Difference between revisions of "Kali"
Jump to navigation
Jump to search
m (→LUKS Nuke) |
|||
Line 845: | Line 845: | ||
zim - graphical text editor based on wiki technologies |
zim - graphical text editor based on wiki technologies |
||
</pre> |
</pre> |
||
− | |||
− | ==LUKS Nuke== |
||
− | * http://www.kali.org/how-to/emergency-self-destruction-luks-kali/ |
||
− | * http://www.kali.org/how-to/nuke-kali-linux-luks/ |
||
− | * http://lxer.com/module/newswire/view/103692/index.html : |
||
− | ''The first part of the new feature is to actually store a "nuke" passphrase in a keyslot. However, this passphrase does not encrypt the masterkey used for en-/decrypting the partition, but rather encrypts a magic value (0x0...0). '' |
||
− | cryptsetup luksAddNuke <device> |
||
− | ''It behaves pretty much like a "luksAddKey", only that the actual keyslot data does not contain any cryptographic material.'' |
||
− | <br>''The second part of the implementation is a modification of the function that unlocks a keyslot and extracts the key material for en-/decryption. This function now contains a check for said magical value and deletes all keyslots if it encounters it.'' |
||
− | |||
− | apt-get install cryptsetup/kali cryptsetup-bin/kali libcryptsetup4/kali |
||
− | If initrd was not rebuilt in the process: |
||
− | dpkg-reconfigure cryptsetup |
||
− | |||
− | cryptsetup luksAddNuke /dev/sda1 |
||
− | Better to pin it: |
||
− | <br>Add to /etc/apt/preferences.d/kali-package-repositories.pref |
||
− | Package: /cryptsetup/ |
||
− | Pin: release n=kali |
||
− | Pin-Priority: 990 |
Revision as of 21:04, 3 April 2014
Links
Add Kali repositories to LMDE
This section explains how to add Kali repositories to Debian or LMDE and pin them.
All repackaged or new packages made in kali have "kali" in their version number (unless they are in the kali-bleeding-edge)
See also http://docs.kali.org/kali-policy/kali-linux-relationship-with-debian
Install their key:
gpg --keyserver pgpkeys.mit.edu --recv-key ED444FF07D8D0BF6 gpg -a --export ED444FF07D8D0BF6 | sudo apt-key add -
/etc/apt/sources.list.d/kali.list:
deb http://http.kali.org/kali kali main non-free contrib deb-src http://http.kali.org/kali kali main non-free contrib deb http://security.kali.org/kali-security kali/updates main contrib non-free deb-src http://security.kali.org/kali-security kali/updates main contrib non-free deb http://repo.kali.org/kali kali-bleeding-edge main deb-src http://repo.kali.org/kali kali-bleeding-edge main
$ apt-cache policy [...] 500 http://repo.kali.org/kali/ kali-bleeding-edge/main amd64 Packages release o=Kali,n=kali-bleeding-edge,c=main 500 http://security.kali.org/kali-security/ kali/updates/main amd64 Packages release o=Kali,n=kali,c=main 500 http://http.kali.org/kali/ kali/main amd64 Packages release o=Kali,a=stable,n=kali,c=main
/etc/apt/preferences.d/kali-package-repositories.pref :
Package: * Pin: release n=kali Pin-Priority: 350 Package: * Pin: release n=kali-bleeding-edge Pin-Priority: 300
Then
apt-get update
And to use Kali repo e.g.:
apt-get install apktool apt-get install libfreefare-bin/kali
Lists
See http://www.kali.org/news/kali-linux-metapackages/
kali-linux
apt-cache search kali-linux|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-all - Kali Linux - all packages kali-linux-forensic - Kali Linux forensic tools kali-linux-full - Kali Linux complete system kali-linux-gpu - Kali Linux GPU tools kali-linux-pwtools - Kali Linux password cracking tools kali-linux-rfid - Kali Linux RFID tools kali-linux-sdr - Kali Linux SDR tools kali-linux-top10 - Kali Linux Top 10 tools kali-linux-voip - Kali Linux VoIP tools kali-linux-web - Kali Linux webapp assessment tools kali-linux-wireless - Kali Linux wireless tools
kali-linux-all
apt-cache depends kali-linux-all|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux-forensic - Kali Linux forensic tools kali-linux-full - Kali Linux complete system kali-linux-gpu - Kali Linux GPU tools kali-linux-pwtools - Kali Linux password cracking tools kali-linux-rfid - Kali Linux RFID tools kali-linux-sdr - Kali Linux SDR tools kali-linux-top10 - Kali Linux Top 10 tools kali-linux-voip - Kali Linux VoIP tools kali-linux-web - Kali Linux webapp assessment tools kali-linux-wireless - Kali Linux wireless tools android-sdk - Android software development kit backdoor-factory - Patch win32/64 binaries with shellcode bing-ip2hosts - Enumerate hostnames for an IP using bing.com device-pharmer - Search Shodan results and test credentials doona - Network fuzzer forked from bed freeradius - high-performance and highly configurable RADIUS server hackersh - Shell-like wrapper of various security tools htshells - Self contained htaccess shells and attacks ismtp - SMTP user enumeration and testing tool linux-exploit-suggester - Script to keep track of vulnerabilities and suggest possible exploits masscan - Asynchronous TCP port scanner sandi - Exploit search engine shellnoob - Shellcode writing toolkit teamsploit - Tools for group based penetration testing veil-evasion - Generate payloads that bypass antivirus solutions veil-catapult - Payload delivery tool that integrates with veil-evasion
kali-linux-top10
