GHSWiki

Gothenburg Hackerspace Wiki

User Tools

Site Tools


projects:members:raccoon:linuxsec

This is an old revision of the document!


Linux Security Package List

This list was started as an collaborative effort to maintain an distribution-independent list of security related packages for Linux systems. The original list came from the Linux Alpine project.

Feel free to help out in any way possible.

tags: ,

Redistribution and meta-packaging

One of the goals is to offer meta-packages for popular Linux distributions.

Distribution Maintainer More information
Debian raccoon

Package listing

The following content needs review, quality assurance and appropiate weighting.

Note: This is work in progress. Not all packages are available at the moment.

Some stuff is may be obsolote and should be removed.

Basics

openssl Toolkit for SSL v2/v3 and TLS v1 http://openssl.org

Code Analysis

rpmlint A tool for checking common errors in RPM packages http://rpmlint.zarb.or
pylint Analyzes Python code looking for bugs and signs of poor quality http://pypi.python.org/pypi/pylin
flawfinder Examines C/C++ source code for security flaws http://www.dwheeler.com/flawfinder
rats A tool to find security related programming errors https://www.fortify.com/ssa-elements/threat-intelligence/rats.htm
pychecker A analyser for python source code http://pychecker.sourceforge.net
pyflakes A passive checker of Python programs https://launchpad.net/pyflake
strace A useful diagnositic, instructional, and debugging tool http://sourceforge.net/projects/strace
netsink A Network Sinkhole for Isolated Malware Analysis https://github.com/shendo/netsink

Other/unreviewed options

splint An implementation of the lint program
valgrind A tool for finding memory-management problems
pscan

Forensics / Data recovery tools

dc3dd Patched version of GNU dd for use in computer forensics http://dc3dd.sourceforge.net/
ddrescue Data recovery tool for block devices with errors http://www.gnu.org/s/ddrescue/ddrescue.html
testdisk A powerful free data recovery software http://www.cgsecurity.org/wiki/TestDisk
scrub Disk scrubbing program http://code.google.com/p/diskscrub/
ncdu A curses-based version of the well-known “du” http://dev.yorhel.nl/ncdu
htop An interactive process viewer for Linux http://htop.sourceforge.net/
mac-robber A tool that collects data from allocated files in a mounted file system http://www.sleuthkit.org/mac-robber/desc.php
wipe Tool for securely erasing files from magnetic media http://lambda-diode.com/software/wipe/
nwipe Securely erase disks using a variety of recognized methods http://nwipe.sourceforge.net
jhead An Exif jpeg header manipulation tool http://www.sentex.net/~mwandel/jhead/

Other/unreviewed options

aimage Advanced Disk Imager http://www.afflib.org
fiwalk Batch analysis of a disk image http://www.afflib.org
ftimes A system baselining and evidence collection too http://ftimes.sourceforge.net/FTimes/
cdpr Cisco Disovery Protocol (CDP) packet decoder http://sourceforge.net/projects/cdpr/
rarcrack Password cracker for rar archives http://rarcrack.sourceforge.net/
extcarve ext2/ext3/ext4 file recovery and semantic file carving tool https://github.com/Lakshmipathi/extcarve
safecopy A data recovery tool http://safecopy.sourceforge.net/
scalpel Fast file carver working on disk images http://www.digitalforensicssolutions.com/Scalpel/
afftools Utilities for afflib http://afflib.org/
examiner Utility to disassemble and comment foreign executable binaries
firstaidkit System Rescue Tool
foremost Recover files by “carving” them from a raw disk
hexedit A hexadecimal file viewer and editor
ntfs 3g Linux NTFS userspace driver
ntfsprogs NTFS filesystem libraries and utilities
scanmem Simple interactive debugging utility
sleuthkit The Sleuth Kit (TSK)
srm Secure file deletion
unhide Tool to find hidden processes and TCP/UDP ports from rootkits
chntpw NT SAM password recovery utility http://pogostick.net/~pnh/ntpasswd/
samdump2 http://sourceforge.net/projects/ophcrack/files/samdump2/2.0.1/
creddump http://code.google.com/p/creddump/
Hydra very fast network logon cracker http://freeworld.thc.org/thc-hydra/
Medusa fast, parallel, modular, login brute-forcer for services
volatility An advanced memory forensics framework http://code.google.com/p/volatility/
pdfcrack A Password Recovery Tool for PDF files http://pdfcrack.sourceforge.net/

