/* Security-related programs for which source may be found: These files are focused on some of the many forms in which security considerations of a system might be examined. Primary areas include: network forensic system password windows followed by a ``untested'' section for programs not yet built/installed/used Each program will be postfixed with a key to represent the os for which it was designed/built on. Operating system legend: g - Gentoo o - OpenBSD */ network: netcat - default everything {go} scanners: firewalk - active reconnaissance nsat {go} nmap - default scanner {go} thcrut - first wave scanner {go} amap - application mapper {go} paketto - suite of useful tools such as scanrand {g} scanssh - look for ssh hosts {g} nessus - vuln. scanner {g} sara - network security scanner {g} braa - mass snmp scanner {g} sniffers: dsniff - network password sniffer {go} ettercap - favorite sniffer {go} tcpdump - sniffer/traffic analyzer {go} ethereal - fancy analyzer/sniffer {go} tcpick - textmode sniffer {g} trafd - TCP/UDP traffic collection daemon {g} xprobe - active remote OS fingerprinting {go} tcpflow - record tcp data streams {go} tcpreen - tcp inline logging {go} angst - active sniffer {g} darkstat - network traffic analyzer/sniffer {go} aimsniff - capture aim sessions {g} IDS: snort - sniffer/ids {go} aide - advanced intrusion detection environment {g} prelude-nids - nids... {g} firestorm - nids {g} abuse: rain - mad packet generator {g} arpoison - arbitrary arp packet generator {g} hunt - nsat - intrude/watch/reset connections {g} visualizers: iftop - interface top {go} ntop - network top {go} iptstate - iptables `top' viewer {g} etherape - visual display of network traffic {go} vnstat - network traffic monitor {g} trafshow - traffic...show... {g} packet creation: ttcp - tcp/upd performance tester {go} hping - packet creator {go} gspoof - graphical packet builder {g} ipsorcery - generate TCP/UDP/ICMP/IGMP packets {g} scapy - packet manipulation {go} dns: bind-tools - basic dns tools (dig, nslookup) {g} dlint - dns zone analyzer {go} dnshijacker - sniff dns, spoof answers {g} dnsquery - graphical dns query tool {g} dnsreflector - listens for dns, responds pointing to localhost {o} dnstop - display dns traffic tables {g} dnstracer - find where a DNS server gets it's info from {go} drill - dig + dnssec {o} mfedit - edit dns master files {g} ndu - edit zoneinfo {g} zodiac - dns spoofer {g} trace: lft - layer four traceroute {g} tcptraceroute - probably what the name says {go} web-app scanners: arirang - webserver scanner {o} cgichk - webserver cgi scanner {o} nikto - live http auth. breaker {go} webscarab - proxy for website abuse {g} whisker - library for webserver scanning {o} wireless: aircrack - non-dictionary-based wep cracker {g} airsnort - wifi sniffer {g} airtraf - wifi sniffer - aironet? {g} ap-utils - how to make an access point {o} bitpim - cell phone forensics {g} bsd-airtools - as per name {o} kismet - wifi sniffer {go} wepattack - dictionary-based wep cracker {g} wepdecrypt - beefed up aircrack {g} wifiscanner - wifi...scanner... {g} other: arpd - claim leftover arp space on a lan {g} arpwatch - monitors arp changes {g} autossh - monitor/maintain ssh connections {o} chaosreader - trace TCP/UDP sessions and fetch application data {g} cryptcat - nc + encryption {g} despoof - command-line anti-spoofing detection utility echoping - test performance of a tcp service {o} firehol - iptables generator {g} httptunnel - send any traffic over http {o} iptraf - monitor network connections {g} isic - ip stack integrity checker {go} lingerd - properly tears down net connections {go} macchanger - reset mac address on ethX {g} ngrep - network grep {g} netdiscover - active/passive network reconnissance. {g} net-snmp - snmp management tools {g} onesixtyone - snmp scanner {o} p0f - passive OS detection {go} pmacct - passive network monitoring, account/aggregate traffic {g} portsentry - port scan detector {go} psad - port scanning attack detection daemon (conflicts with pscan) {g} raccess - attempts to hack..er...something {g} sing - send icmp nasty garbage {o} socat - netcat on steroids (ipv6 compat) {go} ssldump - inline ssl decryptor {go} tcptrace - TCP connection analysis tool {go} tor - anonymous router {go} dhcping - ping via dhcp {o} forensic: airt - forensic something?? {g} examiner - elf binary analyzer {g} foremost - data carver {g} mac-robber - collect MAC