Upload
inmobi-technology
View
256
Download
0
Tags:
Embed Size (px)
Citation preview
Open Source Linux Penetration
Testing and Forensic Distribution
Narayanan SubramaniamInformation Security Consultant
“ GNU is My Religion, Linux is My God, Security is my Passion”
Mentored by Prajwal, Manu
Narayanan Subramaniam
• Started Working on Linux as a hobby from 1996 onwards.• Linux & Open Source Enthusiast• Information Security Enthusiast • Free Software Advocacy • New Member of matriux devel team • FSUG and ILUG Member • Certifications : CISA, CISM, CEH , ECSA
• Email: [email protected]• Twitter: @narayanandots• Website : www.matriux.com
#initial releases:
• Matriux alpha (slax) – early 2008
• Matriux Lithium (Ubuntu KDE) – 2009/11
• Matriux Xenon (Ubuntu Gnome) – 2010/11
• Matriux Krypton (Debian) – 2011/08
• Matriux Krypton v1.2 (Debian) – 2012/02
• Matriux Ec-Centric (Debian) – 2012/08
• Matriux Leandros(Debian ) – 2013/10
• Matriux Blue(Debian ) – 2014/10 (Latest)
• Penetration Testers
• Digital Forensic Investigators
• Auditors
• System and Network Administrators
• Exploit Developers
• Security enthusiasts
• Casual Linux users??
• 330+ open source penetration testing, forensic and security tools
• Custom Kernel 3.2.0.4-amd64
• Very own custom installation tool – MID (Matriux Installation Disk)
• Latest tools – until last updated (2014.09.19)
• Smart phone penetration testing applications.
• Forensics not neglected – given equal importance.
• Build update tool – MUT (Matriux update tool)
• Applications from team Matriux
• USB persistent
• New Tools: lynis, vfeed, masscan, t50, vega scanner, ZAP proxy, Blind Elephant, gggooglescan, THC-IPv6, bing sqliscanner, subterfuge, pyflag
• New section in arsenal - PCI-DSS
• Build Architecture – X32 and X64 Builds
• Security tools logically organized based on work-flow into
#matriux :
• Reconnaissance
• Scanning
• Gain Access
• Exploit Frameworks
• Wireless
• Services
• #Reconnaissance :
• DNS
• HTTrack
• Dradis Framework
• etherape
• Magic Tree
• quickrecon
• peepdf
• tcptracers
• wireshark
• #Scanning:
• Web Servers
• Routing
• CISCO
• Batmand
• Batctl
• Angry IP scanner
• Cryptcat
• Ettercap console
• Ettercap GUI …etc.
• #Gain Access:
• THC-IPV6
• SQL
• Password• Brutessh
• Crunch
• Ophcrack
• John
• Sucrack
• Gcrack
• Etemenanki
• Vncpwdump
• Iisbruteforecer
• Medusa
• rarcrack
• #Exploit Frameworks:
• Inguma
• Metasploit
• Burp Suite
• Maltego
• wsfuzzer
• Webscarab lite
• HTTP Request Exploit Framework
• OWASP Mantra
• #Wireless:
• Bluetooth
• Kismet
• Reaver
• VOIP• SIP
• Aircrack-ng Suite
• Fern wifi cracker
• Gerix wifi cracker
• GrimWEPA
• WepBuster
• WEPlab
• pyrit
• Wifi radar
• #Services#
• Wicd
• Apache
• Batmand
• Bluemon
• Bluetooth
• Mysql
• Ssh
• Public release - in couple of weeks.
• Package repository – in a couple of weeks. (WIP)
• MSTF – Matriux Security Testing Framework. (WIP)
• DVM – Damn Vulnerable Matriux. (WIP)
Linuxfreedom is the major mirror where matriux is hosted.
The kind of support we are looking for
• Wiki mod
• Graphics
• Documentation Expert
• Release Testing
Efforts Required here is mainly Interest + Passion
• Official Home Page : http://www.matriux.com
• Matriux Leandros –OS VM : http://sourceforge.net/projects/matriux-vm/
• Matriux Blue – Latest Version : http://sourceforge.net/projects/matriux/
• Website: http://www.matriux.com/
• Twitter: https://twitter.com/matriuxtig3r
• Information Security Research Association: http://www.is-ra.org/
Narayanan Subramaniam
• Email: [email protected]
• Twitter: @narayanandots
• Website: http://www.matriux.com/
• irc: freenode.net/ #matriux
Thanks to Manu ji, Prajwal and the entire matriux team helping me!