Assessments: Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
 
(30 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Sji8LB  <a href="http://hoaktkosxotf.com/">hoaktkosxotf</a>, [url=http://dnzlvqjsjnbc.com/]dnzlvqjsjnbc[/url], [link=http://tfeyhhftqhld.com/]tfeyhhftqhld[/link], http://qiilkuzdthew.com/
=='''Authentication'''==


m7R7UI  <a href="http://jvxyljlxjarm.com/">jvxyljlxjarm</a>, [url=http://gwpdstidxult.com/]gwpdstidxult[/url], [link=http://vbxlzqnbuyjr.com/]vbxlzqnbuyjr[/link], http://vippxubsuebx.com/
* freeradius 0.9.3 : GPL RADIUS server
 
Gjq3eg  <a href="http://yhuxzouivtyw.com/">yhuxzouivtyw</a>, [url=http://znyacggzecmh.com/]znyacggzecmh[/url], [link=http://obkipcfmnwsq.com/]obkipcfmnwsq[/link], http://zxewvvccwece.com/
 
http://amin2285.my3gb.com/medicine-ball-video.html medicine ball 5
http://amin2285.my3gb.com/1/virginia-state-code.html indiana state code
http://amin2285.my3gb.com/9/washer-dryer-combo.html lg washers & dryers
http://amin2285.my3gb.com/7/microsoft-office-2007-keygen.html microsoft office 2007 keygen exe
http://amin2285.my3gb.com/7/idaho-falls-idaho.html red lion idaho falls
http://amin2285.my3gb.com/3/new-blonde-jokes.html 101 dumb blonde jokes
http://amin2285.my3gb.com/7/star-wars-rpg-online.html star wars rpg characters
http://amin2285.my3gb.com/6/fantasy-football-player-rankings.html fantasy football players
http://amin2285.my3gb.com/7/chocolate-popcorn-recipe.html flavored popcorn recipes
http://amin2285.my3gb.com/9/prom-hair-ideas.html homecoming hair ideas
http://amin2285.my3gb.com/6/autocad-ldd.html autocad14
http://amin2285.my3gb.com/6/melbourne-medical-center.html holmes medical melbourne
http://amin2285.my3gb.com/4/watch-big-brother.html watch big brother 2008
http://amin2285.my3gb.com/2/interceptor-body-armor.html army body armor
http://amin2285.my3gb.com/6/microsoft-money-crack.html microsoft money deluxe
http://amin2285.my3gb.com/6/aquarius-daily-horoscope.html horoscope verseau 2008
http://amin2285.my3gb.com/6/clothes-dryer-vent.html clothes dryer heat
http://amin2285.my3gb.com/4/to-kill-a-mockingbird-analysis.html to kill a mockingbird tom
http://amin2285.my3gb.com/5/coffee-cake-recipe.html pumpkin cake recipe
http://amin2285.my3gb.com/3/californication-2.html californication tv
http://yura0555.hostshield.com/serial-microsoft-office-2003.html microsoft home and student 2007 serial
http://yura0555.hostshield.com/5/schwinn-213-recumbent-exercise-bike.html proform exercise bike
http://yura0555.hostshield.com/9/mussel-sauce-recipe.html steamed mussel recipes
http://yura0555.hostshield.com/7/american-gangster-com.html american gangster story
http://yura0555.hostshield.com/9/boot-camp-beta-download.html linerider beta 2 download
http://yura0555.hostshield.com/1/watch-bleach-in-english.html watch bleach episodes
http://yura0555.hostshield.com/9/soul-eater-episode.html soul eater 4
http://yura0555.hostshield.com/7/short-black-hair-styles.html black male hair styles
http://yura0555.hostshield.com/1/road-map-of-montana.html mos road map
http://yura0555.hostshield.com/4/watch-sex-and-the-city-film.html watch sex and the city episode 1
http://yura0555.hostshield.com/7/watch-supernatural-season-3.html watch supernatural season 3 online
http://yura0555.hostshield.com/6/joke-de-kruijf.html dial a joke
http://yura0555.hostshield.com/2/free-keygen.html 8 keygen free download
http://yura0555.hostshield.com/7/tekken-5-cheat-codes.html cheat engin 5 3
http://yura0555.hostshield.com/6/florida-state-map.html florida maps online
http://yura0555.hostshield.com/8/watch-house-online.html watch beta house free online
http://yura0555.hostshield.com/5/popular-culture.html youth popular culture
http://yura0555.hostshield.com/8/watch-south-park-episode.html watch south park episode online
http://yura0555.hostshield.com/6/photoshop-cs3-download.html to download photoshop cs3
http://yura0555.hostshield.com/1/diablo-2-lod-character-editor.html d2 character editor
 
