Alpine security: Difference between revisions

From Alpine Linux
m (alpine-mirror)
m (note added)
Line 1: Line 1:
{{Note|This is work in progress. Not all packages are available at the moment}}
Alpine Security provides a toolset to work on security auditing, forensics, system rescue, and teaching security testing methodologies.
Alpine Security provides a toolset to work on security auditing, forensics, system rescue, and teaching security testing methodologies.



Revision as of 12:39, 25 July 2011

Note: This is work in progress. Not all packages are available at the moment


Alpine Security provides a toolset to work on security auditing, forensics, system rescue, and teaching security testing methodologies.

Basics

Name Description URL
alpine-base Alpine base package http://alpinelinux.org
alpine-mirrors List of Alpine Linux Mirrors http://alpinelinux.org/
bkeymaps Binary keymaps for busybox http://dev.alpinelinux.org/alpine/bkeymaps

Code Analysis

Name Description URL
rpmlint A tool for checking common errors in RPM packages http://rpmlint.zarb.org
splint An implementation of the lint program http://www.splint.org/
pylint Analyzes Python code looking for bugs and signs of poor quality http://pypi.python.org/pypi/pylint
flawfinder Examines C/C++ source code for security flaws http://www.dwheeler.com/flawfinder/
rats A tool to find security related programming errors https://www.fortify.com/ssa-elements/threat-intelligence/rats.html
valgrind A tool for finding memory-management problems http://valgrind.org/
  • pscan - Limited problem scanner for C source files

Forensics / Data recovery tools

Name Description URL
dc3dd Patched version of GNU dd for use in computer forensics http://dc3dd.sourceforge.net/
testdisk A powerful free data recovery software http://www.cgsecurity.org/wiki/TestDisk
scrub Disk scrubbing program http://code.google.com/p/diskscrub/
ncdu A curses-based version of the well-known "du" http://dev.yorhel.nl/ncdu
htop An interactive process viewer for Linux http://htop.sourceforge.net/
mac-robber A tool that collects data from allocated files in a mounted file system http://www.sleuthkit.org/mac-robber/desc.php
  • diskrescue GNU data recovery tool http://www.gnu.org/software/ddrescue/ddrescue.html
  • extcarve
  • safecopy A data recovery tool http://safecopy.sourceforge.net/
  • scalpel Fast file carver working on disk images http://www.digitalforensicssolutions.com/Scalpel/
  • afftools - Utilities for afflib http://afflib.org/
  • examiner - Utility to disassemble and comment foreign executable binaries
  • firstaidkit - System Rescue Tool
  • foremost - Recover files by "carving" them from a raw disk
  • hexedit - A hexadecimal file viewer and editor
  • ntfs-3g - Linux NTFS userspace driver
  • ntfsprogs - NTFS filesystem libraries and utilities
  • scanmem - Simple interactive debugging utility
  • sleuthkit - The Sleuth Kit (TSK)
  • srm - Secure file deletion
  • unhide - Tool to find hidden processes and TCP/UDP ports from rootkits

Reconnaissance

Name Description URL
arpon ARP handler inspection http://arpon.sourceforge.net/
dnsenum A tool to enumerate DNS info about domains http://code.google.com/p/dnsenum/
halberd A tool to discover HTTP load balancers http://halberd.superadditive.com/
scanssh Fast SSH server and open proxy scanner http://monkey.org/~provos/scanssh/
ngrep Network layer grep tool http://ngrep.sourceforge.net/
netsniff-ng A performant Linux network analyzer and networking toolkit http://netsniff-ng.org/
scapy Interactive packet manipulation tool and network scanner http://www.secdev.org/projects/scapy/
socat Bidirectional data relay between two data channels ('netcat++') http://www.dest-unreach.org/socat/
tcpdump A network traffic monitoring tool http://www.tcpdump.org/
tcptrack Displays information about tcp connections on a network interface http://www.rhythm.cx/~steve/devel/tcptrack/
tcpflow A tool for monitoring, capturing and storing TCP connections flows http://www.circlemud.org/~jelson/software/tcpflow/
tcpproxy Transparent TCP Proxy http://www.quietsche-entchen.de/cgi-bin/wiki.cgi/proxies/TcpProxy
etherdump An extremely small packet sniffer http://freshmeat.net/projects/etherdump/
netdiscover A network address discovering tool http://sourceforge.net/projects/netdiscover/
arpwatch An ethernet monitoring program http://www-nrg.ee.lbl.gov/

Web Application Testing

Misc tools

Name Description URL
iptraf A console-based network monitoring utility http://iptraf.seul.org/
iptop Command line tool that displays bandwidth usage on an interface http://www.ex-parrot.com/~pdw/iftop/
clamav An anti-virus toolkit for UNIX http://www.clamav.net
p7zip A command-line port of the 7zip compression utility http://p7zip.sourceforge.net/
nano A simple ncurses text editor http://www.nano-editor.org/
ethtool ... ...
fping A utility to ping multiple hosts at once http://fping.sourceforge.net/
rsync A file transfer program to keep remote files in sync http://rsync.samba.org/
screen A window manager that multiplexes a physical terminal http://www.gnu.org/software/screen/
multitail A tool to view one or multiple files http://www.vanheusden.com/multitail
shed A simple hex editor http://shed.sourceforge.net/
mtr Full screen ncurses traceroute tool http://www.bitwizard.nl/mtr/
e2fsprogs Standard Ext2/3/4 filesystem utilities http://e2fsprogs.sourceforge.net/
openssh An open source implementation of SSH protocol versions 1 and 2 http://www.openssh.org/

Wireless

Name Description URL
weplab Analyzing WEP encryption security on wireless networks http://weplab.sourceforge.net/
kismet A WLAN detector, sniffer, and IDS http://www.kismetwireless.org/

|- | wavemon | 0 | An ncurses-based monitoring application for wireless network devices. | http://eden-feed.erg.abdn.ac.uk/wavemon/

|- | aircrack-ng | 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker | http://www.aircrack-ng.org/

Intrusion detection

Name Description URL
nebula An Intrusion Signature Generator http://nebula.carnivore.it/
snort A network intrusion prevention and detection system http://www.snort.org/
  • aide - Intrusion detection environment
  • chkrootkit - Tool to locally check for signs of a rootkit
  • honeyd - Honeypot daemon
  • labrea - Tarpit (slow to a crawl) worms and port scanners
  • pads - Passive Asset Detection System
  • rkhunter - A host-based tool to scan for rootkits, backdoors and local exploits
  • tiger Security auditing on UNIX systems http://www.nongnu.org/tiger/
  • prelude-lml - The prelude log analyzer
  • prewikka - Graphical front-end analysis console for the Prelude Hybrid IDS * Framework
  • prelude-manager - Prelude-Manager