Alpine security: Difference between revisions
m (speedometer added) |
m (strace added) |
||
Line 68: | Line 68: | ||
| A passive checker of Python programs | | A passive checker of Python programs | ||
| https://launchpad.net/pyflakes | | https://launchpad.net/pyflakes | ||
|- | |||
| strace | |||
| A useful diagnositic, instructional, and debugging tool | |||
| http://sourceforge.net/projects/strace/ | |||
|} | |} | ||
Revision as of 09:03, 24 May 2012
Note: This is work in progress. Not all packages are available at the moment.
Alpine Security provides a toolset to work on security auditing, forensics, system rescue, and teaching security testing methodologies. With the simple python-based config-builder script this page can be transformed into a plaintext file for the usage with alpine-iso.
Basics
Name | Description | URL |
---|---|---|
alpine-base | Alpine base package | http://alpinelinux.org |
alpine-mirrors | List of Alpine Linux Mirrors | http://alpinelinux.org/ |
bkeymaps | Binary keymaps for busybox | http://dev.alpinelinux.org/alpine/bkeymaps |
network-extras | Meta package to pull in vlan, bonding, bridge and wifi support | http://alpinelinux.org |
openssl | Toolkit for SSL v2/v3 and TLS v1 | http://openssl.org |
tzdata | Timezone data | http://www.twinsun.com/tz/tz-link.htm |
Code Analysis
Name | Description | URL |
---|---|---|
rpmlint | A tool for checking common errors in RPM packages | http://rpmlint.zarb.org |
pylint | Analyzes Python code looking for bugs and signs of poor quality | http://pypi.python.org/pypi/pylint |
flawfinder | Examines C/C++ source code for security flaws | http://www.dwheeler.com/flawfinder/ |
rats | A tool to find security related programming errors | https://www.fortify.com/ssa-elements/threat-intelligence/rats.html |
pychecker | A analyser for python source code | http://pychecker.sourceforge.net/ |
pyflakes | A passive checker of Python programs | https://launchpad.net/pyflakes |
strace | A useful diagnositic, instructional, and debugging tool | http://sourceforge.net/projects/strace/ |
Forensics / Data recovery tools
Name | Description | URL |
---|---|---|
dc3dd | Patched version of GNU dd for use in computer forensics | http://dc3dd.sourceforge.net/ |
ddrescue | Data recovery tool for block devices with errors | http://www.gnu.org/s/ddrescue/ddrescue.html |
testdisk | A powerful free data recovery software | http://www.cgsecurity.org/wiki/TestDisk |
scrub | Disk scrubbing program | http://code.google.com/p/diskscrub/ |
ncdu | A curses-based version of the well-known "du" | http://dev.yorhel.nl/ncdu |
htop | An interactive process viewer for Linux | http://htop.sourceforge.net/ |
mac-robber | A tool that collects data from allocated files in a mounted file system | http://www.sleuthkit.org/mac-robber/desc.php |
wipe | Tool for securely erasing files from magnetic media | http://lambda-diode.com/software/wipe/ |
nwipe | Securely erase disks using a variety of recognized methods | http://nwipe.sourceforge.net |
jhead | An Exif jpeg header manipulation tool | http://www.sentex.net/~mwandel/jhead/ |
Reconnaissance
Name | Description | URL |
---|---|---|
arpalert | Monitor ARP changes in ethernet networks | http://www.arpalert.org |
arpon | ARP handler inspection | http://arpon.sourceforge.net/ |
dnsenum | A tool to enumerate DNS info about domains | http://code.google.com/p/dnsenum/ |
halberd | A tool to discover HTTP load balancers | http://halberd.superadditive.com/ |
scanssh | Fast SSH server and open proxy scanner | http://monkey.org/~provos/scanssh/ |
ngrep | Network layer grep tool | http://ngrep.sourceforge.net/ |
netsniff-ng | A performant Linux network analyzer and networking toolkit | http://netsniff-ng.org/ |
scapy | Interactive packet manipulation tool and network scanner | http://www.secdev.org/projects/scapy/ |
socat | Bidirectional data relay between two data channels ('netcat++') | http://www.dest-unreach.org/socat/ |
tcpdump | A network traffic monitoring tool | http://www.tcpdump.org/ |
