Alpine security: Difference between revisions
m (→Misc tools: Removed obsolete, rescued dead link(s), reduced todo.) |
WhyNotHugo (talk | contribs) (Add "Category:Security") |
||
(14 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
{{ | {{obsolete|See notice on [[Alpine Security and Rescue]]}} | ||
== Basics == | == Basics == | ||
Line 17: | Line 17: | ||
| https://mirrors.alpinelinux.org/ | | https://mirrors.alpinelinux.org/ | ||
|- | |- | ||
| bkeymaps | | kbd-bkeymaps | ||
| Binary keymaps for busybox | | Binary keymaps for busybox | ||
| https:// | | https://pkgs.alpinelinux.org/packages?name=kbd-bkeymaps | ||
|- | |- | ||
| network-extras | | network-extras | ||
Line 25: | Line 25: | ||
| https://pkgs.alpinelinux.org/packages?name=network-extras | | https://pkgs.alpinelinux.org/packages?name=network-extras | ||
|- | |- | ||
| openssl | | {{pkg|openssl}} | ||
| Toolkit for TLS | | Toolkit for TLS | ||
| https://www.openssl.org/ | | https://www.openssl.org/ | ||
|- | |- | ||
| tzdata | | {{pkg|tzdata}} | ||
| Timezone data | | Timezone data | ||
| https://www.iana.org/time-zones | | https://www.iana.org/time-zones | ||
Line 42: | Line 42: | ||
! URL | ! URL | ||
|- | |- | ||
| | | {{pkg|py3-pylint}} | ||
| | |||
| Analyzes Python code looking for bugs and signs of poor quality | | Analyzes Python code looking for bugs and signs of poor quality | ||
| https://pypi.org/project/pylint/ | | https://pypi.org/project/pylint/ | ||
|- | |- | ||
| flawfinder | | {{pkg|flawfinder}} | ||
| Examines C/C++ source code for security flaws | | Examines C/C++ source code for security flaws | ||
| https://www.dwheeler.com/flawfinder/ | | https://www.dwheeler.com/flawfinder/ | ||
|- | |- | ||
| | | {{pkg|py3-pyflakes}} | ||
|- | |||
| A passive checker of Python programs | | A passive checker of Python programs | ||
| https://launchpad.net/pyflakes | | https://launchpad.net/pyflakes | ||
|- | |- | ||
| strace | | {{pkg|strace}} | ||
| A useful diagnositic, instructional, and debugging tool | | A useful diagnositic, instructional, and debugging tool | ||
| https://strace.io/ | | https://strace.io/ | ||
|- | |- | ||
| | | {{pkg|valgrind}} | ||
|} | |||
| A tool for finding memory-management problems | | A tool for finding memory-management problems | ||
| https://valgrind.org/ | | https://valgrind.org/ | ||
| | |} | ||
== Forensics / Data recovery tools == | == Forensics / Data recovery tools == | ||
Line 100: | Line 71: | ||
! URL | ! URL | ||
|- | |- | ||
| | | {{pkg|ddrescue}} | ||
| ddrescue | |||
| Data recovery tool for block devices with errors | | Data recovery tool for block devices with errors | ||
| https://www.gnu.org/s/ddrescue/ddrescue.html | | https://www.gnu.org/s/ddrescue/ddrescue.html | ||
|- | |- | ||
| testdisk | | {{pkg|testdisk}} | ||
| A powerful free data recovery software | | A powerful free data recovery software | ||
| https://www.cgsecurity.org/wiki/TestDisk | | https://www.cgsecurity.org/wiki/TestDisk | ||
|- | |- | ||
| scrub | | {{pkg|scrub}} | ||
| Disk scrubbing program | | Disk scrubbing program | ||
| https://code.google.com/archive/p/diskscrub/ | | https://code.google.com/archive/p/diskscrub/ | ||
|- | |- | ||
| ncdu | | {{pkg|ncdu}} | ||
| A curses-based version of the well-known "du" | | A curses-based version of the well-known "du" | ||
| https://dev.yorhel.nl/ncdu | | https://dev.yorhel.nl/ncdu | ||
|- | |- | ||
| htop | | {{pkg|htop}} | ||
| An interactive process viewer for Linux | | An interactive process viewer for Linux | ||
| https://htop.dev/ | | https://htop.dev/ | ||