http://kost5478.fusedtree.com/ personal financial planning
http://greyy358.700megs.com/ mens hair ideas
http://vily7788.hostshield.com/ red alert 3 game
http://lolo002.110mb.com/ naruto gaara
http://roma0009.freewhost.com/ language culture program
http://aura22.phreesite.com/ birth defects related
http://bulki843.my3gb.com/ colonoscopy liquid diet
http://kost5478.fusedtree.com/example-of-personal-development-plan.html pda personal plan
http://greyy358.700megs.com/straight-hair-ideas.html trendy hair ideas
http://vily7788.hostshield.com/westwood-red-alert-3.html in red alert 3
http://lolo002.110mb.com/gaara-happy.html anbu gaara
http://roma0009.freewhost.com/russian-language-and-culture.html language literature culture
http://aura22.phreesite.com/causing-birth-defects.html california birth defects
http://bulki843.my3gb.com/what-is-a-liquid-diet.html liquid diet &
http://kost5478.fusedtree.com/personal-saving-plan.html plan personal agency
http://greyy358.700megs.com/hair-cut-ideas-men.html blonde hair color ideas
http://vily7788.hostshield.com/a-red-alert-3.html red alert 3 at
http://lolo002.110mb.com/new-gaara.html gaara renders
http://roma0009.freewhost.com/language-reflects-culture.html language arts and culture
http://aura22.phreesite.com/india-birth-defects.html des birth defects
http://bulki843.my3gb.com/what-is-a-clear-liquid-diet.html liquid diet products
http://kost5478.fusedtree.com/a-personal-five-year-plan.html important to plan personal
http://greyy358.700megs.com/red-hair-color-ideas.html hair dye color ideas
http://vily7788.hostshield.com/red-alert-3-cover.html red alert system
http://lolo002.110mb.com/gaara-killing.html gaara bag
http://roma0009.freewhost.com/for-language--culture.html hawaiian language and culture
http://aura22.phreesite.com/national-birth-defect.html bizarre birth defects
http://bulki843.my3gb.com/liquid-diet-side.html a liquid diet and
http://kost5478.fusedtree.com/motors-personal-savings-plan.html personal vision plan
http://vily7788.hostshield.com/cheats-for-red-alert-2.html red alert playstation
http://lolo002.110mb.com/gaara-tutorial.html gaara
http://roma0009.freewhost.com/culture-language-laws.html spain language and culture
http://aura22.phreesite.com/birth-defect-pics.html odd birth defects


=='''Encryption'''==
=='''Encryption'''==
Line 212: Line 135:
* webspy : mirror all urls visited by a host in your local browser
* webspy : mirror all urls visited by a host in your local browser
* Wireshark 1.0.3 : replaces ethereal, the standard.
* Wireshark 1.0.3 : replaces ethereal, the standard.
=='''[[Searching_and_Seizing_Computers_and_Obtaining_Electronic_Evidence_Manual | Searching and Seizing Computers and Obtaining Electronic Evidence Manual]]'''==


=='''TCP Tools'''==
=='''TCP Tools'''==

Latest revision as of 12:30, 5 August 2011

Authentication

  • freeradius 0.9.3 : GPL RADIUS server

Encryption

  • 2c2 : multiple plaintext -> one ciphertext
  • 4c : as with 2c2 (think plausible deniability)
  • acfe : traditional cryptanalysis (like Vigenere)
  • cryptcat : netcat encryption
  • gifshuffle : stego tool for gif images
  • gpg 1.2.3 : GNU Privacy Guard
  • ike-scan : VPN fingerprinting
  • mp3stego : stego tool for mp3
  • openssl 0.9.7c
  • outguess : stego tool
  • stegbreak : brute-force stego'ed JPG
  • stegdetect : discover stego'ed JPG
  • sslwrap : SSL wrapper
  • stunnel : SSL wrapper
  • super-freeSWAN 1.99.8 : kernel IPSEC support
  • texto : make gpg ascii-armour look like weird English
  • xor-analyze : another "intro to crytanalysis" tool