times from files {go} magicrescue - extracts known filetypes based on magic bytes {g} sleuthkit - tct+ {go} tct - forensic heaven {g} testdisk - undelete partitions {g} system: aescrypt - en/de-crypt w/aes {o} bastille - some sort of ``security hardening tool'' - requires psad {g} chkrootkit - checks...root...kits... {g} ctcs - stress-test systems {g} cops - system security checker {o} gdb - super debugger {go} gnupg - encrypts things {g} integrit - tripwire look-a-like {o} iogen - generate a bunch of i/o {o} lcap - linux kernel capability remover {g} logwatch - break logs into useful chunks {g} logrotate - automatically keep log files to a useful size {g} logsentry - monitor logs {o} lsat - linux security auditing system {g} memdump - memory dumper - network enabled {g} metasploit - exploit framework {g} nepenthes - some sort of malware detector {o} osiris - filesystem integrity checker {g} outguess - universal steg tool {o} petrovich - filesystem integrity checker {g} rec - reverse engineering compiler {g} rkhunter - hunts...root...kits... {g} sec - simple event correlator {g} strace - process syscall exploder {g} subterfugue - framework for messing with processes {g} sxid - monitor track g/uid changes from a cron job {g} tmpreaper - periodically cleans tmp based on file acces time {g} tmpwatch - periodically clean files based on access time {g} tripwire - filesystem integrity checker {g} usb-robot - usb reverse engineering {g} Password Cracking: authforce - http brute-forcer {g} bfbtester - brute force binary {o} cmospwd - cmos/bios password recovery {g} crack - sensible unix password cracker {o} hydra - password brute-forcer {go} johntheripper - password chewing {g} rainbowcrack - dictionary password attacks {g} Windows: chntpw - change nt passwords {g} nbaudit - netbios audit {g} nbtscan - netbios scanner {go} nmbscan - netbios scanner {g} regviewer - registry viewer... {g} untested: acid {g} argus - audit record generation utilzation system {g} arpstar - arp* - may or may not prevent arp attaks {g} arp-sk - swiss-army knife of arp {g} arpcatch {o} bigeye - honeypot emulator, ports held open, etc {g} ccrypt {o} cfs {o} cheops-ng - network swiss-army ``tool'' {g} cnet - needs elfutils vs. libelf {g} crank {o} crawl {o} cryptokit {o} ctrace {o} cutter - abort TCP connections {g} driftnet {g} egressor - client/server traffic filter testing {g} etherwake - send WOL packets {g} FWLOGwatch - packet filter/firewall/ids log analyzer {g} ffp {g} fprobe - collect/emit traffic {g} fragroute - intercept/modify/rewrite egress traffic {go} ftester - firewall tester {g} httping - simulate connecting to web servers {g} knocker - port knocking app {g} libnasl - nessus attack scripting language {g} linkchecker - check htmls for broken links {g} midas-nms - monitoring, intrusion detection, system administration {g} nagios - host/service/network monitoring {g} nast - network analyzer sniffer tool {g} nemesis - portable human-ip stack {go} netsed {g} netselect - ``ultrafast'' ping {g} netstrain {o} netwox - 212 random tools... {g} nload - console based traffic viewer {g} noarp - kernel module for controlling arps {g} nsat - network security analysis tool {g} packit - packet analysis + injection tool {g} passwdqc - pasword quality control {o} pcapmerge - merge/extract portions of pcap files {o} pfstat - show pf rule statistics {o} pftop - show pf most frequently hit rules {o} pingtunnel - route everything through icmp {g} pwgen - generate pronounceable passwords {g} rackview - install issues with sandbox {g} radiusniff {o} rdp - icmp route discovery protocol sniffer {o} scanlogd - detects/logs TCP port scans {g} sentinel {o} siphon - passive network mapping {go} sipsak - SIP swiss-army-knife {o} slurpie - password cracker {o} smbsniff - sniffer for lanman env. {o} smtpscan {o} smurflog - logs smurf attacks {o} snortsam - snort plugin for automatic IP blocking {g} sonar - note, segfaults vs. default iptables rules {g} sslsniffer - SSLv3/TLS and SSLv2 sniffer {o} sussen - 0.53 broken build {g} tcpblast - measure throughput of at tcp connection {o} tcpcat - cat over tcp {o} tcplist - list tcp connections to/from local machine {o} tcpreplay - replay saved dump files at arbitrary speeds {go} tcpshow {o} tcpxtract {g} tempset {o} udptunnel {o} vomit - voice over misconfigured internet telephones {o} xmlsec - sign/veryify/decrypt xml docs {o} to find: burneye burndump burninhell redfang