# Security Tools List From Knoppix #

The following list of tools is on the STAT-Knoppix CD from Knoppix Linux. These tools are open source and freely available on the Internet. Most of these tools are widely recognized as part of the top 75 network security tools at Insecure.org

Most common Linux tools are included on the CD but are not explicitly listed here. Examples of these tools include: wget, curl, netcat, snarf, etc.

Network and Host Mapping (vulnerability/port scanning, banner grabbing, OS identification, application scanning)

Tool

Function

Source URL

nessus

Comprehensive vulnerability scanner

http://www.nessus.org

nmap

The de facto port scanner

http://www.insecure.org/nmap/

strobe

Fast TCP scanner

http://packetstormsecurity.nl/UNIX/scanners/strobe-1.04.tgz

telnetfp

Remotely ID OS using telnet connection

http://www.securiteam.com/tools/6J00L0K06U.html

httpdtype

Remotely ID HTTP server

http://www.icewalkers.com/softlib/app/app_00261.html

xprobe2

Remotely ID OS using ICMP

http://xprobe.sourceforge.net/

p0f

Passive OS detection

http://www.stearns.org/p0f/

firewalk

Determine ACLs on firewall/router

http://www.packetfactory.net/firewalk/

ADM-smb, nbtscan, nbtstat

Windows SMB/CIFS scanners

http://www.inetcat.org/software/nbtscan.html

THC-amap

Identify the applications that are running on open ports

http://packages.debian.org/unstable/net/amap.html

whisker

RFP's cgi-scanner

http://www.wiretrip.net/rfp/p/doc.asp?id=21&iface=2

nikto

Web scanner built on whisker

http://www.cirt.net/code/nikto.shtml

tcptraceroute

Traceroute using TCP packets

http://michael.toren.net/code/tcptraceroute/

arirang

Powerful web scanner

http://www.monkey.org/~pilot/arirang/

satan

Classic vulnerability scanner

http://www.fish.com/satan/

cheops

Network "swiss army knife"

http://cheops-ng.sourceforge.net/

vetescan

Vulnerability scanner

http://ece.iisc.ernet.in/security/vetescan.html

 

 

 

 

 

 

Sniffers/Network Traffic Analyzers (capture and view network traffic, inject traffic, conduct man-in-the-middle attacks, reset connections)

angst

Active sniffer for switched LANs

 

dsniff

Suite of sniffing tools: dsniff, mailsnarf, urlsnarf, msgsnarf

http://naughty.monkey.org/~dugsong/dsniff/

ethereal

GUI packet sniffer with many decodes

http://www.ethereal.org

tethereal

Command line version of ethereal

http://www.ethereal.org

tcpdump

The de facto sniffer

http://www.tcpdump.org

ngrep

Apply regex to network traffic

http://www.packetfactory.net/Projects/ngrep/

ettercap

GUI and curses sniffer for switched networks

http://ettercap.sourceforge.net/

sniffit

Command line sniffer

http://reptile.rug.ac.be/~coder/sniffit/sniffit.html

ipgrab

Command line sniffer with on-the-fly protocol decoding

http://ipgrab.sourceforge.net/

ipaudit

Read and record info on connections

http://www.sp.uconn.edu/~jrifkin/ipaudit/

hunt

Packet sniffing and hijack tool

http://lin.fsid.cvut.cz/~kra/index.html#HUNT

 

 

 

 

 

 

 

 

 

Packet Generators (create custom packets to put on the wire, modify packet streams, DoS, etc.)

hping2

Command line custom packet building tool for ICMP/TCP/UDP

http://www.hping.org/

isic

Suite of tools for sending malformed packets: isic, tcpsic, udpsic, esic

http://www.packetfactory.net/Projects/ISIC/

dnet

Command line custom packet tool

http://libdnet.sourceforge.net/

irpas

Suite of tools from Pheonolit that target Cisco protocols

http://www.phenoelit.de/irpas/docu.html

nemesis

Command-line UNIX network packet injection suite

http://www.packetfactory.net/projects/nemesis/

Paketto Keiretsu

Uniqe collection of packet tools

http://www.doxpara.com/paketto

fragroute / fragtest

Intercepts, modifies, and rewrites egress traffic; test IP fragmetation handling

http://www.monkey.org/~dugsong/fragroute/

naptha

Manipulate TCP states connections; exhaust TCP connections using synsend and srvr

http://razor.bindview.com/publish/advisories/adv_NAPTHA.html

 

 

 

 

 

 

Wireless (wireless sniffing capability is configured for Aironet 350 cards)

dsniff-wireless

Suite of sniffing tools: dsniff-wireless, mailsnarf-wireless, urlsnarf-wireless, msgsnarf-wireless (patched with William McVey's wam@cisco.com published patches).

http://naughty.monkey.org/~dugsong/dsniff/

Airsnort

Wireless LAN tool which recovers encryption keys.

http://airsnort.shmoo.com/

Kismet

Excellent wireless sniffer

http://www.kismetwireless.net/

 

 

 

 

 

 

Miscellaneous (Proxy tools, code auditing, fuzzer tools)

 

SPIKE Proxy

Automated SQL, overflow, directory traversal, fuzzing tool

http://www.immunitysec.com/spikeproxy.html

RATS

Source code auditing for security problems

http://www.securesoftware.com/download_form_rats.htm

Flawfinder

Source code auditing for security problems

http://www.dwheeler.com/flawfinder/

Bruteforce Exploit Detector (bed)

Perl scripts checking for buffer overflows, format strings, etc. very configurable.

http://www.snake-basket.de/bed.htm

CIS RAT (router auditing tool)

Center for Internet Security Cisco router audit tool

https://www.cisecurity.org/tools2/cisco/cisco-ios-router-benchmark.pdf