 under Cygwin) operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4 packets and finally replay the traffic back onto the network and through other devices such as switches, routers, firewalls, NIDS and IPS's. Tcpreplay supports both single and dual NIC modes for testing both sniffing and in-line devices.
https://github.com/appneta/tcpreplay
https://www.kitploit.com/2018/12/tcpreplay-pcap-editing-and-replay-tools.html
Passer
Passer is a passive sniffer and inventory tool.
https://www.activecountermeasures.com/passer-a-passive-sniffer-and-inventory-tool/
EventSentry SysAdmin Tools
The EventSentry SysAdmin Tools is a set of command-line and graphical utilities designed to help network administrators with their daily administrative tasks.
Sndbox.com
SNDBOX is a web site that utilizes artificial intelligence and a hardened virtual environment to perform static and dynamic analysis of malware samples.
Azure Data Studio
Azure Data Studio is a cross-platform database tool for data professionals using the Microsoft family of on-premises and cloud data platforms on Windows, MacOS, and Linux.
Previously released under the preview name SQL Operations Studio, Azure Data Studio offers a modern editor experience with Intellisense, code snippets, source control integration, and an integrated terminal. It is engineered with the data platform user in mind, with built in charting of query result sets and customizable dashboards.
https://docs.microsoft.com/en-us/sql/azure-data-studio/what-is?view=sql-server-2017
https://docs.microsoft.com/en-us/sql/azure-data-studio/download?view=sql-server-2017