Alpine security: Difference between revisions

From Alpine Linux
(tag explicitly as draft)
(Add "Category:Security")
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Draft|This is work in progress. Not all packages are available at the moment. Some packages (eg. bash-completion) have nothing to do with security!}}
{{obsolete|See notice on [[Alpine Security and Rescue]]}}


== Basics ==
== Basics ==
Line 358: Line 358:
| {{pkg|mc}}
| {{pkg|mc}}
| A visual file manager
| A visual file manager
| https://www.midnight-commander.org/
| https://midnight-commander.org/
|-
|-
| {{pkg|makepasswd}}
| {{pkg|makepasswd}}
Line 456: Line 456:


[[Category:ISO]]
[[Category:ISO]]
[[Category:Security]]

Latest revision as of 08:53, 7 July 2024

This material is obsolete ...

See notice on Alpine Security and Rescue (Discuss)

Basics

Name Description URL
alpine-base Alpine base package https://pkgs.alpinelinux.org/packages?name=alpine-base
alpine-mirrors List of Official Alpine Linux Mirrors https://mirrors.alpinelinux.org/
kbd-bkeymaps Binary keymaps for busybox https://pkgs.alpinelinux.org/packages?name=kbd-bkeymaps
network-extras Meta package to pull in vlan, bonding, bridge and wifi support https://pkgs.alpinelinux.org/packages?name=network-extras
openssl Toolkit for TLS https://www.openssl.org/
tzdata Timezone data https://www.iana.org/time-zones

Code Analysis

Name Description URL
py3-pylint Analyzes Python code looking for bugs and signs of poor quality https://pypi.org/project/pylint/
flawfinder Examines C/C++ source code for security flaws https://www.dwheeler.com/flawfinder/
py3-pyflakes A passive checker of Python programs https://launchpad.net/pyflakes
strace A useful diagnositic, instructional, and debugging tool https://strace.io/
valgrind A tool for finding memory-management problems https://valgrind.org/

Forensics / Data recovery tools

Name Description URL
ddrescue Data recovery tool for block devices with errors https://www.gnu.org/s/ddrescue/ddrescue.html
testdisk A powerful free data recovery software https://www.cgsecurity.org/wiki/TestDisk
scrub Disk scrubbing program https://code.google.com/archive/p/diskscrub/
ncdu A curses-based version of the well-known "du" https://dev.yorhel.nl/ncdu
htop An interactive process viewer for Linux https://htop.dev/
wipe Tool for securely erasing files from magnetic media https://wipe.sourceforge.net/
jhead An Exif jpeg header manipulation tool https://www.sentex.net/~mwandel/jhead/


Reconnaissance

Name Description URL
arpon ARP handler inspection https://arpon.sourceforge.io/
dnsenum A tool to enumerate DNS info about domains https://github.com/fwaeytens/dnsenum
scanssh Fast SSH server and open proxy scanner https://monkey.org/~provos/scanssh/
ngrep Network layer grep tool https://github.com/jpr5/ngrep/
scapy Interactive packet manipulation tool and network scanner https://scapy.net/
socat Bidirectional data relay between two data channels ('netcat++')

http://www.dest-unreach.org/socat/ 🔓

tcpdump A network traffic monitoring tool https://www.tcpdump.org/
tcpflow A tool for monitoring, capturing and storing TCP connections flows https://github.com/simsong/tcpflow
nmap A network exploration tool and security/port scanner https://nmap.org
arpwatch An ethernet monitoring program https://ee.lbl.gov/
p0f Passive traffic fingerprinting tool https://lcamtuf.coredump.cx/p0f3/
hping3 A ping-like TCP/IP packet assembler/analyzer

http://www.hping.org/ (Website down, alternates are: http://wiki.hping.org/ 🔓 and https://github.com/antirez/hping )

sslscan fast SSL/TLS configuration scanner https://github.com/rbsec/sslscan
httpry A packet sniffer designed for HTTP traffic https://dumpsterventures.com/jason/httpry
bannergrab A banner grabbing tool https://sourceforge.net/projects/bannergrab
dnstop A DNS traffic capture utility

http://dns.measurement-factory.com/tools/dnstop/ 🔓

swaks A transaction-oriented SMTP test tool https://www.jetmore.org/john/code/swaks/
mitmproxy An interactive SSL-capable intercepting HTTP proxy https://www.mitmproxy.org/
hexinject A very versatile packet injector and sniffer https://hexinject.sourceforge.net/
openvas-scanner Vulnerability scanner and manager https://www.openvas.org/