http://code.google.com/p/logkeys/

Reconnaissance

arpalert Monitor ARP changes in ethernet networks http://www.arpalert.org
arpon ARP handler inspection http://arpon.sourceforge.net/
dnsenum A tool to enumerate DNS info about domains http://code.google.com/p/dnsenum/
halberd A tool to discover HTTP load balancers http://halberd.superadditive.com/
scanssh Fast SSH server and open proxy scanner http://monkey.org/~provos/scanssh/
ngrep Network layer grep tool http://ngrep.sourceforge.net/
netsniff-ng A performant Linux network analyzer and networking toolkit http://netsniff-ng.org/
scapy Interactive packet manipulation tool and network scanner http://www.secdev.org/projects/scapy/
socat Bidirectional data relay between two data channels ('netcat++') http://www.dest-unreach.org/socat/
tcpdump A network traffic monitoring tool http://www.tcpdump.org/
tcptrack Displays information about tcp connections on a network interface http://www.rhythm.cx/~steve/devel/tcptrack/
tcpflow A tool for monitoring, capturing and storing TCP connections flows http://www.circlemud.org/~jelson/software/tcpflow/
tcpproxy Transparent TCP Proxy http://www.quietsche-entchen.de/cgi-bin/wiki.cgi/proxies/TcpProxy
etherdump An extremely small packet sniffer http://freshmeat.net/projects/etherdump/
netdiscover A network address discovering tool http://sourceforge.net/projects/netdiscover/
nmap A network exploration tool and security/port scanner http://nmap.org
arpwatch An ethernet monitoring program http://www-nrg.ee.lbl.gov/
nfswatch An NFS traffic monitoring tool http://nfswatch.sourceforge.net/
p0f Passive traffic fingerprinting tool http://lcamtuf.coredump.cx/p0f3/
hping3 A ping-like TCP/IP packet assembler/analyzer http://www.hping.org
sslscan Security assessment tool for SSL https://www.titania-security.com/labs/sslscan
httpry A packet sniffer designed for HTTP traffic http://dumpsterventures.com/jason/httpry
bannergrab A banner grabbing tool http://sourceforge.net/projects/bannergrab
dnstop A DNS traffic capture utility http://dns.measurement-factory.com/tools/dnstop/
flunym0us A vulnerability scanner for wordpress and moodle http://code.google.com/p/flunym0us/
swaks A transaction-oriented SMTP test tool http://www.jetmore.org/john/code/swaks/
onesixtyone An efficient SNMP scanner http://www.phreedom.org/software/onesixtyone/

Other/unreviewed options

whatweb A website fingerprinter http://www.morningstarsecurity.com/research/whatweb
blindelephant A web application fingerprinter http://blindelephant.sourceforge.net/
dpkt python packet creation / parsing library http://code.google.com/p/dpkt/
ike-scan An IPsec VPN scanning, fingerprinting, and testing tool http://www.nta-monitor.com/tools/ike-scan/
nuttcp http://www.nuttcp.net
argus http://qosient.com/argus/
tcpick http://tcpick.sourceforge.net/
tcpreen A TCP/IP re-engineering and monitoring program
tcpdump A network traffic monitoring tool
tcpflow Network traffic recorder
tcpick A tcp stream sniffer, tracker and capturer
tcping Check of TCP connection to a given IP/Port
tcpjunk TCP protocols testing tool
tcpreplay Replay captured network traffic
tcptraceroute A traceroute implementation using TCP packets
tcptrack Displays information about tcp connections on a network interface
tcputils Utilities for TCP programming in shell-scripts
tcp_wrappers A security tool which acts as a wrapper for TCP daemons
tcpxtract Tool for extracting files from network traffic
ttcp A tool for testing TCP connections http://www.pcausa.com/Utilities/pcattcp.htm
unicornscan http://www.unicornscan.org/
dsniff Tools for network auditing and penetration testing
httpry http://dumpsterventures.com/jason/httpry/
justniffer
dietsniff
Nast http://nast.berlios.de/
brutessh http://www.edge-security.com/brutessh.php
ettercap A network traffic sniffer/analyser http://ettercap.sourceforge.net/
icmpshell A tool that only uses ICMP for connections http://icmpshell.sourceforge.net/
inguma Oracle penetration testing and vulnerability research toolkit http://inguma.sourceforge.net/
yapscan TCP Half-open port scanner / fast ICMP scanner (+limited UDP). http://code.google.com/p/yapscan/
egressor http://packetfactory.openwall.net/projects/egressor/
arpoc http://www.phenoelit.org/arpoc/index.html
loadbalancer-finder http://code.google.com/p/loadbalancer-finder/
Wireplay Replay pcap dumped TCP sessions with modification as required. http://code.google.com/p/wireplay/

