Auditor Security Collection

From Wikipedia, the free encyclopedia

Auditor Security Collection
Auditor Desktop
The Auditor KDE Desktop
Website: www.remote-exploit.org
Company/
developer:		 Remote Exploit / Max Moser
OS family: Linux
Source model: Open source
Latest stable release: 200605-02 / June 20, 2005
Kernel type: Monolithic kernel
License: Various
Working state: Current

Contents

[edit] Summary

The Auditor security collection is a LiveCD based on Knoppix.

Auditor was planned and developed with the targets of user-friendliness and an optimal toolset. For example, the menu structure is organised into the typical phases of a security check: footprinting, analysis, scanning, wireless scanning, brute-forcing, and cracking.

In addition to approximately 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries.

It also includes more common productivity tools such as a web browser, and text and graphical editors, to allow for the creation of security reports.

Many tools were adapted, newly developed, or converted from other system platforms in order to make as many current auditing tools available as possible on one CD-ROM. Tools such as Wellenreiter and Kismet were equipped with automatic hardware identification, thus avoiding configuration of the wireless cards.

Auditor Security Collection is now known as BackTrack. BackTrack is a Linux distribution distributed as a LiveDistro that results from the merger of WHAX and Kanotix-based Auditor Security Collection.

[edit] About

The Auditor logo
The Auditor logo

With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Professional open-source programs offer you a complete toolset to analyse the safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute force attack, cracking). By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries. Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Auditor contains the following tools and programs:

[edit] Footprinting

  • Greenwhich
  • Whois
  • Gnetutil (Network Utilities)
  • Itrace (ICMP traceroute)
  • Tctrace (TCP traceroute)
  • Traceroute
  • DNSwalk (DNS verification)
  • Dig (DNS lookup)
  • Host (DNS lookup)
  • NSTXCD (IP over DNS client)
  • NSTXD (IP over DNS server)
  • Oxyman (DNS tunnel)
  • Curl (URL transfer)
  • Elinks (Console web browser)
  • Konqueror (Web browser)
  • Socat (Socket Cat)
  • Stunnel (Universal SSL tunnel)
  • Arpfetch (SNMP ARP/IP fetcher)
  • SNMPWalk (SNMP tree walk)
  • TKMib (Mib browser)
  • GQ (LDAP browser)
  • Komba2 (KDE SMB browser)
  • LinNeighborhood (Graphical SMB browser)
  • Net utils (NET utilities)
  • SMBClient (SMB client)
  • SMBGet (SMB downloader)
  • Smb4K (SMB share browser)
  • Xsmbrowser (Graphical SMB browser)
  • nmblookup (Netbios name lookup)
  • smbdumpusers (User browser)
  • smbgetserverinfo (Get server info)
  • Cheops (Network neighborhood)
  • NTP-fingerprint (Detection based on ntp fingerprint)
  • Nmap (Network scanner)
  • NmapFE (Graphical network scanner)
  • P0f (Passive OS fingerprinting)
  • PSentry (Internet Policy Guard & Surveillance)
  • Queso (OS detection)
  • XProbe2 (OS detection)

[edit] Scanning

  • Cisco global exploiter (Cisco scanner)
  • Cisco torch (Cisco oriented scanner)
  • ExploitTree search (ExploitTree collection)
  • Metasploit (Metasploit commandline)
  • Metasploit (Metasploit console GUI)
  • Metasploit (Metasploit web interface)
  • Nessus (Security Scanner)
  • Raccess (Remote scanner)
  • Httprint (Webserver fingerprinting)
  • Nikto Web Scanner (Vulnerability scanner)
  • Stunnel (Universal SSL tunnel)
  • Cheops (Network neighborhood)
  • GTK-Knocker (Simple GUI portscanner)
  • IKE-Scan (IKE scanner)
  • Knocker (Simple portscanner)
  • Netenum (Pingsweep)
  • Netmask (Requests netmask)
  • Nmap (Network scanner)
  • NmapFE (Graphical network scanner)
  • Proxychains (Proxifier)
  • Scanrand (Stateless scanner)
  • Timestamp (Requests timestamp)
  • Unicornscan (Fast port scanner)
  • Isrscan (Source routed packets scanner)
  • Amap (Application identification)
  • Bed.pl (Application fuzzer)
  • SNMP-Fuzzer (SNMP protocol fuzzer)
  • ScanSSH (SSH identification)
  • Nbtscan (Netbios scanner)
  • SMB-Nat (SMB access scanner)
  • Ozyman (DNS tunnel)
  • Ass (Autonomous system scanner)
  • Protos (Protocol identification)

[edit] Analyzer

  • AIM-SNIFF (AIM sniffer)
  • Driftnet (Image sniffer)
  • Mailsnarf (Mail sniffer)
  • Paros (HTTP interception proxy)
  • URLsnarf (URL sniffer)
  • smbspy (SMB sniffer)
  • Etherape (Network monitor)
  • Ethereal (Network analyzer)
  • Ettercap (Sniffer/Interceptor/Logger)
  • Hunt (Sniffer/Interceptor)
  • IPTraf (Traffic monitor)
  • NGrep (Network grep)
  • NetSed (Network edit)
  • SSLDump (SSLv3/TLS analyzer)
  • Sniffit (Sniffer)
  • TcPick (Packet stream editor)
  • Dsniff (Password sniffer)[1]