Application Testing

Name Description URL
lynis Security and system auditing tool https://cisofy.com/lynis/
nikto A web application security scanner https://www.cirt.net/Nikto2
sqlmap Automatic SQL injection and database takeover tool https://sqlmap.org/
zaproxy OWASP Zed Attack Proxy web app scanner https://www.zaproxy.org/

Network statistics

Name Description URL
iperf Tool to measure IP bandwidth using UDP or TCP https://github.com/esnet/iperf
iptraf-ng A console-based network monitoring utility https://fedorahosted.org/iptraf-ng/
iftop Command line tool that displays bandwidth usage on an interface https://www.ex-parrot.com/~pdw/iftop/
fping A utility to ping multiple hosts at once https://fping.sourceforge.net/
mtr Full screen ncurses traceroute tool https://www.bitwizard.nl/mtr/
nfdump The nfdump tools collect and process netflow data on the command line https://github.com/phaag/nfdump
nethogs Top-like monitor for network traffic https://raboof.github.io/nethogs/
iptstate Top-like interface to netfilter connection-tracking table https://www.phildev.net/iptstate/

Misc tools

Name Description URL
bash-completion Command-line tab-completion for bash https://github.com/scop/bash-completion
clamav An anti-virus toolkit for UNIX https://www.clamav.net
7zip A command-line port of the 7zip compression utility https://7-zip.org/
nano A simple ncurses text editor https://www.nano-editor.org/
rsync A file transfer program to keep remote files in sync https://rsync.samba.org/
screen A terminal multiplexer, used to multiplex several virtual consoles. Similar to "tmux" below https://www.gnu.org/software/screen/
tmux A terminal multiplexer, used to multiplex several virtual consoles. Similar to "screen" above https://tmux.github.io/
multitail A tool to view one or multiple files https://www.vanheusden.com/multitail
e2fsprogs Standard Ext2/3/4 filesystem utilities https://e2fsprogs.sourceforge.net/
openssh An open source implementation of SSH protocol versions 1 and 2 https://www.openssh.com/
partclone Back up and restore used-blocks of a partition https://partclone.org/
sshguard Log monitor that blocks with iptables on bad behaviour https://www.sshguard.net/
proxychains-ng A tool that forces any TCP connection through proxies https://github.com/rofl0r/proxychains-ng
knock A simple port-knocking daemon https://github.com/TDFKAOlli/knock
logcheck A simple utility which is designed to allow a system administrator to view the logfiles https://logcheck.org
mc A visual file manager https://midnight-commander.org/
makepasswd Generates (pseudo-)random passwords of a desired length https://www.defora.org/os/project/117/makepasswd
lnav A curses-based tool for viewing and analyzing log files https://lnav.org
goaccess A real-time web log analyzer and interactive viewer https://goaccess.io/


VoIP

Name Description URL
sipp A test tool / traffic generator for the SIP protocol https://sipp.sourceforge.net/
sipsak SIP swiss army knife https://github.com/nils-ohlmeier/sipsak

Wireless

Name Description URL
aircrack-ng 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker https://www.aircrack-ng.org/
kismet A WLAN detector, sniffer, and IDS https://www.kismetwireless.org/
reaver-wps-fork-t6x WPS Password Cracker https://github.com/t6x/reaver-wps-fork-t6x
wavemon Ncurses-based monitoring application for wireless network devices https://github.com/uoaerg/wavemon

Intrusion detection

Name Description URL
nebula An Intrusion Signature Generator https://github.com/slackhq/nebula
snort A network intrusion prevention and detection system https://www.snort.org/