Alpine security: Difference between revisions
m (→Reconnaissance: Remove obsolete packages. Reduce todo section. Fix hyperlinks. Use package template.) |
m (→Forensics / Data recovery tools: Remove obsolete packages, reduce todo section, use pkg template. Rescue a dead link.) |
||
Line 100: | Line 100: | ||
! URL | ! URL | ||
|- | |- | ||
| | | {{pkg|ddrescue}} | ||
| ddrescue | |||
| Data recovery tool for block devices with errors | | Data recovery tool for block devices with errors | ||
| https://www.gnu.org/s/ddrescue/ddrescue.html | | https://www.gnu.org/s/ddrescue/ddrescue.html | ||
|- | |- | ||
| testdisk | | {{pkg|testdisk}} | ||
| A powerful free data recovery software | | A powerful free data recovery software | ||
| https://www.cgsecurity.org/wiki/TestDisk | | https://www.cgsecurity.org/wiki/TestDisk | ||
|- | |- | ||
| scrub | | {{pkg|scrub}} | ||
| Disk scrubbing program | | Disk scrubbing program | ||
| https://code.google.com/archive/p/diskscrub/ | | https://code.google.com/archive/p/diskscrub/ | ||
|- | |- | ||
| ncdu | | {{pkg|ncdu}} | ||
| A curses-based version of the well-known "du" | | A curses-based version of the well-known "du" | ||
| https://dev.yorhel.nl/ncdu | | https://dev.yorhel.nl/ncdu | ||
|- | |- | ||
| htop | | {{pkg|htop}} | ||
| An interactive process viewer for Linux | | An interactive process viewer for Linux | ||
| https://htop.dev/ | | https://htop.dev/ | ||
|- | |- | ||
| | | {{pkg|wipe}} | ||
| wipe | |||
| Tool for securely erasing files from magnetic media | | Tool for securely erasing files from magnetic media | ||
| https:// | | https://wipe.sourceforge.net/ | ||
|- | |- | ||
| | | {{pkg|jhead}} | ||
| jhead | |||
| An Exif jpeg header manipulation tool | | An Exif jpeg header manipulation tool | ||
| https://www.sentex.net/~mwandel/jhead/ | | https://www.sentex.net/~mwandel/jhead/ | ||
Line 145: | Line 133: | ||
|- | |- | ||
| aimage | | aimage | ||
| Advanced Disk Imager | | Advanced Disk Imager (part of krita now???) | ||
| https://www.afflib.org | | https://www.afflib.org | ||
|- | |- | ||
| fiwalk | | fiwalk (part of sleuthkit now???) | ||
| Batch analysis of a disk image | | Batch analysis of a disk image | ||
| https://www.afflib.org | | https://www.afflib.org | ||
* ntfs-3g - Linux NTFS userspace driver | * ntfs-3g - Linux NTFS userspace driver | ||
* sleuthkit - The Sleuth Kit (TSK) | * sleuthkit - The Sleuth Kit (TSK) | ||
chntpw | chntpw | ||
Hydra | Hydra | ||
volatility3 An advanced memory forensics framework https://github.com/volatilityfoundation/volatility3 | |||
pdfcrack A Password Recovery Tool for PDF files https://pdfcrack.sourceforge.net/ | pdfcrack A Password Recovery Tool for PDF files https://pdfcrack.sourceforge.net/ | ||
--> | --> | ||
Revision as of 02:19, 25 August 2023
Note: This is work in progress. Not all packages are available at the moment.
