1 11




                                                                  Other Tools






            Throughout this book, we've touched on tooling and workflows that have been chosen
            based on a combination of efficiency, cost, professional opinion, and personal preference.
            But there are a profusion of security tools that you can leverage beyond the short list we've
            covered in our walkthrough.

            This chapter will cover both how to evaluate adopting new tools, as well as providing a
            simple overview of other useful Curate software, sites, communities, and educational
            resources. We'll cover everything from programs, such as scanners and Burp extensions, to
            crowd-sourced databases of attack snippets, such as SecLists.

            The following topics will be covered in this chapter:
                      Evaluating new tools
                      Paid versus free editions
                      A quick overview of Nikto, Kali, Burp extensions, and more



            Technical Requirements

            This chapter has a grab-bag of technical dependencies depending on what tools you
            actually want to incorporate into your workflow. Most of our CLI programs can be easily
            installed with the IPNFCSFX package manager; Burp Suite still requires its Java 8
            installation; and, of course, the Kali Linux distribution operates at a different level of the
            stack, since an OS requires a hard drive partition to install to. As ever, we'll be using
            Chrome (             ).