Forensics


  • sleuthkit 1.66 : extensions to The Coroner's Toolkit forensic toolbox.
  • autopsy 1.75 : Web front-end to TASK. Evidence Locker defaults to /mnt/evidence
  • biew : binary viewer
  • bsed : binary stream editor
  • consh : logged shell (from F.I.R.E.)
  • coreography : analyze core files
  • dcfldd : US DoD Computer Forensics Lab version of dd
  • fenris : code debugging, tracing, decompiling, reverse engineering tool
  • fatback : Undelete FAT files
  • foremost : recover specific file types from disk images (like all JPG files)
  • ftimes : system baseline tool (be proactive)
  • galleta : recover Internet Explorer cookies
  • hashdig : dig through hash databases
  • hdb : java decompiler
  • mac-robber : TCT's graverobber written in C
  • md5deep : run md5 against multiple files/directories
  • memfetch : force a memory dump
  • pasco : browse IE index.dat
  • photorec : grab files from digital cameras
  • readdbx : convert Outlook Express .dbx files to mbox format
  • readoe : convert entire Outlook Express .directory to mbox format
  • rifiuti : browse Windows Recycle Bin INFO2 files
  • secure_delete : securely delete files, swap, memory....
  • testdisk : test and recover lost partitions
  • wipe : wipe a partition securely. good for prep'ing a partition for dd
  • and other typical system tools used for forensics (dd, lsof, strings, grep, etc.)

Firewall

  • blockall : script to block all inbound TCP (excepting localhost)
  • flushall : flush all firewall rules
  • firestarter : quick way to a firewall
  • firewalk : map a firewall's rulebase
  • floppyfw : turn a floppy into a firewall
  • fwlogwatch : monitor firewall logs
  • iptables 1.2.8
  • gtk-iptables : GUI front-end
  • shorewall 1.4.8-RC1 : iptables based package
  • nipper 0.12.0 : quickly document network device configuration (including cisco, juniper, checkpoint, sonicwall and more)

Honeypots

  • honeyd 0.7
  • labrea : tarpit (slow to a crawl) worms and port scanners
  • thp : tiny honeypot

IDS | IPS

  • SafetyNET Security Appliance and suite of products.
  • snort 2.1.0: network IDS
  • ACID : snort web frontend
  • barnyard : fast snort log processor
  • oinkmaster : keep your snort rules up to date
  • hogwash : access control based on snort sigs
  • bro : network IDS
  • prelude : network and host IDS
  • WIDZ : wireless IDS, ap and probe monitor
  • aide : host baseline tool, tripwire-esque
  • logsnorter : log monitor
  • swatch : monitor any file, oh like say syslog
  • sha1sum
  • md5sum
  • syslogd

Network Utilities

  • LinNeighboorhood : browse SMB networks like windows network neighborhood
  • argus : network auditor
  • arpwatch : keep track of the MACs on your wire
  • cdpr : cisco discovery protocol reporter
  • cheops : snmp, network discovery and monitor tool
  • etherape : network monitor and visualization tool
  • iperf : measure IP performance
  • ipsc : IP subnet calculator
  • iptraf : network monitor
  • mrtg : multi router traffic grapher
  • mtr : traceroute tool
  • ntop 2.1.0 : network top, protocol analyzer
  • rrdtool : round robin database
  • samba : opensource SMB support
  • tcptrack : track existing connections

Password Tools

  • john 1.6.34 : John the Ripper password cracker
  • allwords2 : CERIAS's 27MB English dictionary
  • chntpw : reset passwords on a Windows box (including Administrator)
  • cisilia : distributed password cracker
  • cmospwd : find local CMOS password
  • djohn : distributed John the Ripper
  • pwl9x : crack Win9x password files
  • rcrack : rainbow crack

