# Security Tools List From Knoppix #
The following list of tools is on the STAT-Knoppix CD from Knoppix Linux. These tools are open source and freely available on the Internet. Most of these tools are widely recognized as part of the top 75 network security tools at Insecure.org
Most common Linux tools are included on the CD but are not explicitly listed here. Examples of these tools include: wget, curl, netcat, snarf, etc.
Network and Host Mapping (vulnerability/port scanning, banner grabbing, OS identification, application scanning) |
||
Tool |
Function |
Source URL |
nessus |
Comprehensive vulnerability scanner |
|
nmap |
The de facto port scanner |
|
strobe |
Fast TCP scanner |
|
telnetfp |
Remotely ID OS using telnet connection |
|
httpdtype |
Remotely ID HTTP server |
|
xprobe2 |
Remotely ID OS using ICMP |
|
p0f |
Passive OS detection |
|
firewalk |
Determine ACLs on firewall/router |
|
ADM-smb, nbtscan, nbtstat |
Windows SMB/CIFS scanners |
|
THC-amap |
Identify the applications that are running on open ports |
|
whisker |
RFP's cgi-scanner |
|
nikto |
Web scanner built on whisker |
|
tcptraceroute |
Traceroute using TCP packets |
|
arirang |
Powerful web scanner |
|
satan |
Classic vulnerability scanner |
|
cheops |
Network "swiss army knife" |
|
vetescan |
Vulnerability scanner |
|
|
|
|
|
|
|
Sniffers/Network Traffic Analyzers (capture and view network traffic, inject traffic, conduct man-in-the-middle attacks, reset connections) |
||
angst |
Active sniffer for switched LANs |
|
dsniff |
Suite of sniffing tools: dsniff, mailsnarf, urlsnarf, msgsnarf |
|
ethereal |
GUI packet sniffer with many decodes |
|
tethereal |
Command line version of ethereal |
|
tcpdump |
The de facto sniffer |
|
ngrep |
Apply regex to network traffic |
|
ettercap |
GUI and curses sniffer for switched networks |
|
sniffit |
Command line sniffer |
|
ipgrab |
Command line sniffer with on-the-fly protocol decoding |
|
ipaudit |
Read and record info on connections |
|
hunt |
Packet sniffing and hijack tool |
|
|
|
|
|
|
|
|
|
|
Packet Generators (create custom packets to put on the wire, modify packet streams, DoS, etc.) |
||
hping2 |
Command line custom packet building tool for ICMP/TCP/UDP |
|
isic |
Suite of tools for sending malformed packets: isic, tcpsic, udpsic, esic |
|
dnet |
Command line custom packet tool |
|
irpas |
Suite of tools from Pheonolit that target Cisco protocols |
|
nemesis |
Command-line UNIX network packet injection suite |
|
Paketto Keiretsu |
Uniqe collection of packet tools |
|
fragroute / fragtest |
Intercepts, modifies, and rewrites egress traffic; test IP fragmetation handling |
|
naptha |
Manipulate TCP states connections; exhaust TCP connections using synsend and srvr |
http://razor.bindview.com/publish/advisories/adv_NAPTHA.html |
|
|
|
|
|
|
Wireless (wireless sniffing capability is configured for Aironet 350 cards) |
||
dsniff-wireless |
Suite of sniffing tools: dsniff-wireless, mailsnarf-wireless, urlsnarf-wireless, msgsnarf-wireless (patched with William McVey's wam@cisco.com published patches). |
|
Airsnort |
Wireless LAN tool which recovers encryption keys. |
|
Kismet |
Excellent wireless sniffer |
|
|
|
|
|
|
|
Miscellaneous (Proxy tools, code auditing, fuzzer tools) |
|
|
SPIKE Proxy |
Automated SQL, overflow, directory traversal, fuzzing tool |
|
RATS |
Source code auditing for security problems |
|
Flawfinder |
Source code auditing for security problems |
|
Bruteforce Exploit Detector (bed) |
Perl scripts checking for buffer overflows, format strings, etc. very configurable. |
|
CIS RAT (router auditing tool) |
Center for Internet Security Cisco router audit tool |
https://www.cisecurity.org/tools2/cisco/cisco-ios-router-benchmark.pdf |
|
|