Mark Baggett

More From Mark

• Meet SANS Senior Instructor: Mark Baggett
• eapmd5crack.py A python implementation of an EAP authentication cracking.
• Freq Server A Web server that integrates with SEIM systems and identifies hosts being used for Command and control by identifying domains being used for Command and Control. The tools uses character frequency analysis to identify random hostnames.
• Domain Stats - A SEIM Integration tool that monitors DNS hostnames used by your network to identify first contact with new domains and contact with new domains that have been established in the last 2 years, effective in identifying malicious actors.
• API-ify A Web server that provides an API that allows network defenders to consume the output of any Linux based command and integrate it into their ELK stack, splunk or other SEIM tools.
• Reassembler A tool that allows network defenders to reassemble and view packets using the 5 widely used fragment reassembly policies commonly found in Intrusion Detection Systems.
• SET-KBLED A Powershell script that will allow you to set the Keyboard LED Color to the color of your Clevo chipset based Keyboard.
• SRUM-DUMP Windows GUI Forensics tool produces XLSX spreadsheet with detailed information on all processes that have run in the last 30 days on Windows computers.
• ESE Analyst Command line based tool that dumps and analyzes databases used on Windows systems that stores various forensics information. Plugins are used to dump different types of data.
• Werejugo A Windows Forensics tool that analyzes the registry, event logs and wireless network configurations to identify physical locations of where the laptop has been used.