apt-cache depends kali-linux-top10|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system aircrack-ng - wireless WEP/WPA cracking utilities burpsuite - platform for security testing of web applications hydra - very fast network logon cracker john - active password cracking tool maltego - Open source intelligence and forensics application maltego-teeth - Set of offensive Maltego transforms metasploit - Penetration testing and exploit development tool with web-based interface metasploit-framework - Framework for exploit development and vulnerability research nmap - The Network Mapper zaproxy - Testing tool for finding vulnerabilities in web applications. sqlmap - automatic SQL injection tool wireshark - network traffic analyzer - GTK+ version
kali-linux-forensic
apt-cache depends kali-linux-forensic|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system afflib-tools - support for Advanced Forensics format (utilities) apktool - A tool for reverse engineering Android apk files autopsy - graphical interface to SleuthKit bulk-extractor - Extracts information without parsing filesystem cabextract - Microsoft Cabinet file unpacker capstone - Multi-platform, multi-architecture disassembly framework chkrootkit - rootkit detector creddump - Extracts credentials from Windows registry hives cuckoo - Automated malware analysis system dc3dd - patched version of GNU dd with forensic features dcfldd - enhanced version of dd for forensics and security ddrescue - Copies data from one file or block device to another. dff - Powerful, efficient and modular digital forensic framework dissy - graphical frontend for objdump distorm3 - Powerful Disassembler Library For x86/AMD64 dumpzilla - Mozilla browser forensic tool edb-debugger - Linux equivalent of OllyDbg ewf-tools - collection of tools for reading and writing EWF files exiv2 - EXIF/IPTC metadata manipulation tool extundelete - utility to recover deleted files from ext3/ext4 partition fcrackzip - password cracker for zip archives firmware-mod-kit - Deconstruct and reconstruct firmware images flasm - assembler and disassembler for Flash (SWF) bytecode foremost - forensic program to recover lost files galleta - An Internet Explorer cookie forensic analysis tool gdb - GNU Debugger gparted - GNOME partition editor guymager - Forensic imaging tool based on Qt inetsim - Software suite for simulating common internet services iphone-backup-analyzer - iPhone backup decoder and analyzer jad - Java decompiler javasnoop - Intercept Java applications locally libewf1 - library with support for Expert Witness Compression Format libhivex-bin - utilities for reading and writing Windows Registry hives lvm2 - Linux Logical Volume Manager lynis - security auditing tool for Unix based systems magicrescue - recovers files by looking for magic bytes md5deep - Recursively compute hashsums or piecewise hashings mdbtools - JET / MS Access database (MDB) tools memdump - utility to dump memory contents to standard output missidentify - a program to find win32 applications nasm - General-purpose x86 assembler ollydbg - 32-bit assembler level analysing debugger p7zip-full - 7z and 7za file archivers with high compression ratio parted - disk partition manipulator pasco - An Internet Explorer cache forensic analysis tool pdfid - Scans PDF files for certain PDF keywords pdf-parser - Parses PDF files to identify fundamental elements pdgmail - Extracts gmail artifacts from a pd dump peepdf - PDF analysis tool pev - text-based tool to analyze PE files polenum - Extracts the password policy from a Windows system radare2 - free and advanced command line hexadecimal editor rdd - a forensic copy program readpst - Converts Outlook PST files to mbox and others recoverjpeg - tool to recover JPEG images from a filesystem image reglookup - utility to read and query Windows NT/2000/XP registry regripper - Windows registry forensics tool rifiuti - A MS Windows recycle bin analysis tool rifiuti2 - A MS Windows recycle bin analysis tool safecopy - Copy utility ignoring errors samdump2 - Dump Windows 2k/NT/XP password hashes scalpel - A Frugal, High Performance File Carver scrounge-ntfs - Data recovery program for NTFS filesystems sleuthkit - collection of tools for forensics analysis on volume and file system data smali - Assembler/disassembler for Android's dex format sqlitebrowser - GUI editor for SQLite databases tcpdump - command-line network traffic analyzer tcpflow - TCP flow recorder tcpick - TCP stream sniffer and connection tracker tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds truecrack - Bruteforce password cracker for TrueCrypt volumes. truecrypt - Cross-platform on-the-fly encryption unrar - Unarchiver for .rar files (non-free version) upx-ucl - efficient live-compressor for executables vinetto - A forensics tool to examine Thumbs.db files volafox - Memory analyzer for Mac OS X & BSD volatility - advanced memory forensics framework wce - Windows Credentials Editor wireshark - network traffic analyzer - GTK+ version xplico - Network Forensic Analysis Tool (NFAT)
kali-linux-gpu
apt-cache depends kali-linux-gpu|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system oclhashcat - GPU password cracker pyrit - GPGPU-driven WPA/WPA2-PSK key cracker multiforcer - GPU accelerated password cracking tool oclgausscrack - Cracks verification hashes of the Gauss Virus truecrack - Bruteforce password cracker for TrueCrypt volumes.
