Unix Blog !

May 15, 2006

Forensic Tools

Filed under: Uncategorized — sriram003 @ 3:43 pm

List of Forensic and Network Security Tools installed – Most of these
tools are not graphical.

  1. Sleuth Kit – Command Line Forensic Tools – www.sleuthkit.org

  2. utopsy – Part of Sleuth Kit
  3. foremost – Command line data carving tool. Config file in /foremost directory. Need external storage to run properly – foremost.sourceforge.net
  4. glimpse – Command line data indexing and searching tool. Need external storage to run properly – www.webglimpse.net
  5. wipe – Command line utility to securely wipe hard drives and files – wipe.sourceforge.net
  6. dcfldd – Enhanced DD imager with built in hashing. Works like dd from command line. For more info read the man page (man dcfldd).
  7. etherape – Visual network monitor – etherape.sourceforge.net/
  8. fenris – Multipurpose tracer - razor.bindview.com/tools/fenris/
  9. honeyd – Command line honypot program – www.citi.umich.edu/u/provos/honeyd/
  10. snort (Default Rules) – Command line network intrusion tool – www.snort.org
  11. dsniff – Command Line network auditing and penetration testing tools – www.monkey.org/~dugsong/dsniff/
  12. John The Ripper – Command Line Password Cracking tool – www.openwall.com/john/
  13. Nikto – Webserver scanner – www.cirt.net/code/nikto.shtml
  14. nbtscan – Command-line tool that scans for open NETBIOS nameservers – www.unixwiz.net/tools/nbtscan.html
  15. xprobe – Command line remote operating system fingerprinting tool – www.sys-security.com
  16. Ngrep – Command line Network grep Function – www.packetfactory.net/projects/ngrep/
  17. Nemesis – Command Line network packet injector – www.packetfactory.net/Projects/nemesis/
  18. fragroute – Command line network intrusion testing tool – monkey.org/~dugsong/fragroute/
  19. fping – Command line multiple host ping utility – www.fping.com
  20. TCPtraceroute – Command line traceroute TCP packages – michael.toren.net/code/tcptraceroute/
  21. tcpreplay – Command line utility that replays a tcp dump – tcpreplay.sourceforge.net
  22. Nessus – Graphical Security Scanner – www.nessus.org
  23. Ethereal – Graphical Network analyzer – www.ethereal.com
  24. Netcat – Command line tool to read and write over network – www.atstake.com/research/tools/network_utilities/
  25. tcpdump – Command line tool that dumps network traffic – www.tcpdump.org/
  26. hping2 – Command line packet assembler / analyzer – www.hping.org
  27. ettercap – Command line sniffer / interceptor / logger for Ethernet networks – ettercap.sourceforge.net
  28. openssh – Secure remote connection utility – www.openssh.com
  29. Kismet – Graphical wireless network sniffer – www.kismetwireless.net
  30. airsnort – Graphical wireless network intrusion tool – airsnort.shmoo.com
  31. GPG – Encryption utility – www.gnupg.org/
  32. OpenSSL – Secure remote connection utility – www.openssl.org/
  33. lsof – Command line utility that lists all open files – read man page (man lsof)
  34. hunt – Command line TCP / IP exploit scanner – lin.fsid.cvut.cz/~kra/index.html
  35. stunnel – SSL connection package – stunnel.mirt.net
  36. arpwatch – Command line Ethernet monitor – read man page (man arpwatch)
  37. dig – Command line tool for querying domain name servers – read man page (man dig)
  38. chkrootkit – Looks for signs of root kit – www.chkrootkit.org
  39. Nmap – Network exploration tool and Security Scanner.
  40. Dsniff – Password Sniffer.
  41. Tripwire – Tripwire creates a signature database of the files on a system, and when run in compare mode, will alert system administrators to changes in the file system.

Credits to this guys

No Comments Yet »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Blog at WordPress.com.