Application Testing

wbox HTTP testing tool and configuration-less HTTP server http://www.hping.org/wbox/
slowhttptest An application Layer DoS attack simulator http://code.google.com/p/slowhttptest
arachni Web application security scanner framework http://arachni-scanner.com/
wpscan A vulnerability scanner for WordPress installations http://wpscan.org/
lynis Security and system auditing tool to harden Linux systems http://www.rootkit.nl/projects/lynis.html
wapiti http://www.ict-romulus.eu/web/wapiti/home
proxystrike http://www.edge-security.com/proxystrike.php
sqlmap http://sqlmap.sourceforge.net/
ratproxy A passive web application security assessment tool
sqlninja
fimap A little tool for local and remote file inclusion auditing and exploitation http://code.google.com/p/fimap/
burpproxy
mysqlenum An automatic blind SQL injection tool
mole http://themole.nasel.com.ar
patator A multi-purpose brute-forcer, with a modular design and a flexible usage http://code.google.com/p/patator/
slowhttptest An application Layer DoS attack simulator http://code.google.com/p/slowhttptest/
BeEF http://beefproject.com/
http://motomastyle.com/pyloris/
http://www.buck-security.org/buck-security.html
http://freecode.com/projects/trusion
http://www.parosproxy.org/
http://code.google.com/p/zaproxy/
http://code.google.com/p/webapptools/
http://code.google.com/p/ghost-phisher/
http://code.google.com/p/fern-wifi-cracker/
http://code.google.com/p/intrinsec-xmlrpc-scanner/
http://code.google.com/p/gsploit/

Network statistics

iperf Tool to measure IP bandwidth using UDP or TCP http://iperf.sourceforge.net/
iptraf-ng A console-based network monitoring utility https://fedorahosted.org/iptraf-ng/
iptop Command line tool that displays bandwidth usage on an interface http://www.ex-parrot.com/~pdw/iftop/
fping A utility to ping multiple hosts at once http://fping.sourceforge.net/
mtr Full screen ncurses traceroute tool http://www.bitwizard.nl/mtr/
speedometer Measure and display the rate of data from network or file contents http://excess.org/speedometer/
nfdump The nfdump tools collect and process netflow data on the command line http://nfdump.sourceforge.net/
nethogs Top-like monitor for network traffic http://nethogs.sourceforge.net
iptstate Top-like interface to netfilter connection-tracking table http://www.phildev.net/iptstate/
EthStatus
nttcp
netio http://www.ars.de/ars/ars.nsf/docs/netio