kali-linux-pwtools
apt-cache depends kali-linux-pwtools|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-gpu - Kali Linux GPU tools chntpw - NT SAM password recovery utility cmospwd - decrypt BIOS passwords from CMOS crunch - Password wordlist generator dbpwaudit - Does online password audits of DB engines fcrackzip - password cracker for zip archives findmyhash - Crack hashes with online services gpp-decrypt - Group Policy Preferences decrypter hash-identifier - Tool to identify hash types hashcat - World’s fastest CPU-based password recovery tool hashcat-utils - Set of small utilities for advanced password cracking hydra - very fast network logon cracker hydra-gtk - very fast network logon cracker - GTK+ based GUI john - active password cracking tool johnny - GUI for John the Ripper keimpx - Check for valid credentials across a network over SMB maskprocessor - High-performance word generator medusa - fast, parallel, modular, login brute-forcer for network services mimikatz - Uses admin rights on Windows to display passwords in plaintext ncrack - High-speed network authentication cracking tool ophcrack - Microsoft Windows password cracker using rainbow tables (gui) ophcrack-cli - Microsoft Windows password cracker using rainbow tables (cmdline) pack - Password analysis and cracking kit passing-the-hash - Patched tools to use password hashes as authentication input patator - Multi-purpose brute-forcer phrasendrescher - Passphrase cracking tool pipal - Statistical analysis on password dumps polenum - Extracts the password policy from a Windows system rainbowcrack - Rainbow table password cracker rcracki-mt - Version of rcrack that supports hybrid and indexed tables rsmangler - Wordlist mangling tool samdump2 - Dump Windows 2k/NT/XP password hashes seclists - Collection of multiple types of security lists sipcrack - SIP login dumper/cracker sipvicious - Tools for auditing SIP based VoIP systems sqldict - Dictionary attack tool for SQL Server statsprocessor - High-performance word-generator sucrack - multithreaded su bruteforcer thc-pptp-bruter - THC PPTP Brute Force truecrack - Bruteforce password cracker for TrueCrypt volumes. twofi - Twitter words of interest wce - Windows Credentials Editor wordlists - Contains the rockyou wordlist
kali-linux-rfid
apt-cache depends kali-linux-rfid|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system libfreefare-bin - MIFARE card manipulations binaries libnfc-bin - Near Field Communication (NFC) binaries mfcuk - MFCUK - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker mfterm - Terminal for working with Mifare Classic 1-4k Tags python-rfidiot - Python library to explore RFID devices
kali-linux-sdr
apt-cache depends kali-linux-sdr|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system gnuradio - GNU Radio Software Radio Toolkit chirp - Configuration tool for amateur radios hackrf-tools - Hardware driver and tools for HackRF Jawbreaker kalibrate-rtl - Calculate local oscillator frequency offset using GSM base stations rtlsdr-scanner - Python frequency scanning GUI for the OsmoSDR rtl-sdr library gr-scan - Scans a range of frequencies and prints a list of discovered signals gqrx - Software defined radio receiver powered by GNU Radio multimon-ng - Digital radio transmission decoder uhd-host - universal hardware driver for Ettus Research products uhd-images - Various UHD Images libgnuradio-grextras - Advanced GNU Radio Blocks libgnuradio-baz - gnuradio new functionality blocks libgnuradio-osmosdr - GNU Radio osmosdr block libgnuradio-osmosdr-apps - GNU Radio osmosdr applications libgnuradio-iqbalance - I/Q balancing block
kali-linux-voip
apt-cache depends kali-linux-voip|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system ace-voip - A simple VoIP corporate directory enumeration tool dnmap - Distributed nmap framework enumiax - IAX protocol username enumerator iaxflood - VoIP flooder tool inviteflood - SIP/SDP INVITE message flooding over UDP/IP libfindrtp - Library required by multiple VoIP tools nmap - The Network Mapper ohrwurm - RTP fuzzer pjproject - A multimedia communication library for SIP protos-sip - SIP test suite rtpbreak - Detects, reconstructs, and analyzes RTP sessions rtpflood - Tool to flood any RTP device rtpinsertsound - Inserts audio into a specified stream rtpmixsound - Mixes pre-recorded audio in real-time sctpscan - SCTP network scanner for discovery and security siparmyknife - SIP fuzzing tool sipcrack - SIP login dumper/cracker sipp - Traffic generator for the SIP protocol sipvicious - Tools for auditing SIP based VoIP systems voiphopper - Runs a VLAN hop security test wireshark - network traffic analyzer - GTK+ version
kali-linux-web
