Security packages: Difference between revisions
Jump to navigation
Jump to search
Content deleted Content added
mNo edit summary |
mNo edit summary |
||
| Line 1: | Line 1: | ||
Here is a list of security-related packages available in Debian-alike distros. |
Here is a list of security-related packages available in Debian-alike distros. |
||
<br>My setup is made of a basis of [[LMDE]] with [[LMDE#Add_Debian_repositories|Debian]] and [[Kali#Add_Kali_repositories_to_LMDE|Kali]] pinned repositories. |
<br>My setup is made of a basis of [[LMDE]] with [[LMDE#Add_Debian_repositories|Debian]] and [[Kali#Add_Kali_repositories_to_LMDE|Kali]] pinned repositories. |
||
== |
==network== |
||
<pre> |
|||
arping - sends IP and/or ARP pings (to the MAC address) |
|||
dsniff - Various tools to sniff network traffic for cleartext insecurities |
|||
etherwake - tool to send magic Wake-on-LAN packets |
|||
iodine - tool for tunneling IPv4 data through a DNS server |
|||
kismet - wireless sniffer and monitor - core |
|||
kismet-plugins - wireless sniffer and monitor - plugins |
|||
ndisc6 - IPv6 diagnostic tools |
|||
netcat - TCP/IP swiss army knife -- transitional package |
|||
netsniff-ng - packet sniffing beast |
|||
nmap - The Network Mapper |
|||
socat - multipurpose relay for bidirectional data transfer |
|||
sshfs - filesystem client based on SSH File Transfer Protocol |
|||
themole - automatic SQL injection exploitation tool |
|||
</pre> |
|||
==forensics== |
|||
<pre> |
|||
autopsy - graphical interface to SleuthKit |
|||
chkrootkit - rootkit detector |
|||
cruft - program that finds any cruft built up on your system |
|||
dc3dd - patched version of GNU dd with forensic features |
|||
dcfldd - enhanced version of dd for forensics and security |
|||
ext4magic - recover deleted files from ext3 or ext4 partitions |
|||
foremost - forensic program to recover lost files |
|||
gpart - Guess PC disk partition table, find lost partitions |
|||
logkeys - keylogger for GNU/Linux systems |
|||
mac-robber - collects data about allocated files in mounted filesystems |
|||
memdump - utility to dump memory contents to standard output |
|||
pdfresurrect - tool for extracting/scrubbing versioning data from PDF documents |
|||
recover - Undelete files on ext2 partitions |
|||
recoverdm - recover files/disks with damaged sectors |
|||
recoverjpeg - tool to recover JPEG images from a filesystem image |
|||
rkhunter - rootkit, backdoor, sniffer and exploit scanner |
|||
tiger - Report system security vulnerabilities |
|||
unhide.rb - Forensic tool to find processes hidden by rootkits |
|||
vinetto - A forensics tool to examine Thumbs.db files |
|||
wipe - Secure file deletion |
|||
vbindiff - visual binary diff, visually compare binary files |
|||
</pre> |
|||
==stegano== |
|||
<pre> |
|||
outguess - Universal Steganographic tool |
|||
steghide - A steganography hiding tool |
|||
</pre> |
|||
==crypto== |
|||
<pre> |
|||
fcrackzip - password cracker for zip archives |
|||
john - active password cracking tool |
|||
password-gorilla - cross-platform password manager |
|||
pdfcrack - PDF files password cracker |
|||
ssss - Shamir's secret sharing scheme implementation |
|||
rotix - A program to generate rotational obfuscations |
|||
</pre> |
|||
==reverse-engineering== |
|||
<pre> |
|||
flasm - assembler and disassembler for Flash (SWF) bytecode |
|||
</pre> |
|||
==coding== |
|||
<pre> |
|||
ckport - portability analysis and security checking tool |
|||
cppcheck - tool for static C/C++ code analysis |
|||
flawfinder - examines source code and looks for security weaknesses |
|||
pychecker - tool to find common bugs in Python source code |
|||
pylint - python code static checker and UML diagram generator |
|||
</pre> |
|||
==Specific installation instructions== |
|||
===LUKS Nuke=== |
|||
* http://www.kali.org/how-to/emergency-self-destruction-luks-kali/ |
* http://www.kali.org/how-to/emergency-self-destruction-luks-kali/ |
||
* http://www.kali.org/how-to/nuke-kali-linux-luks/ |
* http://www.kali.org/how-to/nuke-kali-linux-luks/ |
||
Revision as of 20:09, 3 April 2014
Here is a list of security-related packages available in Debian-alike distros.
