Welcome back to IT Pro Tuesday and happy 2024!

One important note: we’re in the process of migrating the full list of tools to a brand-new website—which means it will be unavailable at the old link starting on Jan. 12. We’re expecting the site build to take about 3 months and will let you know just as soon as it’s back in action. In the meantime, you can browse through most of the previous lists on our IT Pro Tuesday subreddit.

And now on to the list!

A Free Tool

Doxygen generates documentation from annotated C++ sources, including C, Objective-C, C#, PHP, Java, Python, IDL (Corba, Microsoft, and UNO/OpenOffice flavors), Fortran, and VHDL to some extent. Extracts documentation directly from source files, making it easy to maintain consistency between all your code and documentation. Automatically generates dependency graphs, inheritance diagrams, and collaboration diagrams. Indifferentchildren adds, “Doxygen does an amazing job, even if you don’t annotate your software.”

Another Free Tool

Net-SNMP is a comprehensive suite of applications designed to implement SNMP v1, v2c, and v3 across IPv4 and IPv6 networks. Offers command-line tools for retrieving, manipulating, and displaying information from SNMP-capable devices, a graphical MIB browser, a daemon for receiving SNMP notifications, and an extensible agent supporting a wide array of MIB information modules—plus a versatile library with C and Perl APIs for developing custom SNMP applications. Kindly suggested by OsmiumBalloon.

Yet Another Free Tool

DomainMOD is a self-hosted, open-source PHP application for centralized management of domains and internet assets. It offers a Data Warehouse framework that’s compatible with servers running WHM/cPanel, enabling the import, analysis, and generation of reports on live web server data within the application. alyxmw explains, it “essentially functions as fancy asset tracking for your domain portfolio; it can keep track of renewal dates, cost to renew, and similar information. It’s also got importer functionality for a few major domain registrars.”

External Attack Surface Management Attack Surface Summary

A Training Resource

Low Level Learning is a YouTube channel dedicated to the world of code and cybersecurity. Features in-depth discussions on programming languages such as C, C++, and Rust, as well as cybersecurity and hacking tips that can help you become able to write better, safer code. DeviousBeevious appreciates it as a good source to learn about “various programming things.”

External Attack Surface Management Attack Surface Summary

A Tutorial

How to Sign an EXE With a Certificate (Easy Mode) is a nice tutorial on how you can use SignTool and SignGUI to simply address your code signing needs. shilezi explains, “I found this very useful after Microsoft refused our app on the app store because it was signed SHA1. Turns out DigiCert’s DigiCertUtil.exe is no longer recommended by DigiCert as the goto tool to sign apps. When i called them up, they said to go get the MS signtool sdk… anyway, this guy walks you through the steps of using a GUI to point to the right parameters to sign.”

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

D-ITG is a versatile platform for precise packet-level traffic generation that replicates various stochastic processes for IDT and PS random variables, including exponential, uniform, cauchy, normal, pareto, and more. Supports IPv4 and IPv6 and operates seamlessly across network, transport, and application layers. mschedrin recommends it for traffic automation for testing purposes.

XCP-ng is a user-friendly, open-source virtualization platform that ensures high performance and security by default, enabling the management of diverse virtualization workloads through a centralized administration console. It’s supported by an API and CLI and compatible with tools like Packer, Terraform, and Ansible. dustyaguas says, “XCP-NG + Xen Orchestra is the real deal. XO has a very active development cycle, a new release every month. Detailed YouTube videos and articles for each update. I ran it in production when I was in management at a small MSP.”