What STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. It's a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to put as many security tools at your disposal with as slick an interface as it can. Who STD is meant to be used by both novice and professional security personnel but is not ideal for the Linux uninitiated. STD assumes you know the basics of Linux as most of your work will be done from the command line. If you are completely new to Linux, it's best you start with another live Distro like Knoppix to practice the basics (see faq). STD is designed to assist network administrators and professionals alike secure their networks. The STD community is extremely active. Come and join us their forum here Tools are grouped as follows Authentication /usr/bin/auth/ freeradius 0.9.3 : GPL RADIUS server Encryption /usr/bin/crypto/ 2c2 : multiple plaintext -> one ciphertext 4c : as with 2c2 (think plausible deniability) acfe : traditional cryptanalysis (like Vigenere) cryptcat : netcat + encryption gifshuffle : stego tool for gif images gpg 1.2.3 : GNU Privacy Guard ike-scan : VPN fingerprinting mp3stego : stego tool for mp3 openssl 0.9.7c outguess : stego tool stegbreak : brute-force stego'ed JPG stegdetect : discover stego'ed JPG sslwrap : SSL wrapper stunnel : SSL wrapper super-freeSWAN 1.99.8 : kernel IPSEC support texto : make gpg ascii-armour look like weird English xor-analyze : another "intro to crytanalysis" tool Forensics /usr/bin/forensics/ sleuthkit 1.66 : extensions to The Coroner's Toolkit forensic toolbox. autopsy 1.75 : Web front-end to TASK. Evidence Locker defaults to /mnt/evidence biew : binary viewer bsed : binary stream editor consh : logged shell (from F.I.R.E.) coreography : analyze core files dcfldd : US DoD Computer Forensics Lab version of dd fenris : code debugging, tracing, decompiling, reverse engineering tool fatback : Undelete FAT files foremost : recover specific file types from disk images (like all JPG files) ftimes : system baseline tool (be proactive) galleta : recover Internet Explorer cookies hashdig : dig through hash databases hdb : java decompiler mac-robber : TCT's graverobber written in C md5deep : run md5 against multiple files/directories memfetch : force a memory dump pasco : browse IE index.dat photorec : grab files from digital cameras readdbx : convert Outlook Express .dbx files to mbox format readoe : convert entire Outlook Express .directory to mbox format rifiuti : browse Windows Recycle Bin INFO2 files secure_delete : securely delete files, swap, memory.... testdisk : test and recover lost partitions wipe : wipe a partition securely. good for prep'ing a partition for dd and other typical system tools used for forensics (dd, lsof, strings, grep, etc.) Firewall /usr/bin/fw/ blockall : script to block all inbound TCP (excepting localhost) flushall : flush all firewall rules firestarter : quick way to a firewall firewalk : map a firewall's rulebase floppyfw : turn a floppy into a firewall fwlogwatch : monitor firewall logs iptables 1.2.8 gtk-iptables : GUI front-end shorewall 1.4.8-RC1 : iptables based package Honeypots /usr/bin/honeypot/ honeyd 0.7 labrea : tarpit (slow to a crawl) worms and port scanners thp : tiny honeypot IDS /usr/bin/ids/ snort 2.1.0: everyone's favorite networks IDS ACID : snort web frontend barnyard : fast snort log processor oinkmaster : keep your snort rules up to date hogwash : access control based on snort sigs bro : network IDS prelude : network and host IDS WIDZ : wireless IDS, ap and probe monitor aide : host baseline tool, tripwire-esque logsnorter : log monitor swatch : monitor any file, oh like say syslog sha1sum md5sum syslogd Network Utilities /usr/bin/net-utils/ LinNeighboorhood : browse SMB networks like windows network neighborhood argus : network auditor arpwatch : keep track of the MACs on your wire cdpr : cisco discovery protocol reporter cheops : snmp, network discovery and monitor tool etherape : network monitor and visualization tool iperf : measure IP performance ipsc : IP subnet calculator iptraf : network monitor mrtg : multi router traffic grapher mtr : traceroute tool ntop 2.1.0 : network top, protocol analyzer rrdtool : round robin database samba : opensource SMB support tcptrack : track existing connections Password Tools /usr/bin/pwd-tools/ john 1.6.34 : John the Ripper password cracker allwords2 : CERIAS's 27MB English dictionary chntpw : reset passwords on a Windows box (including Administrator) cisilia : distributed password cracker cmospwd : find local CMOS password djohn : distributed John the Ripper pwl9x : crack Win9x password files rcrack : rainbow crack Servers /usr/bin/servers apache ircd-hybrid samba smail sshd vnc net-snmp tftpd xinetd Packet Sniffers /usr/bin/sniff/ aimSniff : sniff AIM traffic driftnet : sniffs for images dsniff : sniffs for cleartext passwords (thanks Dug) ethereal 0.10.0 : the standard. includes tethereal ettercap 0.6.b : sniff on a switched network and more. filesnarf : grab files out of NFS traffic mailsnarf : sniff smtp/pop traffic msgsnarf : sniff aol-im, msn, yahoo-im, irc, icq traffic ngrep : network grep, a sniffer with grep filter capabilities tcpdump : the core of it all urlsnarf : log all urls visited on the wire webspy : mirror all urls visited by a host in your local browser TCP Tools /usr/bin/tcp-tools/ arpfetch : fetch MAC arping : ping by MAC arpspoof : spoof arp arpwatch : montior MAC addresses on the wire despoof : detect spoofed packets via TTL measurement excalibur : packet generator file2cable : replay a packet capture fragroute : packet fragmentation tool (thanks again Dug) gspoof : packet generator hopfake : spoof hopcount replies hunt : tcp hijacker ipmagic : packet generator lcrzoex : suite of tcp tools macof : flood a switch with MACs packetto : Dan Kaminsky's suite of tools (includes 1.10 and 2.0pre3) netsed : insert and replace strings in live traffic packETH : packet generator tcpkill : die tcp, die! tcpreplay : replay packet captures Tunnels /usr/bin/tunnels/ cryptcat : encrypted netcat httptunnel : tunnel data over http icmpshell : tunnel data over icmp netcat : the incomparable tcp swiss army knife shadyshell : tunnel data over udp stegtunnel : hide data in TCP/IP headers tcpstatflow : detect data tunnels tiny shell : small encrypted shell Vulnerability Assessment /usr/bin/vuln-test/Way too many to list them all. There's much from THC, ADM, RFP, NMRC, TESO, Phenoelit. Be very careful with these tools. Remember, no guarantees are offered and you are entirely responsible for your own actions. ADM tools : like ADM-smb and ADMkillDNS amap 4.5 : maps applications running on remote hosts IRPAS : Internet Routing Protocol Attack Suite chkrootkit 0.43 : look for rootkits clamAV : virus scanner. update your signatures live with freshclam curl : commandline utility for transferring anything with a URL exodus : web application auditor ffp : fuzzy fingerprinter for encrypted connections firewalk : map a firewall rulebase hydra : brute force tool nbtscan : scan SMB networks ncpquery : scan NetWare servers nessus 2.0.9 : vulnerability scanner. update your plugins live with nessus-update-plugins nikto : CGI scanner nmap 3.48 : the standard in host/port enumeration p0f : passive OS fingerprinter proxychains: chain together multiple proxy servers rpcinfo : hmmmm.... info from RPC? screamingCobra : CGI scanner siege : http testing and benchmarking utility sil : tiny banner grabber snot : replay snort rules back onto the wire. test your ids/incidence response/etc. syslog_deluxe : spoof syslog messages thcrut : THC's "r you there?" network mapper vmap : maps application versions warscan : exploit automation tool xprobe2 : uses ICMP for fingerprinting yaph : yet another proxy hunter zz : zombie zapper kills DDoS zombies Wireless Tools /usr/bin/wireless/ airsnarf : rogue AP setup utility airsnort : sniff, find, crack 802.11b airtraf : 802.11b network performance analyzer gpsdrive : use GPS and maps kismet 3.0.1 : for 802.11 what else do you need? kismet-log-viewer : manage your kismet logs macchanger : change your MAC address wellenreiter : 802.11b discovery and auditing patched orinoco drivers : automatic (no scripts necessary) MD5: de03204ea5777d0e5fd6eb97b43034cbDownload: http://s-t-d.org/download.html
