Thursday, April 28, 2011

Infondlinux: Install Useful Security Tools & Firefox Addons for hackers

Infondlinux is a script that installs most of the hacking tools, that we use during penetration tests and capture the flag tournaments. It is a post configuration script for Ubuntu Linux. We can also install it on other *nix system but not all of the below mentioned tools may work depending on environment. It has been actively tested on Ubuntu 10.10.

It installs useful security tools and Firefox addons. Tools installed by script are listed at the beginning of source code, which we can edit as per our requirement.

List of security tools included:
Debian packages:
  • imagemagick
  • vim
  • less
  • gimp
  • build-essential
  • wipe
  • xchat
  • pidgin
  • vlc
  • nautilus-open-terminal
  • nmap
  • zenmap
  • sun-java6-plugin et jre et jdk
  • bluefish
  • flash-plugin-nonfree
  • aircrack-ng
  • wireshark
  • ruby
  • ascii
  • webhttrack
  • socat
  • nasm
  • w3af
  • subversion
  • mercurial
  • libopenssl-ruby
  • ruby-gnome2
  • traceroute
  • filezilla
  • gnupg
  • rubygems
  • php5
  • libapache2-mod-php5
  • mysql-server
  • php5-mysql
  • phpmyadmin
  • extract
  • p0f
  • spikeproxy
  • ettercap
  • dsniff :
    • arpspoof Send out unrequested (and possibly forged) arp replies.
    • dnsspoof forge replies to arbitrary DNS address / pointer queries on the Local Area Network.
    • dsniff password sniffer for several protocols.
    • filesnarf saves selected files sniffed from NFS traffic.
    • macof flood the local network with random MAC addresses.
    • mailsnarf sniffs mail on the LAN and stores it in mbox format.
    • msgsnarf record selected messages from different Instant Messengers.
    • sshmitm SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
    • sshow SSH traffic analyser.
    • tcpkill kills specified in-progress TCP connections.
    • tcpnice slow down specified TCP connections via “active” traffic shaping.
    • urlsnarf output selected URLs sniffed from HTTP traffic in CLF.
    • webmitm HTTP / HTTPS monkey-in-the-middle. transparently proxies.
    • webspy sends URLs sniffed from a client to your local browser
  • unrar
  • torsocks
  • secure-delete
  • nautilus-gksu
  • sqlmap
Third party packages:
  • tor
  • tor-geoipdb
  • virtualbox 4.0
  • google-chrome-stable
Manually downloaded software’s and versions:
  • DirBuster (1.0RC1)
  • truecrypt (7.0a)
  • metasploit framework (3.6)
  • webscarab (latest)
  • burp suite (1.3.03)
  • parosproxy (3.2.13)
  • jmeter (2.4)
  • rips (0.35)
  • origami-pdf (latest)
  • pdfid.py (0.0.11)
  • pdf-parser.pym (0.3.7)
  • fierce (latest)
  • wifite (latest)
  • pyloris (3.2)
  • skipfish (1.86 beta)
  • hydra (6.2)
  • Maltego (3.0)
  • SET
Author made scripts:
  • hextoasm
  • md5crack.py (written by Corbiero)
  • chartoascii.py
  • asciitochar.py
  • rsa.py
  • Firefox extensions:
  • livehttpheaders
  • firebug
  • tamperdata
  • noscript
  • flashblock
  • flashgot
  • foxyproxy
  • certificatepatrol
  • chickenfoot 1.0.7
Pretty good list of applications we must say.
How to install/download

# download:
$ wget http://infondlinux.googlecode.com/svn/trunk/infondlinux.sh
# install:
$ sudo infondlinux.sh

enjoy it :)



No comments:

Post a Comment