|- | |- | ||
| | | {{pkg|wipe}} | ||
| wipe | |||
| Tool for securely erasing files from magnetic media | | Tool for securely erasing files from magnetic media | ||
| https:// | | https://wipe.sourceforge.net/ | ||
|- | |- | ||
| jhead | | {{pkg|jhead}} | ||
| An Exif jpeg header manipulation tool | | An Exif jpeg header manipulation tool | ||
| https://www.sentex.net/~mwandel/jhead/ | | https://www.sentex.net/~mwandel/jhead/ | ||
Line 145: | Line 104: | ||
|- | |- | ||
| aimage | | aimage | ||
| Advanced Disk Imager | | Advanced Disk Imager (part of krita now???) | ||
| https://www.afflib.org | | https://www.afflib.org | ||
|- | |- | ||
| fiwalk | | fiwalk (part of sleuthkit now???) | ||
| Batch analysis of a disk image | | Batch analysis of a disk image | ||
| https://www.afflib.org | | https://www.afflib.org | ||
* ntfs-3g - Linux NTFS userspace driver | * ntfs-3g - Linux NTFS userspace driver | ||
* sleuthkit - The Sleuth Kit (TSK) | * sleuthkit - The Sleuth Kit (TSK) | ||
chntpw | chntpw | ||
Hydra | Hydra | ||
volatility3 An advanced memory forensics framework https://github.com/volatilityfoundation/volatility3 | |||
pdfcrack A Password Recovery Tool for PDF files https://pdfcrack.sourceforge.net/ | pdfcrack A Password Recovery Tool for PDF files https://pdfcrack.sourceforge.net/ | ||
--> | --> | ||
Line 198: | Line 127: | ||
! URL | ! URL | ||
|- | |- | ||
| | | {{pkg|arpon}} | ||
| arpon | |||
| ARP handler inspection | | ARP handler inspection | ||
| https://arpon.sourceforge.io/ | | https://arpon.sourceforge.io/ | ||
|- | |- | ||
| dnsenum | | {{pkg|dnsenum}} | ||
| A tool to enumerate DNS info about domains | | A tool to enumerate DNS info about domains | ||
| https://github.com/fwaeytens/dnsenum | | https://github.com/fwaeytens/dnsenum | ||
|- | |- | ||
| | | {{pkg|scanssh}} | ||
| scanssh | |||
| Fast SSH server and open proxy scanner | | Fast SSH server and open proxy scanner | ||
| https://monkey.org/~provos/scanssh/ | | https://monkey.org/~provos/scanssh/ | ||
|- | |- | ||
| ngrep | | {{pkg|ngrep}} | ||
| Network layer grep tool | | Network layer grep tool | ||
| https://github.com/jpr5/ngrep/ | | https://github.com/jpr5/ngrep/ | ||
|- | |- | ||
| | | {{pkg|scapy}} | ||
| Interactive packet manipulation tool and network scanner | | Interactive packet manipulation tool and network scanner | ||
| https://scapy.net/ | | https://scapy.net/ | ||
|- | |- | ||
| socat | | {{pkg|socat}} | ||
| Bidirectional data relay between two data channels ('netcat++') | | Bidirectional data relay between two data channels ('netcat++') | ||
| <p>http://www.dest-unreach.org/socat/{{insecure url|Self-signed certificate on HTTPS}}</p> | | <p>http://www.dest-unreach.org/socat/{{insecure url|Self-signed certificate on HTTPS}}</p> | ||
|- | |- | ||
| tcpdump | | {{pkg|tcpdump}} | ||
| A network traffic monitoring tool | | A network traffic monitoring tool | ||
| https://www.tcpdump.org/ | | https://www.tcpdump.org/ | ||
|- | |- | ||
| | | {{pkg|tcpflow}} | ||
| A tool for monitoring, capturing and storing TCP connections flows | | A tool for monitoring, capturing and storing TCP connections flows | ||
| https://github.com/simsong/tcpflow | | https://github.com/simsong/tcpflow | ||
|- | |- | ||
| | | {{pkg|nmap}} | ||
| A network exploration tool and security/port scanner | | A network exploration tool and security/port scanner | ||
| https://nmap.org | | https://nmap.org | ||
|- | |- | ||
| arpwatch | | {{pkg|arpwatch}} | ||
| An ethernet monitoring program | | An ethernet monitoring program | ||
