Those few companies that take information security seriously are often bewildered by the incredible array of tools and pseudo-tools available for analysis. Penetration testing and internet scanners are very popular yet are based on attack tools. These do not make use of the "home team advantage" of very fast response and the ability to examine the machines directly. This talk will describe some of those local techniques which are often overlooked.