Basics
Name | Description | URL |
---|---|---|
alpine-base | Alpine base package | https://pkgs.alpinelinux.org/packages?name=alpine-base |
alpine-mirrors | List of Official Alpine Linux Mirrors | https://mirrors.alpinelinux.org/ |
bkeymaps | Binary keymaps for busybox | https://dev.alpinelinux.org/alpine/bkeymaps[Dead Link] |
network-extras | Meta package to pull in vlan, bonding, bridge and wifi support | https://pkgs.alpinelinux.org/packages?name=network-extras |
openssl | Toolkit for TLS | https://www.openssl.org/ |
tzdata | Timezone data | https://www.iana.org/time-zones |
Code Analysis
Name | Description | URL |
---|---|---|
rpmlint | A tool for checking common errors in RPM packages | https://github.com/rpm-software-management/rpmlint |
pylint | Analyzes Python code looking for bugs and signs of poor quality | https://pypi.org/project/pylint/ |
flawfinder | Examines C/C++ source code for security flaws | https://www.dwheeler.com/flawfinder/ |
rats | A tool to find security related programming errors | https://www.fortify.com/ssa-elements/threat-intelligence/rats.html |
pychecker | A analyser for python source code | https://pychecker.sourceforge.net/ |
pyflakes | A passive checker of Python programs | https://launchpad.net/pyflakes |
strace | A useful diagnositic, instructional, and debugging tool | https://strace.io/ |
netsink | A Network Sinkhole for Isolated Malware Analysis | https://github.com/shendo/netsink |
Forensics / Data recovery tools
Name | Description | URL |
---|---|---|
ddrescue | Data recovery tool for block devices with errors | https://www.gnu.org/s/ddrescue/ddrescue.html |
testdisk | A powerful free data recovery software | https://www.cgsecurity.org/wiki/TestDisk |
scrub | Disk scrubbing program | https://code.google.com/archive/p/diskscrub/ |
ncdu | A curses-based version of the well-known "du" | https://dev.yorhel.nl/ncdu |
htop | An interactive process viewer for Linux | https://htop.dev/ |
wipe | Tool for securely erasing files from magnetic media | https://wipe.sourceforge.net/ |
jhead | An Exif jpeg header manipulation tool | https://www.sentex.net/~mwandel/jhead/ |
Reconnaissance
Name | Description | URL |
---|---|---|
arpon | ARP handler inspection | https://arpon.sourceforge.io/ |
dnsenum | A tool to enumerate DNS info about domains | https://github.com/fwaeytens/dnsenum |
scanssh | Fast SSH server and open proxy scanner | https://monkey.org/~provos/scanssh/ |
ngrep | Network layer grep tool | https://github.com/jpr5/ngrep/ |
scapy | Interactive packet manipulation tool and network scanner | https://scapy.net/ |
socat | Bidirectional data relay between two data channels ('netcat++') | |
tcpdump | A network traffic monitoring tool | https://www.tcpdump.org/ |
tcpflow | A tool for monitoring, capturing and storing TCP connections flows | https://github.com/simsong/tcpflow |
nmap | A network exploration tool and security/port scanner | https://nmap.org |
arpwatch | An ethernet monitoring program | https://ee.lbl.gov/ |
p0f | Passive traffic fingerprinting tool | https://lcamtuf.coredump.cx/p0f3/ |
hping3 | A ping-like TCP/IP packet assembler/analyzer | |
sslscan | fast SSL/TLS configuration scanner | https://github.com/rbsec/sslscan |
httpry | A packet sniffer designed for HTTP traffic | https://dumpsterventures.com/jason/httpry |
bannergrab | A banner grabbing tool | https://sourceforge.net/projects/bannergrab |
dnstop | A DNS traffic capture utility | |
swaks | A transaction-oriented SMTP test tool | https://www.jetmore.org/john/code/swaks/ |
mitmproxy | An interactive SSL-capable intercepting HTTP proxy | https://www.mitmproxy.org/ |
hexinject | A very versatile packet injector and sniffer | https://hexinject.sourceforge.net/ |
openvas-scanner | Vulnerability scanner and manager | https://www.openvas.org/ |
Application Testing
Name | Description | URL |
---|---|---|