Misc tools

bash-completion Command-line tab-completion for bash http://bash-completion.alioth.debian.org/
clamav An anti-virus toolkit for UNIX http://www.clamav.net
p7zip A command-line port of the 7zip compression utility http://p7zip.sourceforge.net/
nano A simple ncurses text editor http://www.nano-editor.org/
rsync A file transfer program to keep remote files in sync http://rsync.samba.org/
screen A window manager that multiplexes a physical terminal http://www.gnu.org/software/screen/
multitail A tool to view one or multiple files http://www.vanheusden.com/multitail
shed A simple hex editor http://shed.sourceforge.net/
e2fsprogs Standard Ext2/3/4 filesystem utilities http://e2fsprogs.sourceforge.net/
openssh An open source implementation of SSH protocol versions 1 and 2 http://www.openssh.org/
passwdgen A random password generator http://code.google.com/p/passwdgen/
partclone Back up and restore used-blocks of a partition http://partclone.org
sshguard Log monitor that blocks with iptables on bad behaviour http://www.sshguard.net/download/
proxychains A tool that forces any TCP connection through proxies http://proxychains.sourceforge.net
knock A simple port-knocking daemon http://www.zeroflux.org/projects/knock
logcheck Simple system administrator logfile viewer http://www.logcheck.org
mc A visual file manager https://www.midnight-commander.org/
makepasswd Generates (pseudo-)random passwords of a desired length http://people.defora.org/~khorben/projects/makepasswd/
lnav A curses-based tool for viewing and analyzing log files http://lnav.org
goaccess A real-time web log analyzer and interactive viewer http://goaccess.prosoftcorp.com/
macchanger An utility for viewing/manipulating the MAC address of network interfaces http://www.alobbs.com/macchanger
denyhosts A script to help thwart ssh server attacks http://denyhosts.sourceforge.net/
fwknop A cobination of port knocking and passive OS fingerprinting http://www.cipherdyne.org/fwknop/
chkrootkit
bonesi http://code.google.com/p/bonesi/

VoIP

sipp A test tool / traffic generator for the SIP protocol http://sipp.sourceforge.net/
voiphopper A VLAN Hop security test http://voiphopper.sourceforge.net/
sipvicious Tools for auditing SIP based VoIP systems http://code.google.com/p/sipvicious/
sipcrack A SIP protocol login cracker http://packages.debian.org/lenny/sipcrack
sipsak SIP swiss army knife http://sipsak.org/
smap A simple scanner for SIP enabled devices http://www.wormulon.net/smap
oreka An audio stream recording and retrieval system http://oreka.sourceforge.net/
sipflanker Finder for vulnerable Web GUIs deployed by IP phones and PBXs http://code.google.com/p/sipflanker/
ucsniff A VoIP and IP video security assessment tool http://ucsniff.sourceforge.net/
videosharf

Wireless

weplab Analyzing WEP encryption security on wireless networks http://weplab.sourceforge.net/
kismet A WLAN detector, sniffer, and IDS http://www.kismetwireless.org/
cowpatty Attacking WPA/WPA2-PSK exchanges http://www.willhackforsushi.com/Cowpatty.html
wavemon Ncurses-based monitoring application for wireless network devices http://eden-feed.erg.abdn.ac.uk/wavemon/
aircrack-ng 802.11 (wireless) sniffer and WEP/WPA-PSK key cracker http://www.aircrack-ng.org/
pgpry PGP private key recovery http://pgpry.sourceforge.net/
airsnarf A rogue AP setup utility http://airsnarf.shmoo.com/
lorcon A library for injecting 802.11 (WLAN) frames http://802.11ninja.net/lorcon/
quickset A suite of tools designed to setup the basics for a PenTest http://code.google.com/p/quickset/
wifite An automated wireless auditor http://code.google.com/p/wifite/
reaver Brute force attack against Wifi Protected Setup http://code.google.com/p/reaver-wps/

Intrusion detection

nebula An Intrusion Signature Generator http://nebula.carnivore.it/
snort A network intrusion prevention and detection system http://www.snort.org/

Other/unreviewed options

aide Intrusion detection environment
chkrootkit Tool to locally check for signs of a rootkit
honeyd Honeypot daemon
labrea Tarpit (slow to a crawl) worms and port scanners
pads Passive Asset Detection System
rkhunter A host-based tool to scan for rootkits, backdoors and local exploits
tiger Security auditing on UNIX systems http://www.nongnu.org/tiger/
prelude-lml The prelude log analyzer
prewikka Graphical front-end analysis console for the Prelude Hybrid IDS * Framework
prelude-manager Prelude-Manager
nemesis A TCP/IP packet injection tool http://nemesis.sourceforge.net/
inundator An IDS detection false positives generator http://inundator.sourceforge.net/

More tools

You could leave a comment if you were logged in.
projects/members/raccoon/linuxsec.1392850327.txt.gz · Last modified: 2014/02/19 23:52 by raccoon