Free auditor security collection software for linux

The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset.
Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute-forcing, cracking).
By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries.
Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM.
Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards.
Enhancements:
New & Updated tools:
- proxychains 1-8-1 (for example scanning over proxy more easy)
- yersinia-0.5.4
- kismet-logfile-viewer klv.pl and klc.pl
- ntp fingerprinting tool
- tftp bruteforce tool
- snmp fuzzer
- cisco torch 0.4b
- unicornscan 0.4.2
- packit
- sendip
- nasl 2.2.4
- tcpick
- cryptcat
- amap version 4.8
- tcpsplit
- Ethereal version 10.11
- ettercap-ng-0.72 and modified the etter.conf
- replaced tinysnmp with snmp tools
- vnc2swf /usr/X11R6/bin/recordwin and vnc2swf
- edit_vnc2swf.py
- edit_mp3.py
- wpa-supplicatiant 0.3.8
- hostapd-utils 0.3.7
- ssldump
- fragrouter
- Metasploit 2.4 including all known updates
- airsnarf, but no menu at moment
- fakeap to /opt/auditor but no menu entry at moment, need to write a shell script
- dsniff 2.4b1-10
- nessus plugins updated
- exploit tree updated
- Snort 2.3.2-5
- Bleeding-edge rules for snort
- New aircrack
- New airsnort
- Bet i forgot some to mention.
New & updated drivers:
- rt2400 linux drivers and utils (untested)
- rtl8180 driver (8180_26_private.ko and open8180.ko and /usr/local/bin/wlanup and /usr/local/bin/wlandown) (Untested)
- hostap drivers 0.3.7
- ipw2100 & ipw2200 incl firmware, incl monitor mode
- Prism54 with injection patch
- Linux-wlan-ng with injection patch
- Madwifi with injection patch
- ACX drivers are back on cd
Addons:
- Default password list has been updated
- Added some changes to the network stack using /etc/sysctl.conf, which will be called from knoppix-autoconfig script
- New background image
Some fixes i remember:
- Kernel completely rebuilded to provide full functionality
- Isolinux now accepts bootparameters again
- USB drivers are back to /dev/sda and booting from stick works fine
- grub files have been fixed
- fixed hostname /etc/hosts
- /cdrom/index.html pointed to the old forum fixed that
- Added cardctl eject, cardctl insert into switch-to-XY scripts
- Fixed the homebutton of the konquerror when clicked first time
- Fixed the menuentry for nessus

Audio collection script is a script which can help you manage collections of audio files. For example, I have a directory with all my audio files in it, sorted by band/album. I also have an audio collections directory. Within that directory I have a few list files which contain patterns for songs that should be part of that collection. The script generates or updates a subdirectory for each list file present and creates links within those directories to all music files from my main audio directory that match the patterns in the list file.

An example:

Your music files are in /audio
Your collections are in /audio-collections
The file /audio-collections/funny.list has the following lines:

/audio-collections/funny/
#the next line matches all songs within a tripod directory
tripod/
monty*python
kevin*bloody*wilson
bill*clinton*miss*lewinsky*and*i

When run, it will process each .list file in the current directory. So for this example, when run from /audio-collections, it will create or clean out the directory /audio-collections/funny and create links inside it for any files found within /audio which match the specified patterns.

The first line in each list file specifies the directory to create and use for the links. The patterns in the file will match on the full path of a song.

Note: I am pretty sure it would not be a good path to put your collections inside your main audio directory.

Ubuntu Security Notice Monitor is a karamba theme that displays the ten most recent USN report titles in a desktop widget.

Ubuntu Security Notice Monitor works by parsing the link text out of the USN page at http://www.ubuntulinux.org/usn using a Python backend.

Thanks goes to Richard "Ricardo" Szlachta for the graphics work.

JavaDoc Taglets Collection is set of general purpose taglets for use with the JavaDoc tool. It provides a standard set of new tags, and allows you to create new ones by configuration or using simple Java interfaces. The project has been tested with J2SE 1.4 and 1.5 and JavaSE 1.6.
Enhancements:
- First public release of the Taglets Collection.
- Completed documentation for release 2.
- Added demos to userguide and distribution.
- Added to do list and known bugs information.

