Alpine security: Difference between revisions

Latest revision as of 08:53, 7 July 2024

This material is obsolete ...

See notice on Alpine Security and Rescue (Discuss)

Basics

Name	Description	URL
alpine-base	Alpine base package	https://pkgs.alpinelinux.org/packages?name=alpine-base
alpine-mirrors	List of Official Alpine Linux Mirrors	https://mirrors.alpinelinux.org/
kbd-bkeymaps	Binary keymaps for busybox	https://pkgs.alpinelinux.org/packages?name=kbd-bkeymaps
network-extras	Meta package to pull in vlan, bonding, bridge and wifi support	https://pkgs.alpinelinux.org/packages?name=network-extras
openssl	Toolkit for TLS	https://www.openssl.org/
tzdata	Timezone data	https://www.iana.org/time-zones

Code Analysis

Name	Description	URL
py3-pylint	Analyzes Python code looking for bugs and signs of poor quality	https://pypi.org/project/pylint/
flawfinder	Examines C/C++ source code for security flaws	https://www.dwheeler.com/flawfinder/
py3-pyflakes	A passive checker of Python programs	https://launchpad.net/pyflakes
strace	A useful diagnositic, instructional, and debugging tool	https://strace.io/
valgrind	A tool for finding memory-management problems	https://valgrind.org/

Forensics / Data recovery tools

Name	Description	URL
ddrescue	Data recovery tool for block devices with errors	https://www.gnu.org/s/ddrescue/ddrescue.html
testdisk	A powerful free data recovery software	https://www.cgsecurity.org/wiki/TestDisk
scrub	Disk scrubbing program	https://code.google.com/archive/p/diskscrub/
ncdu	A curses-based version of the well-known "du"	https://dev.yorhel.nl/ncdu
htop	An interactive process viewer for Linux	https://htop.dev/
wipe	Tool for securely erasing files from magnetic media	https://wipe.sourceforge.net/
jhead	An Exif jpeg header manipulation tool	https://www.sentex.net/~mwandel/jhead/

Reconnaissance

Name	Description	URL
arpon	ARP handler inspection	https://arpon.sourceforge.io/
dnsenum	A tool to enumerate DNS info about domains	https://github.com/fwaeytens/dnsenum
scanssh	Fast SSH server and open proxy scanner	https://monkey.org/~provos/scanssh/
ngrep	Network layer grep tool	https://github.com/jpr5/ngrep/
scapy	Interactive packet manipulation tool and network scanner	https://scapy.net/
socat	Bidirectional data relay between two data channels ('netcat++')	http://www.dest-unreach.org/socat/ 🔓
tcpdump	A network traffic monitoring tool	https://www.tcpdump.org/
tcpflow	A tool for monitoring, capturing and storing TCP connections flows	https://github.com/simsong/tcpflow
nmap	A network exploration tool and security/port scanner	https://nmap.org
arpwatch	An ethernet monitoring program	https://ee.lbl.gov/
p0f	Passive traffic fingerprinting tool	https://lcamtuf.coredump.cx/p0f3/
hping3	A ping-like TCP/IP packet assembler/analyzer	~~http://www.hping.org/~~ (Website down, alternates are: http://wiki.hping.org/ 🔓 and https://github.com/antirez/hping )
sslscan	fast SSL/TLS configuration scanner	https://github.com/rbsec/sslscan
httpry	A packet sniffer designed for HTTP traffic	https://dumpsterventures.com/jason/httpry
bannergrab	A banner grabbing tool	https://sourceforge.net/projects/bannergrab
dnstop	A DNS traffic capture utility	http://dns.measurement-factory.com/tools/dnstop/ 🔓
swaks	A transaction-oriented SMTP test tool	https://www.jetmore.org/john/code/swaks/
mitmproxy	An interactive SSL-capable intercepting HTTP proxy	https://www.mitmproxy.org/
hexinject	A very versatile packet injector and sniffer	https://hexinject.sourceforge.net/
openvas-scanner	Vulnerability scanner and manager	https://www.openvas.org/

Application Testing

Name	Description	URL
lynis	Security and system auditing tool	https://cisofy.com/lynis/
nikto	A web application security scanner	https://www.cirt.net/Nikto2
sqlmap	Automatic SQL injection and database takeover tool	https://sqlmap.org/
zaproxy	OWASP Zed Attack Proxy web app scanner	https://www.zaproxy.org/