[edit] Spoofing

  • Arpspoof (ARP spoofer)
  • Macof (ARP spoofer/generator)
  • Nemesis-ARP (ARP packet generator)
  • Nemesis-Ethernet (Ethernet packet generator)
  • CDP (CDP generator)
  • DNSSpoof (DNS spoofer)
  • Nemesis-DNS (DNS packet generator)
  • DHCPX (DHCP flooder)
  • Hping2 (Packet generator)
  • ICMPRedirect (ICMP redirect packet generator)
  • ICMPUSH (ICMP packet generator)
  • Nemesis-ICMP (ICMP packet generator)
  • Packit (Traffic inject/modify)
  • TcPick (Packet stream editor)
  • Yersinia (Layer 2 protocol injector)
  • Fragroute (Egress rewrite)
  • HSRP (HSRP generator)
  • IGRP (IGRP injector)
  • IRDP (IRDP generator)
  • IRDPresponder (IRDP response generator)
  • Nemesis-IGMP (IGMP generator)
  • Nemesis-RIP (RIP generator)
  • File2Cable (Traffic replay)
  • Fragrouter (IDS evasion toolkit)
  • Nemesis-IP (IP packet generator)
  • Nemesis-TCP (TCP packet generator)
  • Nemesis-UDP (UDP traffic generator)
  • SendIP (IP packet generator)
  • TCPReplay (Traffic replay
  • Etherwake (Generate wake-on-LAN)

[edit] Bluetooth

  • BTScanner (Bluetooth scanner)
  • Bluesnarfer (Bluesnarf attack)
  • Ghettotooth (Bluetooth scanner)
  • Kandy (Mobile phone tool)
  • Obexftp (Obexftp client)
  • Phone manager
  • RFComm (Bluetooth serial)
  • RedFang (Bluetooth bruteforce)
  • USSP-Push (Obex-push)
  • XMinicom (Terminal)

[edit] Wireless

  • apmode.sh (Act as accesspoint)
  • Airpwn (Client penetration)
  • Hotspotter (Client penetration)
  • GpsDrive
  • start-gps-daemon (GPS daemon)
  • stop-gps-daemon (GPS daemon)
  • ASLeap (LEAP/PPTP cracker)
  • Genkeys (Hash generator for ASLeap)
  • Airforge
  • File2air (Packet injector)
  • Void11
  • Void11-Hopper (Channel hopper)
  • GKismet (Graphical wireless scanner)
  • GPSMAP (wireless mapping)
  • KLV (Kismet Log Viewer)
  • Kismet (Ncurses wireless scanner)
  • Wellenreiter (Graphical Wireless scanner)
  • 802ether (Dumpfile format converter)
  • airodump (Traffic recorder)
  • aircrack (Modern WEP cracker)
  • Aireplay (Wireless packet injector)
  • Wep Crack (Wep Cracker)
  • Wep Decrypt (Decrypt dump files)
  • Airsnort (GUI based WEP cracker)
  • ChopChop (Active WEP attack)
  • DWEPCrack (WEP cracker)
  • Decrypt (Dump file decrypter)
  • WEPAttack (Dictionary attack)
  • WEPlab (Modern WEP cracker)
  • Cowpatty (WPA PSK bruteforcer)
  • changemac.sh (MAC address changer)

[edit] Bruteforce

  • ADMsnmp (SNMP bruteforce)
  • Guess-who (SSH bruteforce)
  • Hydra (Multi purpose bruteforce)
  • K0ldS (LDAP bruteforce)
  • Obiwan III (HTTP bruteforce)
  • SMB-Nat (SMB access scanner)
  • TFTP-bruteforce
  • VNCrack (VNC bruteforce)
  • Xhydra (Graphical bruteforcer)

[edit] Password crackers

  • BKHive (SAM recovery)
  • Fcrackzip (Zip password cracker)
  • John (Multi-purpose password cracker)
  • Default password list
  • Nasty (GPG secret key cracker)
  • Rainbowcrack (Hash cracker)
  • Samdump2 (SAM file dumper)
  • Wordlists (Collection of wordlists)

[edit] Forensics

  • Autopsy (Forensic GUI)
  • Recover (Ext2 file recovery)
  • Testdisk (Partition scanner)
  • Wipe (Securely delete files)
  • Encase EDS

[edit] Honeypot

  • IMAP
  • POP3
  • Honeyd (Honeypot)
  • IISEmulator (Honeypot)
  • Tinyhoneypot (Simple honeypot)

[edit] External link

v  d  e
Linux distributions

CentOSDebianFedoraGentooKnoppixMandriva LinuxopenSUSERed Hat Enterprise LinuxSlackwareUbuntumore…compare

Retrieved from "http://en.wikipedia.org../../../a/u/d/Auditor_Security_Collection_4efd.html"