-
March 15th, 2006, 05:02 AM
#1
Member
Auditor possibly the best security auditing linux distro
http://remote-exploit.org/index.php/Auditor_main
IMO it is way better than PHLAK more compact and fast. All of the standard tools has anyone found a security auditing based distro thats better? Anyone suggest any extra progs to add to the mix.
List of tools
Footprinting
Greenwhich
Whois
Gnetutil (Network Utilities)
Itrace (ICMP traceroute)
Tctrace (TCP traceroute)
Traceroute
DNSwalk (DNS verification)
Dig (DNS lookup)
Host (DNS lookup)
NSTXCD (IP over DNS client)
NSTXD (IP over DNS server)
Oxyman (DNS tunnel)
Curl (URL transfer)
Elinks (Console web browser)
Konqueror (Web browser)
Socat (Socket Cat)
Stunnel (Universal SSL tunnel)
Arpfetch (SNMP ARP/IP fetcher)
SNMPWalk (SNMP tree walk)
TKMib (Mib browser)
GQ (LDAP browser)
Komba2 (KDE SMB browser)
LinNeighborhood (Graphical SMB browser)
Net utils (NET utilities)
SMBClient (SMB client)
SMBGet (SMB downloader)
Smb4K (SMB share browser)
Xsmbrowser (Graphical SMB browser)
nmblookup (Netbios name lookup)
smbdumpusers (User browser)
smbgetserverinfo (Get server info)
Cheops (Network neighborhood)
NTP-fingerprint (Detection based on ntp fingerprint)
Nmap (Network scanner)
NmapFE (Graphical network scanner)
P0f (Passive OS fingerprinting)
Queso (OS detection)
XProbe2 (OS detection)
Scanning
Cisco global exploiter (Cisco scanner)
Cisco torch (Cisco oriented scanner)
ExploitTree search (ExploitTree collection)
Metasploit (Metasploit commandline)
Metasploit (Metasploit console GUI)
Metasploit (Metasploit web interface)
Nessus (Security Scanner)
Raccess (Remote scanner)
Httprint (Webserver fingerprinting)
Nikto (Webserer scanner)
Stunnel (Universal SSL tunnel)
Cheops (Network neighborhood)
GTK-Knocker (Simple GUI portscanner)
IKE-Scan (IKE scanner)
Knocker (Simple portscanner)
Netenum (Pingsweep)
Netmask (Requests netmask)
Nmap (Network scanner)
NmapFE (Graphical network scanner)
Proxychains (Proxifier)
Scanrand (Stateless scanner)
Timestamp (Requests timestamp)
Unicornscan (Fast port scanner)
Isrscan (Source routed packets scanner)
Amap (Application identification)
Bed.pl (Application fuzzer)
SNMP-Fuzzer (SNMP protocol fuzzer)
ScanSSH (SSH identification)
Nbtscan (Netbios scanner)
SMB-Nat (SMB access scanner)
Ozyman (DNS tunnel)
Ass (Autonomous system scanner)
Protos (Protocol identification)
Analyzer
AIM-SNIFF (AIM sniffer)
Driftnet (Image sniffer)
Mailsnarf (Mail sniffer)
Paros (HTTP interception proxy)
URLsnarf (URL sniffer)
smbspy (SMB sniffer)
Etherape (Network monitor)
Ethereal (Network analyzer)
Ettercap (Sniffer/Interceptor/Logger)
Hunt (Sniffer/Interceptor)
IPTraf (Traffic monitor)
NGrep (Network grep)
NetSed (Network edit)
SSLDump (SSLv3/TLS analyzer)
Sniffit (Sniffer)
TcPick (Packet stream editor)
Dsniff (Password sniffer)
Spoofing
Arpspoof (ARP spoofer)
Macof (ARP spoofer/generator)
Nemesis-ARP (ARP packet generator)
Nemesis-Ethernet (Ethernet packet generator)
CDP (CDP generator)
DNSSpoof (DNS spoofer)
Nemesis-DNS (DNS packet generator)
DHCPX (DHCP flooder)
Hping2 (Packet generator)
ICMPRedirect (ICMP redirect packet generator)
ICMPUSH (ICMP packet generator)
Nemesis-ICMP (ICMP packet generator)
Packit (Traffic inject/modify)
TcPick (Packet stream editor)
Yersinia (Layer 2 protocol injector)
Fragroute (Egress rewrite)
HSRP (HSRP generator)
IGRP (IGRP injector)
IRDP (IRDP generator)
IRDPresponder (IRDP response generator)
Nemesis-IGMP (IGMP generator)
Nemesis-RIP (RIP generator)
File2Cable (Traffic replay)
Fragrouter (IDS evasion toolkit)
Nemesis-IP (IP packet generator)
Nemesis-TCP (TCP packet generator)
Nemesis-UDP (UDP traffic generator)
SendIP (IP packet generator)
TCPReplay (Traffic replay
Etherwake (Generate wake-on-LAN)
Bluetooth
BTScanner (Bluetooth scanner)
Bluesnarfer (Bluesnarf attack)
Ghettotooth (Bluetooth scanner)
Kandy (Mobile phone tool)
