Alpine security

From Alpine Linux
Revision as of 09:40, 24 May 2012 by Fab (talk | contribs) (Reconnaissance)
Jump to: navigation, search
Note: This is work in progress. Not all packages are available at the moment.

Alpine Security provides a toolset to work on security auditing, forensics, system rescue, and teaching security testing methodologies. The tool list contains packages for code analysis, forensics and data recovery, reconnaissance, network statistics, VoIP, wireless lan, and IDS.

The target is not to start a competition with the Fedora Security Lab or Backtrack. But rather make it easy to use the particular tools with Alpine Linux in a small, non GUI, and busybox-based system.

With the simple python-based config-builder script this page can be transformed into a plaintext file for the usage with alpine-iso.


Name Description URL
alpine-base Alpine base package
alpine-mirrors List of Alpine Linux Mirrors
bkeymaps Binary keymaps for busybox
network-extras Meta package to pull in vlan, bonding, bridge and wifi support
openssl Toolkit for SSL v2/v3 and TLS v1
tzdata Timezone data

Code Analysis

Name Description URL
rpmlint A tool for checking common errors in RPM packages
pylint Analyzes Python code looking for bugs and signs of poor quality
flawfinder Examines C/C++ source code for security flaws
rats A tool to find security related programming errors
pychecker A analyser for python source code
pyflakes A passive checker of Python programs
strace A useful diagnositic, instructional, and debugging tool

Forensics / Data recovery tools

Name Description URL
dc3dd Patched version of GNU dd for use in computer forensics
ddrescue Data recovery tool for block devices with errors
testdisk A powerful free data recovery software
scrub Disk scrubbing program
ncdu A curses-based version of the well-known "du"
htop An interactive process viewer for Linux
mac-robber A tool that collects data from allocated files in a mounted file system
wipe Tool for securely erasing files from magnetic media
nwipe Securely erase disks using a variety of recognized methods
jhead An Exif jpeg header manipulation tool


Name Description URL
arpalert Monitor ARP changes in ethernet networks
arpon ARP handler inspection
dnsenum A tool to enumerate DNS info about domains
halberd A tool to discover HTTP load balancers
scanssh Fast SSH server and open proxy scanner
ngrep Network layer grep tool
netsniff-ng A performant Linux network analyzer and networking toolkit
scapy Interactive packet manipulation tool and network scanner
socat Bidirectional data relay between two data channels ('netcat++')
tcpdump A network traffic monitoring tool
tcptrack Displays information about tcp connections on a network interface
tcpflow A tool for monitoring, capturing and storing TCP connections flows
tcpproxy Transparent TCP Proxy
etherdump An extremely small packet sniffer
netdiscover A network address discovering tool
nmap A network exploration tool and security/port scanner http:/
arpwatch An ethernet monitoring program
nfswatch An NFS traffic monitoring tool
p0f Passive traffic fingerprinting tool

Application Testing

Name Description URL
wbox HTTP testing tool and configuration-less HTTP server

Network statistics

Name Description URL
iperf Tool to measure IP bandwidth using UDP or TCP
iptraf A console-based network monitoring utility
iptop Command line tool that displays bandwidth usage on an interface
fping A utility to ping multiple hosts at once
mtr Full screen ncurses traceroute tool
speedometer Measure and display the rate of data across a network connection or data being stored in a file
nfdump The nfdump tools collect and process netflow data on the command line

Misc tools

Name Description URL
bash-completion Command-line tab-completion for bash
clamav An anti-virus toolkit for UNIX
p7zip A command-line port of the 7zip compression utility
nano A simple ncurses text editor
rsync A file transfer program to keep remote files in sync
screen A window manager that multiplexes a physical terminal
multitail A tool to view one or multiple files
shed A simple hex editor
e2fsprogs Standard Ext2/3/4 filesystem utilities
openssh An open source implementation of SSH protocol versions 1 and 2
passwdgen A random password generator
partclone Back up and restore used-blocks of a partition
sshguard Log monitor that blocks with iptables on bad behaviour
proxychains A tool that forces any TCP connection through proxies
knock A simple port-knocking daemon


Name Description URL
sipp A test tool / traffic generator for the SIP protocol
voiphopper A VLAN Hop security test
sipvicious Tools for auditing SIP based VoIP systems
sipcrack A SIP protocol login cracker
sipsak SIP swiss army knife
smap A simple scanner for SIP enabled devices


Name Description URL
weplab Analyzing WEP encryption security on wireless networks
kismet A WLAN detector, sniffer, and IDS
cowpatty Attacking WPA/WPA2-PSK exchanges

Intrusion detection

Name Description URL
nebula An Intrusion Signature Generator
snort A network intrusion prevention and detection system