On Wed, 25 Jul 2001, Nicolas Gregoire wrote: > > > And here begins my request... I was wondering if anyone on this list could > > give me recommendations of programs or websites that would be useful for > > someone (such as myself) who is creating a 'tool kit'. With the wide array > > of programs available, I'd like to avoid getting programs that are not up to > > par. commercial or non-commercial is fine. > > Try Trinux (http://www.trinux.org/). > It's a linux distribution with a LOT of pen-tests tools already inside. > > Here is a part of the complete liste available at > http://trinux.sourceforge.net/tools.html : > curl, dsniff, ethereal, firewalk, fragrouter, hping, hunt, isic, nasl > (from Nessus), nemesis, nmap, ngrep, nstreams, openssh, openssl, p0f, > rain, sendip, sing, sniffit, snort, tcpdump, vomit, zodiac, ..... The neat thing about Trinux is, for an "in house" audit...you can often use the client's hardware and your Trinux floppies to do some neat distributed stuff from your machine. I keep a set of Trinux floppies in my laptop case with a set of modules for most common hardware setups. You can load Trinux on a workstation in every segment and start thrashing. -- Jonathan Rickman X Corps Security http://www.xcorps.net ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Thu Jul 26 2001 - 09:11:22 PDT