Packet Sniffers

  • aimSniff : sniff AIM traffic
  • driftnet : sniffs for images
  • dsniff : sniffs for cleartext passwords (thanks Dug)
  • ethereal 0.10.0 : the standard. includes tethereal
  • ettercap 0.6.b : sniff on a switched network and more.
  • filesnarf : grab files out of NFS traffic
  • mailsnarf : sniff smtp/pop traffic
  • msgsnarf : sniff aol-im, msn, yahoo-im, irc, icq traffic
  • ngrep : network grep, a sniffer with grep filter capabilities
  • tcpdump : the core of it all
  • urlsnarf : log all urls visited on the wire
  • webspy : mirror all urls visited by a host in your local browser
  • Wireshark 1.0.3 : replaces ethereal, the standard.

Searching and Seizing Computers and Obtaining Electronic Evidence Manual

TCP Tools

  • arpfetch : fetch MAC
  • arping : ping by MAC
  • arpspoof : spoof arp
  • arpwatch : montior MAC addresses on the wire
  • despoof : detect spoofed packets via TTL measurement
  • excalibur : packet generator
  • file2cable : replay a packet capture
  • fragroute : packet fragmentation tool (thanks again Dug)
  • gspoof : packet generator
  • hopfake : spoof hopcount replies
  • hunt : tcp hijacker
  • ipmagic : packet generator
  • lcrzoex : suite of tcp tools
  • macof : flood a switch with MACs
  • packetto : Dan Kaminsky's suite of tools (includes 1.10 and 2.0pre3)
  • netsed : insert and replace strings in live traffic
  • packETH : packet generator
  • tcpkill : die tcp, die!
  • tcpreplay : replay packet captures

Tunnels

  • cryptcat : encrypted netcat
  • httptunnel : tunnel data over http
  • icmpshell : tunnel data over icmp
  • netcat : the incomparable tcp swiss army knife
  • shadyshell : tunnel data over udp
  • stegtunnel : hide data in TCP/IP headers
  • tcpstatflow : detect data tunnels
  • tiny shell : small encrypted shell

Vulnerability Assessment

  • ADM tools : like ADM-smb and ADMkillDNS
  • amap 4.5 : maps applications running on remote hosts
  • IRPAS : Internet Routing Protocol Attack Suite
  • chkrootkit 0.43 : look for rootkits
  • clamAV : virus scanner. update your signatures live with freshclam
  • curl : commandline utility for transferring anything with a URL
  • exodus : web application auditor
  • ffp : fuzzy fingerprinter for encrypted connections
  • firewalk : map a firewall rulebase
  • hydra : brute force tool
  • nbtscan : scan SMB networks
  • ncpquery : scan NetWare servers
  • nessus 2.0.9 : vulnerability scanner. update your plugins live with nessus-update-plugins
  • nikto : CGI scanner
  • nmap 3.48 : the standard in host/port enumeration
  • p0f : passive OS fingerprinter
  • proxychains: chain together multiple proxy servers
  • rpcinfo : hmmmm.... info from RPC?
  • screamingCobra : CGI scanner
  • siege : http testing and benchmarking utility
  • sil : tiny banner grabber
  • snot : replay snort rules back onto the wire. test your ids/incidence response/etc.
  • syslog_deluxe : spoof syslog messages
  • thcrut : THC's "r you there?" network mapper
  • vmap : maps application versions
  • warscan : exploit automation tool
  • xprobe2 : uses ICMP for fingerprinting
  • yaph : yet another proxy hunter
  • zz : zombie zapper kills DDoS zombies

Wireless Tools

  • airsnarf : rogue AP setup utility
  • airsnort : sniff, find, crack 802.11b
  • airtraf : 802.11b network performance analyzer
  • gpsdrive : use GPS and maps
  • kismet 3.0.1 : for 802.11 what else do you need?
  • kismet-log-viewer : manage your kismet logs
  • macchanger : change your MAC address
  • wellenreiter : 802.11b discovery and auditing
  • patched orinoco drivers : automatic (no scripts necessary)

Internet Information Resources

US-CERT Current Activity
The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

US-CERT Current Activity