| https://ee.lbl.gov/ | | https://ee.lbl.gov/ | ||
|- | |- | ||
| | | {{pkg|p0f}} | ||
| p0f | |||
| Passive traffic fingerprinting tool | | Passive traffic fingerprinting tool | ||
| https://lcamtuf.coredump.cx/p0f3/ | | https://lcamtuf.coredump.cx/p0f3/ | ||
|- | |- | ||
| hping3 | | {{pkg|hping3}} | ||
| A ping-like TCP/IP packet assembler/analyzer | | A ping-like TCP/IP packet assembler/analyzer | ||
| <p>http://www.hping.org/{{insecure url| | | <p><s><nowiki>http://www.hping.org/</nowiki></s> <small>(Website down, alternates are: http://wiki.hping.org/{{insecure url|HTTPS connection refused}} and https://github.com/antirez/hping )</small></p> | ||
|- | |- | ||
| sslscan | | {{pkg|sslscan}} | ||
| | | fast SSL/TLS configuration scanner | ||
| https:// | | https://github.com/rbsec/sslscan | ||
|- | |- | ||
| httpry | | {{pkg|httpry}} | ||
| A packet sniffer designed for HTTP traffic | | A packet sniffer designed for HTTP traffic | ||
| https://dumpsterventures.com/jason/httpry | | https://dumpsterventures.com/jason/httpry | ||
|- | |- | ||
| bannergrab | | {{pkg|bannergrab}} | ||
| A banner grabbing tool | | A banner grabbing tool | ||
| https://sourceforge.net/projects/bannergrab | | https://sourceforge.net/projects/bannergrab | ||
|- | |- | ||
| dnstop | | {{pkg|dnstop}} | ||
| A DNS traffic capture utility | | A DNS traffic capture utility | ||
| <p>http://dns.measurement-factory.com/tools/dnstop/{{insecure url|Invalid certificate on HTTPS}}</p> | | <p>http://dns.measurement-factory.com/tools/dnstop/{{insecure url|Invalid certificate on HTTPS}}</p> | ||
|- | |- | ||
| | | {{pkg|swaks}} | ||
| swaks | |||
| A transaction-oriented SMTP test tool | | A transaction-oriented SMTP test tool | ||
| https://www.jetmore.org/john/code/swaks/ | | https://www.jetmore.org/john/code/swaks/ | ||
|- | |- | ||
| | | {{pkg|mitmproxy}} | ||
| An interactive SSL-capable intercepting HTTP proxy | | An interactive SSL-capable intercepting HTTP proxy | ||
| https://www.mitmproxy.org/ | | https://www.mitmproxy.org/ | ||
|- | |- | ||
| hexinject | | {{pkg|hexinject}} | ||
| A very versatile packet injector and sniffer | | A very versatile packet injector and sniffer | ||
| https://hexinject.sourceforge.net/ | | https://hexinject.sourceforge.net/ | ||
|- | |- | ||
| | | {{pkg|openvas-scanner}} | ||
| Vulnerability scanner and manager | | Vulnerability scanner and manager | ||
| https://www.openvas.org/ | | https://www.openvas.org/ | ||
|} | |} | ||
<!-- ToDo | <!-- ToDo | ||
dpkt | dpkt | ||
Line 333: | Line 214: | ||
https://code.google.com/p/dpkt/ | https://code.google.com/p/dpkt/ | ||
* nuttcp https://www.nuttcp.net | * nuttcp https://www.nuttcp.net | ||
* tcpdump -- A network traffic monitoring tool | * tcpdump -- A network traffic monitoring tool | ||
* tcpflow -- Network traffic recorder | * tcpflow -- Network traffic recorder | ||
* tcpreplay -- Replay captured network traffic | * tcpreplay -- Replay captured network traffic | ||
* tcptraceroute -- A traceroute implementation using TCP packets | * tcptraceroute -- A traceroute implementation using TCP packets | ||
* ettercap https://ettercap.sourceforge.net/ A network traffic sniffer/analyser | * ettercap https://ettercap.sourceforge.net/ A network traffic sniffer/analyser | ||
--> | --> | ||
Line 384: | Line 231: | ||
! URL | ! URL | ||
|- | |- | ||
| | | {{pkg|lynis}} | ||
| | | Security and system auditing tool | ||
| | | https://cisofy.com/lynis/ | ||
|- | |- | ||
| | | {{pkg|nikto}} | ||
| nikto | |||
| A web application security scanner | | A web application security scanner | ||
