At a company I worked at recently, I ran across a Sharepoint site and wondered whether I could download data that I wasn’t supposed to see.
Now I understand the purpose of SharePoint and company intranets is to share data, but even then, some data should be restricted to a limited number of people.
So I decided to check (before doing things like this, you better know How to Stay Out of Jail).
Top 100 Network Security Tools is the third article in a series on audit and security tools. The first article, How to Stay out of Jail, stresses that you need a GOOJ card before you use any security tools or techniques. The second article, What Needs to be on a GOOJ Card, outlines how to create a GOOJ card.
Key point: Never use security or cracker tools on networks or devices from your employer or that you do not own unless you have permission in writing.
In this article, I describe a few security tools that I believe every auditor or security analyst should be familiar with, or at the very least, be aware of.
If you work in information security or IT audit (and I don’t mean IT SOX audit), I’d advise you to carry a “get-out-of-jail” (GOOJ) card at all times. In short, get permission before you do your dirty work.
Filed under Audit, Security