Auditor possibly the best security auditing linux distro
http://remote-exploit.org/index.php/Auditor_main
IMO it is way better than PHLAK more compact and fast. All of the standard tools has anyone found a security auditing based distro thats better? Anyone suggest any extra progs to add to the mix.
List of tools
Footprinting
Greenwhich
Whois
Gnetutil (Network Utilities)
Itrace (ICMP traceroute)
Tctrace (TCP traceroute)
Traceroute
DNSwalk (DNS verification)
Dig (DNS lookup)
Host (DNS lookup)
NSTXCD (IP over DNS client)
NSTXD (IP over DNS server)
Oxyman (DNS tunnel)
Curl (URL transfer)
Elinks (Console web browser)
Konqueror (Web browser)
Socat (Socket Cat)
Stunnel (Universal SSL tunnel)
Arpfetch (SNMP ARP/IP fetcher)
SNMPWalk (SNMP tree walk)
TKMib (Mib browser)
GQ (LDAP browser)
Komba2 (KDE SMB browser)
LinNeighborhood (Graphical SMB browser)
Net utils (NET utilities)
SMBClient (SMB client)
SMBGet (SMB downloader)
Smb4K (SMB share browser)
Xsmbrowser (Graphical SMB browser)
nmblookup (Netbios name lookup)
smbdumpusers (User browser)
smbgetserverinfo (Get server info)
Cheops (Network neighborhood)
NTP-fingerprint (Detection based on ntp fingerprint)
Nmap (Network scanner)
NmapFE (Graphical network scanner)
P0f (Passive OS fingerprinting)
Queso (OS detection)
XProbe2 (OS detection)
Scanning
Cisco global exploiter (Cisco scanner)
Cisco torch (Cisco oriented scanner)
ExploitTree search (ExploitTree collection)
Metasploit (Metasploit commandline)
Metasploit (Metasploit console GUI)
Metasploit (Metasploit web interface)
Nessus (Security Scanner)
Raccess (Remote scanner)
Httprint (Webserver fingerprinting)
Nikto (Webserer scanner)
Stunnel (Universal SSL tunnel)
Cheops (Network neighborhood)
GTK-Knocker (Simple GUI portscanner)
IKE-Scan (IKE scanner)
Knocker (Simple portscanner)
Netenum (Pingsweep)
Netmask (Requests netmask)
Nmap (Network scanner)
NmapFE (Graphical network scanner)
Proxychains (Proxifier)
Scanrand (Stateless scanner)
Timestamp (Requests timestamp)
Unicornscan (Fast port scanner)
Isrscan (Source routed packets scanner)
Amap (Application identification)
Bed.pl (Application fuzzer)
SNMP-Fuzzer (SNMP protocol fuzzer)
ScanSSH (SSH identification)
Nbtscan (Netbios scanner)
SMB-Nat (SMB access scanner)
Ozyman (DNS tunnel)
Ass (Autonomous system scanner)
Protos (Protocol identification)
Analyzer
AIM-SNIFF (AIM sniffer)
Driftnet (Image sniffer)
Mailsnarf (Mail sniffer)
Paros (HTTP interception proxy)
URLsnarf (URL sniffer)
smbspy (SMB sniffer)
Etherape (Network monitor)
Ethereal (Network analyzer)
Ettercap (Sniffer/Interceptor/Logger)
Hunt (Sniffer/Interceptor)
IPTraf (Traffic monitor)
NGrep (Network grep)
NetSed (Network edit)
SSLDump (SSLv3/TLS analyzer)
Sniffit (Sniffer)
TcPick (Packet stream editor)
Dsniff (Password sniffer)
Spoofing
Arpspoof (ARP spoofer)
Macof (ARP spoofer/generator)
Nemesis-ARP (ARP packet generator)
Nemesis-Ethernet (Ethernet packet generator)
CDP (CDP generator)
DNSSpoof (DNS spoofer)
Nemesis-DNS (DNS packet generator)
DHCPX (DHCP flooder)
Hping2 (Packet generator)
ICMPRedirect (ICMP redirect packet generator)
ICMPUSH (ICMP packet generator)
Nemesis-ICMP (ICMP packet generator)
Packit (Traffic inject/modify)
TcPick (Packet stream editor)
Yersinia (Layer 2 protocol injector)
Fragroute (Egress rewrite)
HSRP (HSRP generator)
IGRP (IGRP injector)
IRDP (IRDP generator)
IRDPresponder (IRDP response generator)
Nemesis-IGMP (IGMP generator)
Nemesis-RIP (RIP generator)
File2Cable (Traffic replay)
Fragrouter (IDS evasion toolkit)
Nemesis-IP (IP packet generator)
Nemesis-TCP (TCP packet generator)
Nemesis-UDP (UDP traffic generator)
SendIP (IP packet generator)
TCPReplay (Traffic replay
Etherwake (Generate wake-on-LAN)
Bluetooth
BTScanner (Bluetooth scanner)
Bluesnarfer (Bluesnarf attack)
Ghettotooth (Bluetooth scanner)
Kandy (Mobile phone tool)
Obexftp (Obexftp client)
Phone manager
RFComm (Bluetooth serial)
RedFang (Bluetooth bruteforce)
USSP-Push (Obex-push)
XMinicom (Terminal)
Wireless
apmode.sh (Act as accesspoint)
Airpwn (Client penetration)
Hotspotter (Client penetration)
GpsDrive
start-gps-daemon (GPS daemon)
stop-gps-daemon (GPS daemon)
ASLeap (LEAP/PPTP cracker)
Genkeys (Hash generator for ASLeap)
Airforge
File2air (Packet injector)
Void11
Void11-Hopper (Channel hopper)
GKismet (Graphical wireless scanner)
GPSMAP (wireless mapping)
KLV (Kismet Log Viewer)
Kismet (Ncurses wireless scanner)
Wellenreiter (Graphical Wireless scanner)
802ether (Dumpfile format convertor)
airodump (Traffic recorder)
aircrack (Modern WEP cracker)
Aireplay (Wireless packet injector)
Wep_Crack (Wep Cracker)
Wep_Decrypt (Decrypt dump files)
Airsnort (GUI based WEP cracker)
ChopChop (Active WEP attack)
DWEPCrack (WEP cracker)
Decrypt (Dump file decrypter)
WEPAttack (Dictionary attack)
WEPlab (Modern WEP cracker)
Cowpatty (WPA PSK bruteforcer)
changemac.sh (MAC address changer)
Bruteforce
ADMsnmp (SNMP bruteforce)
Guess-who (SSH bruteforc)
Hydra (Multi purpose bruteforce)
K0ldS (LDAP bruteforce)
Obiwan III (HTTP bruteforce)
SMB-Nat (SMB access scanner)
TFTP-bruteforce
VNCrack (VNC bruteforce)
Xhydra (Graphical bruteforcer
Password cracker
BKHive (SAM recovery)
Fcrackzip (Zip password cracker)
John (Multi-purpose password cracker)
Default password list
Nasty (GPG secret key cracker)
Rainbowcrack (Hash cracker)
Samdump2 (SAM file dumper)
Wordlists (Collection of wordlists)
Forensics
Autopsy (Forensic GUI)
Recover (Ext2 file recovery)
Testdisk (Partition scanner)
Wipe (Securely delete files)
Honeypot
IMAP
POP3
Honeyd (Honeypot)
IISEmulator (Honeypot)
Tinyhoneypot (Simple honeypot)