| https://www.cirt.net/Nikto2 | | https://www.cirt.net/Nikto2 | ||
|- | |||
| {{pkg|sqlmap}} | |||
| Automatic SQL injection and database takeover tool | |||
| https://sqlmap.org/ | |||
|- | |||
| {{pkg|zaproxy}} | |||
| OWASP Zed Attack Proxy web app scanner | |||
| https://www.zaproxy.org/ | |||
|} | |} | ||
== Network statistics == | == Network statistics == | ||
Line 438: | Line 255: | ||
! URL | ! URL | ||
|- | |- | ||
| iperf | | {{pkg|iperf}} | ||
| Tool to measure IP bandwidth using UDP or TCP | | Tool to measure IP bandwidth using UDP or TCP | ||
| https://github.com/esnet/iperf | | https://github.com/esnet/iperf | ||
|- | |- | ||
| iptraf-ng | | {{pkg|iptraf-ng}} | ||
| A console-based network monitoring utility | | A console-based network monitoring utility | ||
| https://fedorahosted.org/iptraf-ng/ | | https://fedorahosted.org/iptraf-ng/ | ||
|- | |- | ||
| | | {{pkg|iftop}} | ||
| Command line tool that displays bandwidth usage on an interface | | Command line tool that displays bandwidth usage on an interface | ||
| https://www.ex-parrot.com/~pdw/iftop/ | | https://www.ex-parrot.com/~pdw/iftop/ | ||
|- | |- | ||
| fping | | {{pkg|fping}} | ||
| A utility to ping multiple hosts at once | | A utility to ping multiple hosts at once | ||
| https://fping.sourceforge.net/ | | https://fping.sourceforge.net/ | ||
|- | |- | ||
| mtr | | {{pkg|mtr}} | ||
| Full screen ncurses traceroute tool | | Full screen ncurses traceroute tool | ||
| https://www.bitwizard.nl/mtr/ | | https://www.bitwizard.nl/mtr/ | ||
|- | |- | ||
| | | {{pkg|nfdump}} | ||
| nfdump | |||
| The nfdump tools collect and process netflow data on the command line | | The nfdump tools collect and process netflow data on the command line | ||
| https://github.com/phaag/nfdump | | https://github.com/phaag/nfdump | ||
|- | |- | ||
| nethogs | | {{pkg|nethogs}} | ||
| Top-like monitor for network traffic | | Top-like monitor for network traffic | ||
| https://raboof.github.io/nethogs/ | | https://raboof.github.io/nethogs/ | ||
|- | |- | ||
| iptstate | | {{pkg|iptstate}} | ||
| Top-like interface to netfilter connection-tracking table | | Top-like interface to netfilter connection-tracking table | ||
| https://www.phildev.net/iptstate/ | | https://www.phildev.net/iptstate/ | ||
|} | |} | ||
== Misc tools == | == Misc tools == | ||
Line 544: | Line 350: | ||
| {{pkg|knock}} | | {{pkg|knock}} | ||
| A simple port-knocking daemon | | A simple port-knocking daemon | ||
| https:// | | https://github.com/TDFKAOlli/knock | ||
|- | |- | ||
| {{pkg|logcheck}} | | {{pkg|logcheck}} | ||
| A simple utility which is designed to allow a system administrator to view the logfiles | | A simple utility which is designed to allow a system administrator to view the logfiles | ||
| https://logcheck.org | | https://logcheck.org | ||
|- | |- | ||
| {{pkg|mc}} | | {{pkg|mc}} | ||
| A visual file manager | | A visual file manager | ||
| https:// | | https://midnight-commander.org/ | ||
|- | |- | ||
| {{pkg|makepasswd}} | | {{pkg|makepasswd}} | ||
Line 650: | Line 456: | ||
[[Category:ISO]] | [[Category:ISO]] | ||
[[Category:Security]] |
Latest revision as of 08:53, 7 July 2024
This material is obsolete ... See notice on Alpine Security and Rescue (Discuss) |
Basics
Name | Description | URL |
---|---|---|
alpine-base | Alpine base package | https://pkgs.alpinelinux.org/packages?name=alpine-base |
alpine-mirrors | List of Official Alpine Linux Mirrors | https://mirrors.alpinelinux.org/ |
kbd-bkeymaps | Binary keymaps for busybox | https://pkgs.alpinelinux.org/packages?name=kbd-bkeymaps |