Luke Macken Security LiveCD provides a fully functional livecd based on Fedora for use in security auditing, forensics research, and penetration testing.
Main features:
- All of the security features and tools Fedora has to offer
- Features from the FedoraLiveCD
- Ability to install directly to hard drive
Spinning your own
# yum install mercurial livecd-tools
$ hg clone http://hg.lewk.org/security-livecd
# livecd-creator --config security-livecd/fedora-security-livecd.ks --fslabel=Fedora-7-Security-LiveCD
Making changes to the LiveCD is as simple as modifying the fedora-security-livecd.ks configuration file.

Network Security Analysis Tool is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine, and much more.

A manpage providing extensive information on NSAT has been included in the distribution. It is available after a make install, or just by typing man doc/nsat.8 from this dir. It is suggested that you inform yourself at least about the -v (scan verbosity) option and edit the configuration file. To learn about changes in this version, please consult doc/CHANGES.

New to this version is support for distributed scanning. The manpage describes how to do a distributed scan. Note that distributed scanning in this version is just a preliminary, proof-of-concept, implementation with no guarantees for its security, reliability, or performance.

Check for updated vulnerability lists, config files, etc. from
http://nsat.sourceforge.net

Currently, these are lists of vulnerabilities:

nsat.cgi (CGI scripts)
nsat.conf (configuration)
src/mod/snmp.h (SNMP community names)

The Network Security Monitor Daemon is a lightweight network security monitor for TCP/IP LANs. It will capture certain network events and record them in a relational database. The recorded data is available for analysis through a CGI-based interface.
You can run test version with ./Monitord, just to see how it works. Production version should be run in background, v.g. with nohup ./monitord &. Both versions will accept a device name as a parameter (default: eth0). You can send them SIGHUP at any time to print some stats. If you send SIGTERM, SIGQUIT or SIGINT, all threads will end gracefully.
Enhancements:
- Linux Kernel with "packet sockets" and "socket filtering" support.
- GNU C Library 2 (glibc2) with LinuxThreads support. (integrated in most recent versions).
- Full MySQL, including headers and libmysqlclient_r.
- GNU C Compiler (gcc).
- GNU Make (make).
- Perl (perl).
- Wget (wget).
Enhancements:
- Added chmod 4755 ... in Makefile
- Root should run make now, but not the daemon ;-)
- The daemon will drop root privileges as soon as possible
- (after creating the raw socket with an attached linux socket
- filter and putting the interface in promiscuous mode)
- No threads run with root privileges so its much safer
- (specially the new server thread which reads remote user input)
- Added stats thread
- To calculate/mantain exponential averages
- Added server thread
- It accepts HTTP requests and serves stats in XML

UDF collection for MySQL project contains utility UDFs that are supposed to be built and loaded as shared objects.
Its available functions are HUMANAGE() (which returns the age in years relative to a custom date or NOW()), URLENCODE() and URLDECODE().
Installation:
The simplest way to compile this package is:
1. `cd to the directory containing the packages source code and type `./configure to configure the package for your system. If youre using `csh on an old version of System V, you might need to type `sh ./configure instead to prevent `csh from trying to execute `configure itself.
Running `configure takes awhile. While running, it prints some messages telling which features it is checking for.
2. Type `make to compile the package.
3. Optionally, type `make check to run any self-tests that come with the package.
4. Type `make install to install the programs and any data files and documentation.
5. You can remove the program binaries and object files from the source code directory by typing `make clean. To also remove the files that `configure created (so you can compile the package for a different kind of computer), type `make distclean. There is also a `make maintainer-clean target, but that is intended mainly for the packages developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution.
Enhancements:
- A bug in HUMANAGE() regarding a last adjustment of mon/mday in sll2tm() was fixed.
- A bug in HUMANAGE() in which day() just looped over the first year was fixed.