lynis | Security and system auditing tool | https://cisofy.com/lynis/ |
nikto | A web application security scanner | https://www.cirt.net/Nikto2 |
sqlmap | Automatic SQL injection and database takeover tool | https://sqlmap.org/ |
zaproxy | OWASP Zed Attack Proxy web app scanner | https://www.zaproxy.org/ |
Network statistics
Name | Description | URL |
---|---|---|
iperf | Tool to measure IP bandwidth using UDP or TCP | https://github.com/esnet/iperf |
iptraf-ng | A console-based network monitoring utility | https://fedorahosted.org/iptraf-ng/ |
iftop | Command line tool that displays bandwidth usage on an interface | https://www.ex-parrot.com/~pdw/iftop/ |
fping | A utility to ping multiple hosts at once | https://fping.sourceforge.net/ |
mtr | Full screen ncurses traceroute tool | https://www.bitwizard.nl/mtr/ |
nfdump | The nfdump tools collect and process netflow data on the command line | https://github.com/phaag/nfdump |
nethogs | Top-like monitor for network traffic | https://raboof.github.io/nethogs/ |
iptstate | Top-like interface to netfilter connection-tracking table | https://www.phildev.net/iptstate/ |
Misc tools
Name | Description | URL |
---|---|---|
bash-completion | Command-line tab-completion for bash | https://github.com/scop/bash-completion |
clamav | An anti-virus toolkit for UNIX | https://www.clamav.net |
7zip | A command-line port of the 7zip compression utility | https://7-zip.org/ |
nano | A simple ncurses text editor | https://www.nano-editor.org/ |
rsync | A file transfer program to keep remote files in sync | https://rsync.samba.org/ |
screen | A terminal multiplexer, used to multiplex several virtual consoles. Similar to "tmux" below | https://www.gnu.org/software/screen/ |
tmux | A terminal multiplexer, used to multiplex several virtual consoles. Similar to "screen" above | https://tmux.github.io/ |
multitail | A tool to view one or multiple files | https://www.vanheusden.com/multitail |
e2fsprogs | Standard Ext2/3/4 filesystem utilities | https://e2fsprogs.sourceforge.net/ |
openssh | An open source implementation of SSH protocol versions 1 and 2 | https://www.openssh.com/ |
partclone | Back up and restore used-blocks of a partition | https://partclone.org/ |
sshguard | Log monitor that blocks with iptables on bad behaviour | https://www.sshguard.net/ |
proxychains-ng | A tool that forces any TCP connection through proxies | https://github.com/rofl0r/proxychains-ng |
knock | A simple port-knocking daemon | https://www.zeroflux.org/projects/knock |
logcheck | A simple utility which is designed to allow a system administrator to view the logfiles | https://logcheck.org{ |
mc | A visual file manager | https://www.midnight-commander.org/ |
makepasswd | Generates (pseudo-)random passwords of a desired length | https://www.defora.org/os/project/117/makepasswd |
lnav | A curses-based tool for viewing and analyzing log files | https://lnav.org |
goaccess | A real-time web log analyzer and interactive viewer | https://goaccess.io/ |
VoIP
Name | Description | URL |
---|---|---|
sipp | A test tool / traffic generator for the SIP protocol | https://sipp.sourceforge.net/ |
sipsak | SIP swiss army knife | https://github.com/nils-ohlmeier/sipsak |
Wireless
Name | Description | URL |
---|---|---|
aircrack-ng | 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker | https://www.aircrack-ng.org/ |
kismet | A WLAN detector, sniffer, and IDS | https://www.kismetwireless.org/ |
reaver-wps-fork-t6x | WPS Password Cracker | https://github.com/t6x/reaver-wps-fork-t6x |
wavemon | Ncurses-based monitoring application for wireless network devices | https://github.com/uoaerg/wavemon |
Intrusion detection
Name | Description | URL |
---|---|---|
nebula | An Intrusion Signature Generator | https://github.com/slackhq/nebula |
snort | A network intrusion prevention and detection system | https://www.snort.org/ |