network-extras | Meta package to pull in vlan, bonding, bridge and wifi support | https://pkgs.alpinelinux.org/packages?name=network-extras |
openssl | Toolkit for TLS | https://www.openssl.org/ |
tzdata | Timezone data | https://www.iana.org/time-zones |
Code Analysis
Name | Description | URL |
---|---|---|
py3-pylint | Analyzes Python code looking for bugs and signs of poor quality | https://pypi.org/project/pylint/ |
flawfinder | Examines C/C++ source code for security flaws | https://www.dwheeler.com/flawfinder/ |
py3-pyflakes | A passive checker of Python programs | https://launchpad.net/pyflakes |
strace | A useful diagnositic, instructional, and debugging tool | https://strace.io/ |
valgrind | A tool for finding memory-management problems | https://valgrind.org/ |
Forensics / Data recovery tools
Name | Description | URL |
---|---|---|
ddrescue | Data recovery tool for block devices with errors | https://www.gnu.org/s/ddrescue/ddrescue.html |
testdisk | A powerful free data recovery software | https://www.cgsecurity.org/wiki/TestDisk |
scrub | Disk scrubbing program | https://code.google.com/archive/p/diskscrub/ |
ncdu | A curses-based version of the well-known "du" | https://dev.yorhel.nl/ncdu |
htop | An interactive process viewer for Linux | https://htop.dev/ |
wipe | Tool for securely erasing files from magnetic media | https://wipe.sourceforge.net/ |
jhead | An Exif jpeg header manipulation tool | https://www.sentex.net/~mwandel/jhead/ |
Reconnaissance
Name | Description | URL |
---|---|---|
arpon | ARP handler inspection | https://arpon.sourceforge.io/ |
dnsenum | A tool to enumerate DNS info about domains | https://github.com/fwaeytens/dnsenum |
scanssh | Fast SSH server and open proxy scanner | https://monkey.org/~provos/scanssh/ |
ngrep | Network layer grep tool | https://github.com/jpr5/ngrep/ |
scapy | Interactive packet manipulation tool and network scanner | https://scapy.net/ |
socat | Bidirectional data relay between two data channels ('netcat++') | |
tcpdump | A network traffic monitoring tool | https://www.tcpdump.org/ |
tcpflow | A tool for monitoring, capturing and storing TCP connections flows | https://github.com/simsong/tcpflow |
nmap | A network exploration tool and security/port scanner | https://nmap.org |
arpwatch | An ethernet monitoring program | https://ee.lbl.gov/ |
p0f | Passive traffic fingerprinting tool | https://lcamtuf.coredump.cx/p0f3/ |
hping3 | A ping-like TCP/IP packet assembler/analyzer |
|
sslscan | fast SSL/TLS configuration scanner | https://github.com/rbsec/sslscan |
httpry | A packet sniffer designed for HTTP traffic | https://dumpsterventures.com/jason/httpry |
bannergrab | A banner grabbing tool | https://sourceforge.net/projects/bannergrab |
dnstop | A DNS traffic capture utility | |
swaks | A transaction-oriented SMTP test tool | https://www.jetmore.org/john/code/swaks/ |
mitmproxy | An interactive SSL-capable intercepting HTTP proxy | https://www.mitmproxy.org/ |
hexinject | A very versatile packet injector and sniffer | https://hexinject.sourceforge.net/ |
openvas-scanner | Vulnerability scanner and manager | https://www.openvas.org/ |
Application Testing
Name | Description | URL |
---|---|---|
lynis | Security and system auditing tool | https://cisofy.com/lynis/ |
nikto | A web application security scanner | https://www.cirt.net/Nikto2 |
sqlmap | Automatic SQL injection and database takeover tool | https://sqlmap.org/ |
zaproxy | OWASP Zed Attack Proxy web app scanner | https://www.zaproxy.org/ |