Network statistics

Name	Description	URL
iperf	Tool to measure IP bandwidth using UDP or TCP	https://github.com/esnet/iperf
iptraf-ng	A console-based network monitoring utility	https://fedorahosted.org/iptraf-ng/
iftop	Command line tool that displays bandwidth usage on an interface	https://www.ex-parrot.com/~pdw/iftop/
fping	A utility to ping multiple hosts at once	https://fping.sourceforge.net/
mtr	Full screen ncurses traceroute tool	https://www.bitwizard.nl/mtr/
nfdump	The nfdump tools collect and process netflow data on the command line	https://github.com/phaag/nfdump
nethogs	Top-like monitor for network traffic	https://raboof.github.io/nethogs/
iptstate	Top-like interface to netfilter connection-tracking table	https://www.phildev.net/iptstate/

Misc tools

Name	Description	URL
bash-completion	Command-line tab-completion for bash	https://github.com/scop/bash-completion
clamav	An anti-virus toolkit for UNIX	https://www.clamav.net
7zip	A command-line port of the 7zip compression utility	https://7-zip.org/
nano	A simple ncurses text editor	https://www.nano-editor.org/
rsync	A file transfer program to keep remote files in sync	https://rsync.samba.org/
screen	A terminal multiplexer, used to multiplex several virtual consoles. Similar to "tmux" below	https://www.gnu.org/software/screen/
tmux	A terminal multiplexer, used to multiplex several virtual consoles. Similar to "screen" above	https://tmux.github.io/
multitail	A tool to view one or multiple files	https://www.vanheusden.com/multitail
e2fsprogs	Standard Ext2/3/4 filesystem utilities	https://e2fsprogs.sourceforge.net/
openssh	An open source implementation of SSH protocol versions 1 and 2	https://www.openssh.com/
partclone	Back up and restore used-blocks of a partition	https://partclone.org/
sshguard	Log monitor that blocks with iptables on bad behaviour	https://www.sshguard.net/
proxychains-ng	A tool that forces any TCP connection through proxies	https://github.com/rofl0r/proxychains-ng
knock	A simple port-knocking daemon	https://github.com/TDFKAOlli/knock
logcheck	A simple utility which is designed to allow a system administrator to view the logfiles	https://logcheck.org
mc	A visual file manager	https://midnight-commander.org/
makepasswd	Generates (pseudo-)random passwords of a desired length	https://www.defora.org/os/project/117/makepasswd
lnav	A curses-based tool for viewing and analyzing log files	https://lnav.org
goaccess	A real-time web log analyzer and interactive viewer	https://goaccess.io/

VoIP

Name	Description	URL
sipp	A test tool / traffic generator for the SIP protocol	https://sipp.sourceforge.net/
sipsak	SIP swiss army knife	https://github.com/nils-ohlmeier/sipsak

Wireless

Name	Description	URL
aircrack-ng	802.11 (wireless) sniffer and WEP/WPA-PSK key cracker	https://www.aircrack-ng.org/
kismet	A WLAN detector, sniffer, and IDS	https://www.kismetwireless.org/
reaver-wps-fork-t6x	WPS Password Cracker	https://github.com/t6x/reaver-wps-fork-t6x
wavemon	Ncurses-based monitoring application for wireless network devices	https://github.com/uoaerg/wavemon

Intrusion detection

Name	Description	URL
nebula	An Intrusion Signature Generator	https://github.com/slackhq/nebula
snort	A network intrusion prevention and detection system	https://www.snort.org/

@@ Line 1: / Line 1: @@
-{{Note|This is work in progress. Not all packages are available at the moment.}}
+{{obsolete|See notice on [[Alpine Security and Rescue]]}}
 == Basics ==
@@ Line 173: / Line 173: @@
 | {{pkg|hping3}}
 | A ping-like TCP/IP packet assembler/analyzer
-| http://www.hping.org/{{dead link}}
+| <p><s><nowiki>http://www.hping.org/</nowiki></s> <small>(Website down, alternates are: http://wiki.hping.org/{{insecure url|HTTPS connection refused}} and https://github.com/antirez/hping )</small></p>
 |-
 | {{pkg|sslscan}}
@@ Line 358: / Line 358: @@
 | {{pkg|mc}}
 | A visual file manager
-| https://www.midnight-commander.org/
+| https://midnight-commander.org/
 |-
 | {{pkg|makepasswd}}
@@ Line 456: / Line 456: @@
 [[Category:ISO]]
+[[Category:Security]]