Obexftp (Obexftp client)
Phone manager
RFComm (Bluetooth serial)
RedFang (Bluetooth bruteforce)
USSP-Push (Obex-push)
XMinicom (Terminal)
Wireless
apmode.sh (Act as accesspoint)
Airpwn (Client penetration)
Hotspotter (Client penetration)
GpsDrive
start-gps-daemon (GPS daemon)
stop-gps-daemon (GPS daemon)
ASLeap (LEAP/PPTP cracker)
Genkeys (Hash generator for ASLeap)
Airforge
File2air (Packet injector)
Void11
Void11-Hopper (Channel hopper)
GKismet (Graphical wireless scanner)
GPSMAP (wireless mapping)
KLV (Kismet Log Viewer)
Kismet (Ncurses wireless scanner)
Wellenreiter (Graphical Wireless scanner)
802ether (Dumpfile format convertor)
airodump (Traffic recorder)
aircrack (Modern WEP cracker)
Aireplay (Wireless packet injector)
Wep_Crack (Wep Cracker)
Wep_Decrypt (Decrypt dump files)
Airsnort (GUI based WEP cracker)
ChopChop (Active WEP attack)
DWEPCrack (WEP cracker)
Decrypt (Dump file decrypter)
WEPAttack (Dictionary attack)
WEPlab (Modern WEP cracker)
Cowpatty (WPA PSK bruteforcer)
changemac.sh (MAC address changer)
Bruteforce
ADMsnmp (SNMP bruteforce)
Guess-who (SSH bruteforc)
Hydra (Multi purpose bruteforce)
K0ldS (LDAP bruteforce)
Obiwan III (HTTP bruteforce)
SMB-Nat (SMB access scanner)
TFTP-bruteforce
VNCrack (VNC bruteforce)
Xhydra (Graphical bruteforcer
Password cracker
BKHive (SAM recovery)
Fcrackzip (Zip password cracker)
John (Multi-purpose password cracker)
Default password list
Nasty (GPG secret key cracker)
Rainbowcrack (Hash cracker)
Samdump2 (SAM file dumper)
Wordlists (Collection of wordlists)
Forensics
Autopsy (Forensic GUI)
Recover (Ext2 file recovery)
Testdisk (Partition scanner)
Wipe (Securely delete files)
Honeypot
IMAP
POP3
Honeyd (Honeypot)
IISEmulator (Honeypot)
Tinyhoneypot (Simple honeypot)
-
March 15th, 2006, 08:15 AM
#2
i agree with you. But you can use an updated version of Auditor and Whax (both are merged as) BackTrack
BackTrack is the result of the merging of two Innovative Penetration Testing live Linux distributions Whax and Auditor
check http://iwhax.net/index.php/Main_Page
or http://www.remote-exploit.org/index.php/Main_Page
Excuse me, is there an airport nearby large enough for a private jet to land?
-
March 15th, 2006, 01:04 PM
#3
Member
...
I downloaded the beta but all it lets me see is command prompt It doesnt let me look at the gui
tells me to login using root:toor, its accepted but yet i am still at command line. I guess its not to the point where you can see everything/ just have to remember what tools you got? Or is my issue corrupted?
-
March 15th, 2006, 01:11 PM
#4
I downloaded the beta but all it lets me see is command prompt It doesnt let me look at the gui tells me to login using root:toor, its accepted but yet i am still at command line. I guess its not to the point where you can see everything/ just have to remember what tools you got? Or is my issue corrupted?
Have you tried startx ??
.C.
Back when I was a boy, we carved our own IC's out of wood.
-
March 15th, 2006, 03:19 PM
#5
Try BackTrack its really good. Also have a look here for mor info on some of the other live CD distros
http://www.darknet.org.uk/2006/03/10...sics-recovery/
----------------------------------------------------------------------------------------------------------
"If I'd asked my customers what they wanted, they'd have said a faster horse." ~ Henry Ford
-
March 15th, 2006, 04:53 PM
#6
Re: ...
Originally posted here by acdspit00
I downloaded the beta but all it lets me see is command prompt It doesnt let me look at the gui
tells me to login using root:toor, its accepted but yet i am still at command line. I guess its not to the point where you can see everything/ just have to remember what tools you got? Or is my issue corrupted?
xconf
startx
Oliver's Law:
Experience is something you don't get until just after you need it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|