Network statistics
Name | Description | URL |
---|---|---|
iperf | Tool to measure IP bandwidth using UDP or TCP | https://github.com/esnet/iperf |
iptraf-ng | A console-based network monitoring utility | https://fedorahosted.org/iptraf-ng/ |
iftop | Command line tool that displays bandwidth usage on an interface | https://www.ex-parrot.com/~pdw/iftop/ |
fping | A utility to ping multiple hosts at once | https://fping.sourceforge.net/ |
mtr | Full screen ncurses traceroute tool | https://www.bitwizard.nl/mtr/ |
nfdump | The nfdump tools collect and process netflow data on the command line | https://github.com/phaag/nfdump |
nethogs | Top-like monitor for network traffic | https://raboof.github.io/nethogs/ |
iptstate | Top-like interface to netfilter connection-tracking table | https://www.phildev.net/iptstate/ |
Misc tools
Name | Description | URL |
---|---|---|
bash-completion | Command-line tab-completion for bash | https://github.com/scop/bash-completion |
clamav | An anti-virus toolkit for UNIX | https://www.clamav.net |
7zip | A command-line port of the 7zip compression utility | https://7-zip.org/ |
nano | A simple ncurses text editor | https://www.nano-editor.org/ |
rsync | A file transfer program to keep remote files in sync | https://rsync.samba.org/ |
screen | A terminal multiplexer, used to multiplex several virtual consoles. Similar to "tmux" below | https://www.gnu.org/software/screen/ |
tmux | A terminal multiplexer, used to multiplex several virtual consoles. Similar to "screen" above | https://tmux.github.io/ |
multitail | A tool to view one or multiple files | https://www.vanheusden.com/multitail |
e2fsprogs | Standard Ext2/3/4 filesystem utilities | https://e2fsprogs.sourceforge.net/ |
openssh | An open source implementation of SSH protocol versions 1 and 2 | https://www.openssh.com/ |
partclone | Back up and restore used-blocks of a partition | https://partclone.org/ |
sshguard | Log monitor that blocks with iptables on bad behaviour | https://www.sshguard.net/ |
proxychains-ng | A tool that forces any TCP connection through proxies | https://github.com/rofl0r/proxychains-ng |
knock | A simple port-knocking daemon | https://github.com/TDFKAOlli/knock |
logcheck | A simple utility which is designed to allow a system administrator to view the logfiles | https://logcheck.org |
mc | A visual file manager | https://midnight-commander.org/ |
makepasswd | Generates (pseudo-)random passwords of a desired length | https://www.defora.org/os/project/117/makepasswd |
lnav | A curses-based tool for viewing and analyzing log files | https://lnav.org |
goaccess | A real-time web log analyzer and interactive viewer | https://goaccess.io/ |
VoIP
Name | Description | URL |
---|---|---|
sipp | A test tool / traffic generator for the SIP protocol | https://sipp.sourceforge.net/ |
sipsak | SIP swiss army knife | https://github.com/nils-ohlmeier/sipsak |
Wireless
Name | Description | URL |
---|---|---|
aircrack-ng | 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker | https://www.aircrack-ng.org/ |
kismet | A WLAN detector, sniffer, and IDS | https://www.kismetwireless.org/ |
reaver-wps-fork-t6x | WPS Password Cracker | https://github.com/t6x/reaver-wps-fork-t6x |
wavemon | Ncurses-based monitoring application for wireless network devices | https://github.com/uoaerg/wavemon |
Intrusion detection
Name | Description | URL |
---|---|---|
nebula | An Intrusion Signature Generator | https://github.com/slackhq/nebula |
snort | A network intrusion prevention and detection system | https://www.snort.org/ |