apt-cache depends kali-linux-web|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system apache2 - Apache HTTP Server apache2-mpm-event - transitional event MPM package for apache2 apache2-mpm-itk - transitional itk MPM package for apache2 apache2-mpm-prefork - transitional prefork MPM package for apache2 apache2-mpm-worker - transitional worker MPM package for apache2 apache-users - Enumerate usernames on systems with Apache UserDir module arachni - Web Application Security Scanner Framework automater - A IP and URL analysis tool. bbqsql - SQL Injection Exploitation Tool beef-xss - Browser Exploitation Framework (BeEF) blindelephant - A generic web application fingerprinter burpsuite - platform for security testing of web applications cadaver - command-line WebDAV client clusterd - Application server attack toolkit cookie-cadger - Cookie auditing tool for wired and wireless networks cutycapt - utility to capture WebKit's rendering of a web page davtest - Testing tool for WebDAV servers dbpwaudit - Does online password audits of DB engines dirb - URL bruteforcing tool dirbuster - Web server directory brute-forcer dnmap - Distributed nmap framework dotdotpwn - DotDotPwn - The Directory Traversal Fuzzer. eyewitness - Rapid web application triage tool fimap - LFI and RFI exploitation tool ftester - The Firewall Tester (FTester) is a tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. funkload - web testing tool golismero - Web application mapper grabber - Web application vulnerability scanner hamster-sidejack - Sidejacking tool hexorbase - Multiple database management and audit application http-tunnel - Tunneling software to tunnel through restrictive HTTP proxies httprint - Web server fingerprinting tool hydra - very fast network logon cracker hydra-gtk - very fast network logon cracker - GTK+ based GUI ikat - Interactive Kiosk Attack Tool inundator - Multi-threaded IDS false positive generator jboss-autopwn - JBoss script for obtaining remote shell access jd-gui - GUI Java .class decompiler joomscan - OWASP Joomla Vulnerability Scanner Project jsql - Java tool for automatic database injection laudanum - Collection of injectable web files lbd - Load balancer detector maltego - Open source intelligence and forensics application maltego-teeth - Set of offensive Maltego transforms medusa - fast, parallel, modular, login brute-forcer for network services mitmproxy - SSL-capable man-in-the-middle HTTP proxy mysql-server - MySQL database server (metapackage depending on the latest version) ncrack - High-speed network authentication cracking tool nikto - web server security scanner nmap - The Network Mapper oscanner - Oracle assessment framework owasp-mantra-ff - Web application security testing framework built on top of Firefox padbuster - Script for performing Padding Oracle attacks paros - Web application proxy patator - Multi-purpose brute-forcer php5 - server-side, HTML-embedded scripting language (metapackage) php5-mysql - MySQL module for php5 plecost - Wordpress fingerprinting tool powerfuzzer - Highly automated and fully customizable web fuzzer proxychains - proxy chains - redirect connections through proxy servers proxystrike - Active web application proxy proxytunnel - Create tcp tunnels trough HTTPS proxies, for using with SSH ratproxy - passive web application security assessment tool recon-ng - Web Reconnaissance framework written in Python redsocks - arbitrary TCP connection redirector to a SOCKS or HTTPS proxy server sidguesser - Guesses sids against an Oracle database siege - HTTP regression testing and benchmarking utility skipfish - fully automated, active web application security reconnaissance tool sqldict - Dictionary attack tool for SQL Server sqlitebrowser - GUI editor for SQLite databases sqlmap - automatic SQL injection tool sqlninja - SQL server injection and takeover tool sqlsus - MySQL injection tool sslcaudit - Tests SSL/TLS clients susceptibility to MITM attacks ssldump - An SSLv3/TLS network protocol analyzer sslh - ssl/ssh multiplexer sslscan - Fast SSL scanner sslsniff - SSL/TLS man-in-the-middle attack tool sslstrip - SSL/TLS man-in-the-middle attack tool sslsplit - Transparent and scalable SSL/TLS interception sslyze - Fast and full-featured SSL scanner stunnel4 - Universal SSL tunnel for network daemons thc-ssl-dos - Stress tester for the SSL handshake tlssled - Evaluates the security of a target SSL/TLS (HTTPS) server tnscmd10g - Tool to prod the oracle tnslsnr process ua-tester - User agent string tester uniscan - LFI, RFI, and RCE vulnerability scanner vega - Platform to test the security of web applications waffit - WAF auditing tool wapiti - web application vulnerability scanner webacoo - Web backdoor cookie script kit webhandler - Bash simulator to control a server using PHP system functions webscarab - Web application review tool webshag - Multi-threaded web server audit tool webshells - Collection of webshells webslayer - Web application bruteforcer websploit - Web exploitation framework weevely - Stealth tiny web shell wfuzz - Web application bruteforcer whatweb - Next generation web scanner wireshark - network traffic analyzer - GTK+ version wpscan - Black box WordPress vulnerability scanner xsser - XSS testing framework zaproxy - Testing tool for finding vulnerabilities in web applications.