My setup is made of a basis of LMDE with Debian and Kali pinned repositories.
network
arping - sends IP and/or ARP pings (to the MAC address) dsniff - Various tools to sniff network traffic for cleartext insecurities etherwake - tool to send magic Wake-on-LAN packets iodine - tool for tunneling IPv4 data through a DNS server kismet - wireless sniffer and monitor - core kismet-plugins - wireless sniffer and monitor - plugins ndisc6 - IPv6 diagnostic tools netcat - TCP/IP swiss army knife -- transitional package netsniff-ng - packet sniffing beast nmap - The Network Mapper socat - multipurpose relay for bidirectional data transfer sshfs - filesystem client based on SSH File Transfer Protocol themole - automatic SQL injection exploitation tool
forensics
autopsy - graphical interface to SleuthKit chkrootkit - rootkit detector cruft - program that finds any cruft built up on your system dc3dd - patched version of GNU dd with forensic features dcfldd - enhanced version of dd for forensics and security ext4magic - recover deleted files from ext3 or ext4 partitions foremost - forensic program to recover lost files gpart - Guess PC disk partition table, find lost partitions logkeys - keylogger for GNU/Linux systems mac-robber - collects data about allocated files in mounted filesystems memdump - utility to dump memory contents to standard output pdfresurrect - tool for extracting/scrubbing versioning data from PDF documents recover - Undelete files on ext2 partitions recoverdm - recover files/disks with damaged sectors recoverjpeg - tool to recover JPEG images from a filesystem image rkhunter - rootkit, backdoor, sniffer and exploit scanner tiger - Report system security vulnerabilities unhide.rb - Forensic tool to find processes hidden by rootkits vinetto - A forensics tool to examine Thumbs.db files wipe - Secure file deletion vbindiff - visual binary diff, visually compare binary files
stegano
outguess - Universal Steganographic tool steghide - A steganography hiding tool
crypto
fcrackzip - password cracker for zip archives john - active password cracking tool password-gorilla - cross-platform password manager pdfcrack - PDF files password cracker ssss - Shamir's secret sharing scheme implementation rotix - A program to generate rotational obfuscations
reverse-engineering
flasm - assembler and disassembler for Flash (SWF) bytecode
coding
ckport - portability analysis and security checking tool cppcheck - tool for static C/C++ code analysis flawfinder - examines source code and looks for security weaknesses pychecker - tool to find common bugs in Python source code pylint - python code static checker and UML diagram generator
Specific installation instructions
LUKS Nuke
- http://www.kali.org/how-to/emergency-self-destruction-luks-kali/
- http://www.kali.org/how-to/nuke-kali-linux-luks/
- http://lxer.com/module/newswire/view/103692/index.html :
The first part of the new feature is to actually store a "nuke" passphrase in a keyslot. However, this passphrase does not encrypt the masterkey used for en-/decrypting the partition, but rather encrypts a magic value (0x0...0).
cryptsetup luksAddNuke <device>
It behaves pretty much like a "luksAddKey", only that the actual keyslot data does not contain any cryptographic material.
The second part of the implementation is a modification of the function that unlocks a keyslot and extracts the key material for en-/decryption. This function now contains a check for said magical value and deletes all keyslots if it encounters it.
apt-get install cryptsetup/kali cryptsetup-bin/kali libcryptsetup4/kali
If initrd was not rebuilt in the process:
dpkg-reconfigure cryptsetup
cryptsetup luksAddNuke /dev/sda1
Better to pin it:
Add to /etc/apt/preferences.d/kali-package-repositories.pref
Package: /cryptsetup/ Pin: release n=kali Pin-Priority: 990