Re: Tool kit assembly

[Jonathan Rickman <jonathan () xcorps net>]

On Wed, 25 Jul 2001, Nicolas Gregoire wrote:

> > And here begins my request... I was wondering if anyone on this list could
> > give me recommendations of programs or websites that would be useful for
> > someone (such as myself) who is creating a 'tool kit'.  With the wide array
> > of programs available, I'd like to avoid getting programs that are not up to
> > par.  commercial or non-commercial is fine.
>
> Try Trinux (http://www.trinux.org/).
> It's a linux distribution with a LOT of pen-tests tools already inside.
>
> Here is a part of the complete liste available at
> http://trinux.sourceforge.net/tools.html :
> curl, dsniff, ethereal, firewalk, fragrouter, hping, hunt, isic, nasl
> (from Nessus), nemesis, nmap, ngrep, nstreams, openssh, openssl, p0f,
> rain, sendip, sing, sniffit, snort, tcpdump, vomit, zodiac, .....

The neat thing about Trinux is, for an "in house" audit...you can often use the
client's hardware and your Trinux floppies to do some neat distributed stuff
from your machine. I keep a set of Trinux floppies in my laptop case with a set
of modules for most common hardware setups. You can load Trinux on a workstation
in every segment and start thrashing.

-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/