kali-linux-wireless
apt-cache depends kali-linux-wireless|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-sdr - Kali Linux SDR tools aircrack-ng - wireless WEP/WPA cracking utilities pyrit - GPGPU-driven WPA/WPA2-PSK key cracker asleap - A tool for exploiting Cisco LEAP networks bluelog - Bluetooth scanner and logger bluemaho - GUI interface for testing Bluetooth devices bluepot - Bluetooth honeypot blueranger - Simple Bash script to locate Bluetooth devices bluesnarfer - A Bluesnarfing Utility bluez - Bluetooth tools and daemons bluez-hcidump - Analyses Bluetooth HCI packets btscanner - ncurses-based scanner for Bluetooth devices bully - Bully is a new implementation of the WPS brute force attack, written in C. cowpatty - Brute-force WPA dictionary attack crackle - Crack and decrypt BLE encryption eapmd5pass - Tool for extracting and cracking EAP-MD5 fern-wifi-cracker - Automated wifi cracker giskismet - Wireless recon visualization tool iw - tool for configuring Linux wireless devices killerbee - Framwork for ZigBee exploitation kismet - wireless sniffer and monitor - core libfreefare-bin - MIFARE card manipulations binaries libnfc-bin - Near Field Communication (NFC) binaries macchanger - utility for manipulating the MAC address of network interfaces mdk3 - Wireless attack tool for IEEE 802.11 networks mfcuk - MFCUK - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker mfterm - Terminal for working with Mifare Classic 1-4k Tags oclhashcat - GPU password cracker python-rfidiot - Python library to explore RFID devices reaver - brute force attack tool against Wifi Protected Setup PIN number redfang - Locates non-discoverable bluetooth devices rfcat - The swiss army knife of sub-GHz radio. rfkill - tool for enabling and disabling wireless devices sakis3g - Tool for establishing 3G connections spectools - Utilities for using the Wi-Spy USB spectrum analyzer hardware spooftooph - Automates spoofing or cloning Bluetooth devices ubertooth - An open source 2.4 GHz wireless development platform. wifi-honey - Wi-Fi honeypot wifitap - WiFi injection via a tun/tap device wifite - Python script to automate wireless auditing using aircrack-ng tools wireshark - network traffic analyzer - GTK+ version
kali-linux-full
Does not overlap completely the other lists, but still contains things not available in the other lists...
apt-cache depends kali-linux-full|awk '/Depends:/{print $2}'|xargs -n 1 -I XX apt-cache search -n ^XX$|awk '{n=$1;$1="";printf ("%-30s%s\n",n,$0)}' kali-linux - Kali Linux base system kali-linux-sdr - Kali Linux SDR tools 0trace - A traceroute tool that can run within an existing TCP connection. acccheck - Password dictionary attack tool for SMB ace-voip - A simple VoIP corporate directory enumeration tool afflib-tools - support for Advanced Forensics format (utilities) aircrack-ng - wireless WEP/WPA cracking utilities amap - next-generation scanning tool for pentesters apache-users - Enumerate usernames on systems with Apache UserDir module apktool - A tool for reverse engineering Android apk files arduino - AVR development board IDE and built-in libraries arping - sends IP and/or ARP pings (to the MAC address) arpwatch - Ethernet/FDDI station activity monitor arp-scan - arp scanning and fingerprinting tool asleap - A tool for exploiting Cisco LEAP networks automater - A IP and URL analysis tool. autopsy - graphical interface to SleuthKit bbqsql - SQL Injection Exploitation Tool bed - A network protocol fuzzer beef-xss - Browser Exploitation Framework (BeEF) binwalk - tool for searching binary images for embedded files and executable code blindelephant - A generic web application fingerprinter bluelog - Bluetooth scanner and logger bluemaho - GUI interface for testing Bluetooth devices bluepot - Bluetooth honeypot blueranger - Simple Bash script to locate Bluetooth devices bluesnarfer - A Bluesnarfing Utility bluez - Bluetooth tools and daemons bluez-hcidump - Analyses Bluetooth HCI packets braa - Mass SNMP scanner btscanner - ncurses-based scanner for Bluetooth devices bully - Bully is a new implementation of the WPS brute force attack, written in C. bulk-extractor - Extracts information without parsing filesystem burpsuite - platform for security testing of web applications cabextract - Microsoft Cabinet file unpacker cadaver - command-line WebDAV client casefile - Offline intelligence tool cdpsnarf - Network sniffer to extract CDP information cewl - Custom wordlist generator cgpt - GPT manipulation tool with support for Chromium OS extensions chirp - Configuration tool for amateur radios chkrootkit - rootkit detector chntpw - NT SAM password recovery utility cisco-auditing-tool - Scans Cisco routers for vulnerabilities cisco-global-exploiter - Simple and fast Cisco exploitation tool cisco-ocs - Mass Cisco scanner cisco-torch - Cisco device scanner clang - C, C++ and Objective-C compiler (LLVM based) cmospwd - decrypt BIOS passwords from CMOS copy-router-config - Copies Cisco configs via SNMP cowpatty - Brute-force WPA dictionary attack creddump - Extracts credentials from Windows registry hives creepy - geolocation information aggregator cryptsetup - disk encryption support - startup scripts crunch - Password wordlist generator cryptcat - A lightweight version netcat extended with twofish encryption curlftpfs - filesystem to access FTP hosts based on FUSE and cURL cutycapt - utility to capture WebKit's rendering of a web page cymothoa - Stealth backdooring tool