Re: Exploit Archive

["George Lantz" <glantz () mostlymemories com>]

> Also, from the more practical tools stand
> point, do you guys just have everything loaded on one "attack" laptop.

> Dual boot, or VmWare?

PHLAK is my favorite it has lots of great features. It is a Knoppix core
with a whole bunch of tools added (and some redundant stuff taken out)
Give this a try, not really an exploit archive, but since everyone is
giving their favorite live-cds, I thought I would share mine.


www.phlak.org Professional Hackers Linux Assault Kit



What security tools does PHLAK have? 
Debian Packages:
aide, airsnort, amap, argus-client, argus-server, arpd, arping,
arpwatch, autopsy, bfbtester, biew, bing, cabextract, cflow, cheops,
chkrootkit, chntpw, cracklib2, cryptcat, darkstat, dlint, dnswalk,
driftnet, dsniff, echoping, etherape, ethereal, ethereal-commo,
ethereal-dev, ettercap-commo, ettercap-gtk, farpd, fenris, flawfinder,
fping, fragroute, fragrouter, freeswan, ftp-ssl, gdb, gnupg, gtkrecover,
hammerhead, hping2, httptunnel, httpush, hunt, icmpinfo, icmpush,
idswakeup, ipchains, iproute, iptraf, iputils-ping, irpas, isic, john,
kismet, l2tpd, lde, libcrypt-blowf, libcrypt-cbc-p, libcrypt-ciphe,
libcrypt-crack, libcrypt-gpg-p, libcrypt-hcesh, libcrypt-passw,
libcrypt-rijnd, libcrypt-smbha, libcrypt-sslea, libcrypt-unixc,
libcrypto++-de, libcrypto++-ut, libcrypto++5, lsof, ltrace, macchanger,
mtr, nasm, nast, nbtscan, nemesis, nessus, nessus-plugins, nessusd,
netsed, ngrep, nikto, nmap, nmapfe, nstreams, ntop, openssl, p0f,
packit, paketto, partimage, pnscan, pptpd, rarpd, recover, scanssh,
scli, secpanel, sendip, sing, sleuthkit, smb-nat, socat, spikeprox,
splint, ssh, ssh-askpass-gn, ssldump, strace, stunnel, stunnel4, sudo,
tcpdump, tcpflow, tcpreplay, tcpslice, tcptrace, tethereal, transproxy,
tsocks, valgrind, wipe

Hand-compiled Packages
01-sdi-brutus-eng.pl, ADM-SAMBA-CLIENT, ADMsnmp, SPIKE, WAP_Assessment,
babelweb, cmospwd, dcetest, dcfldd, dd_rescue, ddb-sfe, di,
domainobsencontroll, fatback, ffp, grenzgaenger, hackbot, hellkit,
hjksuite, hydra, ipsorc, isnprober, itunnel, lcrzeox, lj, login_hacker,
mac-robber, manipulate_data, md5deep, memfetch, netcat(compiled
statically with Big-Gaping Security Hole), numby, obiwan, objobf,
ol2mbox, onesixtyone, pandora-linux, photorec, pwl9x, rda, redir,
reverb, revinetd, samba-tng, sara, screamingCobra, secure_delete,
sharefuzz, shiva, slogdump, snapscreenshot, tarballz, tct, thcrut, tnef,
vmap, walker, wardrive, whisker, zylyx

Windows Packages (using wine)
achillies, AINTX, brutus, THC-CUPASS, ispy, nbtdump, photorec, md5deep,
pdd


Thanks,
George Lantz



------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. All of our class sizes are
guaranteed to be 12 students or less to facilitate one-on-one interaction
with one of our expert instructors. Check out our Advanced Hacking course,
learn to write exploits and attack security infrastructure. Attend a course
taught by an expert instructor with years of in-the-field pen testing
experience in our state of the art hacking lab. Master the skills of an
Ethical Hacker to better assess the security of your organization.

http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------