tcptrack | Displays information about tcp connections on a network interface | http://www.rhythm.cx/~steve/devel/tcptrack/ |
tcpflow | A tool for monitoring, capturing and storing TCP connections flows | http://www.circlemud.org/~jelson/software/tcpflow/ |
tcpproxy | Transparent TCP Proxy | http://www.quietsche-entchen.de/cgi-bin/wiki.cgi/proxies/TcpProxy |
etherdump | An extremely small packet sniffer | http://freshmeat.net/projects/etherdump/ |
netdiscover | A network address discovering tool | http://sourceforge.net/projects/netdiscover/ |
arpwatch | An ethernet monitoring program | http://www-nrg.ee.lbl.gov/ |
nfswatch | An NFS traffic monitoring tool | http://nfswatch.sourceforge.net/ |
p0f | Passive traffic fingerprinting tool | http://lcamtuf.coredump.cx/p0f3/ |
Application Testing
Name | Description | URL |
---|---|---|
wbox | HTTP testing tool and configuration-less HTTP server | http://www.hping.org/wbox/ |
Network statistics
Name | Description | URL |
---|---|---|
iperf | Tool to measure IP bandwidth using UDP or TCP | http://iperf.sourceforge.net/ |
iptraf | A console-based network monitoring utility | http://iptraf.seul.org/ |
iptop | Command line tool that displays bandwidth usage on an interface | http://www.ex-parrot.com/~pdw/iftop/ |
fping | A utility to ping multiple hosts at once | http://fping.sourceforge.net/ |
mtr | Full screen ncurses traceroute tool | http://www.bitwizard.nl/mtr/ |
speedometer | Measure and display the rate of data across a network connection or data being stored in a file | http://excess.org/speedometer/ |
Misc tools
Name | Description | URL |
---|---|---|
bash-completion | Command-line tab-completion for bash | http://bash-completion.alioth.debian.org/ |
clamav | An anti-virus toolkit for UNIX | http://www.clamav.net |
p7zip | A command-line port of the 7zip compression utility | http://p7zip.sourceforge.net/ |
nano | A simple ncurses text editor | http://www.nano-editor.org/ |
rsync | A file transfer program to keep remote files in sync | http://rsync.samba.org/ |
screen | A window manager that multiplexes a physical terminal | http://www.gnu.org/software/screen/ |
multitail | A tool to view one or multiple files | http://www.vanheusden.com/multitail |
shed | A simple hex editor | http://shed.sourceforge.net/ |
e2fsprogs | Standard Ext2/3/4 filesystem utilities | http://e2fsprogs.sourceforge.net/ |
openssh | An open source implementation of SSH protocol versions 1 and 2 | http://www.openssh.org/ |
passwdgen | A random password generator | http://code.google.com/p/passwdgen/ |
partclone | Back up and restore used-blocks of a partition | http://partclone.org |
sshguard | Log monitor that blocks with iptables on bad behaviour | http://www.sshguard.net/download/ |
proxychains | A tool that forces any TCP connection through proxies | http://proxychains.sourceforge.net |
knock | A simple port-knocking daemon | http://www.zeroflux.org/projects/knock |
VoIP
Name | Description | URL |
---|---|---|
sipp | A test tool / traffic generator for the SIP protocol | http://sipp.sourceforge.net/ |
voiphopper | A VLAN Hop security test | http://voiphopper.sourceforge.net/ |
sipvicious | Tools for auditing SIP based VoIP systems | http://code.google.com/p/sipvicious/ |
sipcrack | A SIP protocol login cracker | http://packages.debian.org/lenny/sipcrack |
sipsak | SIP swiss army knife | http://sipsak.org/ |
smap | A simple scanner for SIP enabled devices | http://www.wormulon.net/smap |
Wireless
Name | Description | URL |
---|---|---|
weplab | Analyzing WEP encryption security on wireless networks | http://weplab.sourceforge.net/ |
kismet | A WLAN detector, sniffer, and IDS | http://www.kismetwireless.org/ |
cowpatty | Attacking WPA/WPA2-PSK exchanges | http://www.willhackforsushi.com/Cowpatty.html |
Intrusion detection
Name | Description | URL |
---|---|---|
nebula | An Intrusion Signature Generator | http://nebula.carnivore.it/ |
snort | A network intrusion prevention and detection system | http://www.snort.org/ |