darkstat - network traffic analyzer davtest - Testing tool for WebDAV servers dbd - Netcat clone with encryption dbpwaudit - Does online password audits of DB engines dc3dd - patched version of GNU dd with forensic features dcfldd - enhanced version of dd for forensics and security ddrescue - Copies data from one file or block device to another. deblaze - Performs testing against flash remoting endpoints dex2jar - Tools to work with android .dex and java .class files dff - Powerful, efficient and modular digital forensic framework dhcpig - DHCP exhaustion script dirb - URL bruteforcing tool dirbuster - Web server directory brute-forcer dissy - graphical frontend for objdump dmitry - Deepmagic Information Gathering Tool dnmap - Distributed nmap framework dns2tcp - TCP over DNS tunnel client and server dnschef - DNS proxy for penetration testers dnsenum - Tool to enumerate domain DNS information dnsmap - DNS domain name brute forcing tool dnsrecon - A powerful DNS enumeration script dnstracer - trace DNS queries to the source dnswalk - Checks dns zone information using nameserver lookups dos2unix - convert text file line endings between CRLF and LF dotdotpwn - DotDotPwn - The Directory Traversal Fuzzer. dradis - Collaboration tools for penetration testing driftnet - picks out and displays images from network traffic dsniff - Various tools to sniff network traffic for cleartext insecurities dumpzilla - Mozilla browser forensic tool eapmd5pass - Tool for extracting and cracking EAP-MD5 edb-debugger - Linux equivalent of OllyDbg enum4linux - Enumerates info from Windows and Samba systems enumiax - IAX protocol username enumerator ethtool - display or change Ethernet device settings ettercap-graphical - Ettercap GUI-enabled executable ewf-tools - collection of tools for reading and writing EWF files exiv2 - EXIF/IPTC metadata manipulation tool exploitdb - Searchable Exploit Database archive extundelete - utility to recover deleted files from ext3/ext4 partition fcrackzip - password cracker for zip archives fern-wifi-cracker - Automated wifi cracker fierce - Domain DNS scanner fiked - Cisco VPN attack tool fimap - LFI and RFI exploitation tool findmyhash - Crack hashes with online services flasm - assembler and disassembler for Flash (SWF) bytecode foremost - forensic program to recover lost files fping - sends ICMP ECHO_REQUEST packets to network hosts fragroute - Test a NIDS by attempting to evade using fragmented packets fragrouter - IDS evasion toolkit framework2 - Metasploit Framework 2 ftester - The Firewall Tester (FTester) is a tool designed for testing firewall filtering policies and Intrusion Detection System (IDS) capabilities. funkload - web testing tool galleta - An Internet Explorer cookie forensic analysis tool gdb - GNU Debugger ghost-phisher - GUI suite for phishing and penetration attacks giskismet - Wireless recon visualization tool golismero - Web application mapper goofile - Command line filetype search gpp-decrypt - Group Policy Preferences decrypter grabber - Web application vulnerability scanner guymager - Forensic imaging tool based on Qt hackrf-tools - Hardware driver and tools for HackRF Jawbreaker hamster-sidejack - Sidejacking tool hash-identifier - Tool to identify hash types hashcat - World’s fastest CPU-based password recovery tool hashcat-utils - Set of small utilities for advanced password cracking hexinject - Versatile packet injector and sniffer hexorbase - Multiple database management and audit application hotpatch - Hot patches Linux executables with .so file injection hping3 - Active Network Smashing Tool hydra - very fast network logon cracker hydra-gtk - very fast network logon cracker - GTK+ based GUI i2c-tools - heterogeneous set of I2C tools for Linux iaxflood - VoIP flooder tool ifenslave - configure network interfaces for parallel routing (bonding) ifenslave-2.6 - Attach and detach slave interfaces to a bonding device ikat - Interactive Kiosk Attack Tool ike-scan - discover and fingerprint IKE hosts (IPsec VPN Servers) inetsim - Software suite for simulating common internet services intersect - Post-exploitation framework intrace - Traceroute-like application piggybacking on existing TCP connections inundator - Multi-threaded IDS false positive generator inviteflood - SIP/SDP INVITE message flooding over UDP/IP iodine - tool for tunneling IPv4 data through a DNS server irpas - Internetwork Routing Protocol Attack Suite isr-evilgrade - Evilgrade framework jad - Java decompiler javasnoop - Intercept Java applications locally jboss-autopwn - JBoss script for obtaining remote shell access john - active password cracking tool johnny - GUI for John the Ripper joomscan - OWASP Joomla Vulnerability Scanner Project jsql - Java tool for automatic database injection keepnote - cross-platform note-taking and organization application keimpx - Check for valid credentials across a network over SMB killerbee - Framwork for ZigBee exploitation kismet - wireless sniffer and monitor - core laudanum - Collection of injectable web files lbd - Load balancer detector leafpad - GTK+ based simple text editor libcrafter - Library to generate and sniff network packets libewf1 - library with support for Expert Witness Compression Format libfindrtp - Library required by multiple VoIP tools libfreefare-bin - MIFARE card manipulations binaries libhivex-bin - utilities for reading and writing Windows Registry hives libnfc-bin - Near Field Communication (NFC) binaries lynis - security auditing tool for Unix based systems macchanger - utility for manipulating the MAC address of network interfaces magicrescue - recovers files by looking for magic bytes magictree - Penetration tester productivity tool maltego - Open source intelligence and forensics application maltego-teeth - Set of offensive Maltego transforms maskprocessor - High-performance word generator mc - Midnight Commander - a powerful file manager md5deep - Recursively compute hashsums or piecewise hashings mdbtools - JET / MS Access database (MDB) tools mdk3 - Wireless attack tool for IEEE 802.11 networks medusa - fast, parallel, modular, login brute-forcer for network services memdump - utility to dump memory contents to standard output metagoofil - Tool designed for extracting metadata of public documents metasploit - Penetration testing and exploit development tool with web-based interface metasploit-framework - Framework for exploit development and vulnerability research armitage - Cyber attack management for Metasploit mfcuk - MFCUK - MiFare Classic Universal toolKit mfoc - MIFARE Classic offline cracker mfterm - Terminal for working with Mifare Classic 1-4k Tags mimikatz - Uses admin rights on Windows to display passwords in plaintext minicom - friendly menu driven serial communication program miranda - UPNP administration tool miredo - Teredo IPv6 tunneling through NATs missidentify - a program to find win32 applications mitmproxy - SSL-capable man-in-the-middle HTTP proxy multiforcer - GPU accelerated password cracking tool multimac - Create multiple MACs on an adapter nasm - General-purpose x86 assembler nbtscan - A program for scanning networks for NetBIOS name information ncat-w32 - Netcat for the 21st century ncrack - High-speed network authentication cracking tool ncurses-hexedit - Edit files/disks in hex, ASCII and EBCDIC netdiscover - active/passive network address scanner using arp requests netmask - helps determine network masks netsed - network packet-altering stream editor netsniff-ng - packet sniffing beast netwag - graphical frontend for netwox nfspy - ID-spoofing NFS client ngrep - grep for network traffic nikto - web server security scanner nipper-ng - Device security configuration review tool nmap - The Network Mapper ohrwurm - RTP fuzzer ollydbg - 32-bit assembler level analysing debugger onesixtyone - fast and simple SNMP scanner openvas - Openvas dummy package. ophcrack - Microsoft Windows password cracker using rainbow tables (gui) ophcrack-cli - Microsoft Windows password cracker using rainbow tables (cmdline) oscanner - Oracle assessment framework p0f - Passive OS fingerprinting tool pack - Password analysis and cracking kit padbuster - Script for performing Padding Oracle attacks paros - Web application proxy pasco - An Internet Explorer cache forensic analysis tool passing-the-hash - Patched tools to use password hashes as authentication input patator - Multi-purpose brute-forcer pdfid - Scans PDF files for certain PDF keywords pdf-parser - Parses PDF files to identify fundamental elements pdgmail - Extracts gmail artifacts from a pd dump peepdf - PDF analysis tool perl-cisco-copyconfig - Provides methods for manipulating Cisco devices pev - text-based tool to analyze PE files phrasendrescher - Passphrase cracking tool pipal - Statistical analysis on password dumps pjproject - A multimedia communication library for SIP plecost - Wordpress fingerprinting tool polenum - Extracts the password policy from a Windows system powerfuzzer - Highly automated and fully customizable web fuzzer powersploit - PowerShell Post-Exploitation Framework protos-sip - SIP test suite proxychains - proxy chains - redirect connections through proxy servers proxystrike - Active web application proxy proxytunnel - Create tcp tunnels trough HTTPS proxies, for using with SSH ptunnel - Tunnel TCP connections over ICMP packets pwnat - NAT to NAT client-server communication pyrit - GPGPU-driven WPA/WPA2-PSK key cracker python-impacket - Python module to easily build and dissect network protocols python-impacket-doc - Python module to easily build and dissect network protocols python-rfidiot - Python library to explore RFID devices python-scapy - Packet generator/sniffer and network scanner/discovery rainbowcrack - Rainbow table password cracker radare2 - free and advanced command line hexadecimal editor rake - ruby make-like utility ratproxy - passive web application security assessment tool rcracki-mt - Version of rcrack that supports hybrid and indexed tables rdd - a forensic copy program readpst - Converts Outlook PST files to mbox and others reaver - brute force attack tool against Wifi Protected Setup PIN number rebind - DNS rebinding tool recon-ng - Web Reconnaissance framework written in Python recordmydesktop - Captures audio-video data of a Linux desktop session recoverjpeg - tool to recover JPEG images from a filesystem image redfang - Locates non-discoverable bluetooth devices redsocks - arbitrary TCP connection redirector to a SOCKS or HTTPS proxy server reglookup - utility to read and query Windows NT/2000/XP registry regripper - Windows registry forensics tool responder - NBT-NS/LLMNR Responder rifiuti - A MS Windows recycle bin analysis tool rifiuti2 - A MS Windows recycle bin analysis tool rsmangler - Wordlist mangling tool rtpbreak - Detects, reconstructs, and analyzes RTP sessions rtpflood - Tool to flood any RTP device rtpinsertsound - Inserts audio into a specified stream rtpmixsound - Mixes pre-recorded audio in real-time safecopy - Copy utility ignoring errors sakis3g - Tool for establishing 3G connections samdump2 - Dump Windows 2k/NT/XP password hashes sbd - Secure backdoor for linux and windows scalpel - A Frugal, High Performance File Carver scrounge-ntfs - Data recovery program for NTFS filesystems sctpscan - SCTP network scanner for discovery and security sendemail - lightweight, command line SMTP email client set - Social-Engineer Toolkit sfuzz - Black Box testing utilities sidguesser - Guesses sids against an Oracle database siege - HTTP regression testing and benchmarking utility siparmyknife - SIP fuzzing tool sipcrack - SIP login dumper/cracker sipp - Traffic generator for the SIP protocol sipvicious - Tools for auditing SIP based VoIP systems skipfish - fully automated, active web application security reconnaissance tool sleuthkit - collection of tools for forensics analysis on volume and file system data smali - Assembler/disassembler for Android's dex format smtp-user-enum - Username guessing tool primarily for the SMTP service. sniffjoke - Transparent TCP connection scrambler snmpcheck - SNMP service enumeration tool socat - multipurpose relay for bidirectional data transfer spectools - Utilities for using the Wi-Spy USB spectrum analyzer hardware spidermonkey-bin - standalone JavaScript/ECMAScript (ECMA-262) interpreter spike - Network protocol fuzzer spooftooph - Automates spoofing or cloning Bluetooth devices sqldict - Dictionary attack tool for SQL Server sqlitebrowser - GUI editor for SQLite databases sqlmap - automatic SQL injection tool sqlninja - SQL server injection and takeover tool sqlsus - MySQL injection tool sslcaudit - Tests SSL/TLS clients susceptibility to MITM attacks ssldump - An SSLv3/TLS network protocol analyzer sslh - ssl/ssh multiplexer sslscan - Fast SSL scanner sslsniff - SSL/TLS man-in-the-middle attack tool sslstrip - SSL/TLS man-in-the-middle attack tool sslsplit - Transparent and scalable SSL/TLS interception sslyze - Fast and full-featured SSL scanner statsprocessor - High-performance word-generator stunnel4 - Universal SSL tunnel for network daemons suckless-tools - simple commands for minimalistic window managers sucrack - multithreaded su bruteforcer swaks - SMTP command-line test tool t50 - Multi-protocol packet injector tool tcpflow - TCP flow recorder tcpick - TCP stream sniffer and connection tracker tcpreplay - Tool to replay saved tcpdump files at arbitrary speeds termineter - Smart meter testing framework tftpd32 - Open source ipv6-ready TFTP server for Windows thc-ipv6 - The Hacker Choice's IPv6 Attack Toolkit thc-pptp-bruter - THC PPTP Brute Force thc-ssl-dos - Stress tester for the SSL handshake theharvester - theHarvester is a tool for gathering e-mail accounts and subdomain names from public sources. tlssled - Evaluates the security of a target SSL/TLS (HTTPS) server tnscmd10g - Tool to prod the oracle tnslsnr process truecrack - Bruteforce password cracker for TrueCrypt volumes. truecrypt - Cross-platform on-the-fly encryption twofi - Twitter words of interest u3-pwn - Injects executables onto U3 USB devices ua-tester - User agent string tester udptunnel - tunnel UDP packets over a TCP connection unetbootin - installer of Linux/BSD distributions to a partition or USB drive uniscan - LFI, RFI, and RCE vulnerability scanner unicornscan - Userland distributed TCP/IP stack unix-privesc-check - Script to check for simple privilege escalation vectors urlcrazy - Domain typo generator vboot-kernel-utils - Chrome OS verified boot utils required to sign kernels vboot-utils - Chrome OS verified boot utils vega - Platform to test the security of web applications vim-gtk - Vi IMproved - enhanced vi editor - with GTK2 GUI vinetto - A forensics tool to examine Thumbs.db files vlan - user mode programs to enable VLANs on your ethernet devices voiphopper - Runs a VLAN hop security test volafox - Memory analyzer for Mac OS X & BSD volatility - advanced memory forensics framework vpnc - Cisco-compatible VPN client w3af - framework to find and exploit web application vulnerabilities waffit - WAF auditing tool wapiti - web application vulnerability scanner wce - Windows Credentials Editor webacoo - Web backdoor cookie script kit webscarab - Web application review tool webshag - Multi-threaded web server audit tool webshells - Collection of webshells webslayer - Web application bruteforcer websploit - Web exploitation framework weevely - Stealth tiny web shell winexe - Remote Windows-command executor wfuzz - Web application bruteforcer whatweb - Next generation web scanner wifi-honey - Wi-Fi honeypot wifitap - WiFi injection via a tun/tap device wifite - Python script to automate wireless auditing using aircrack-ng tools windows-binaries - Various pentesting Windows binaries wireshark - network traffic analyzer - GTK+ version wol-e - Wake on LAN Explorer wordlists - Contains the rockyou wordlist wpscan - Black box WordPress vulnerability scanner wvdial - intelligent Point-to-Point Protocol dialer xpdf - Portable Document Format (PDF) reader xprobe - Remote OS identification xspy - X server sniffer xsser - XSS testing framework xtightvncviewer - virtual network computing client software for X yersinia - Network vulnerabilities check software zaproxy - Testing tool for finding vulnerabilities in web applications. zenmap - The Network Mapper Front End zim - graphical text editor based on wiki technologies