User Tools

Site Tools


atrc_website:scada_security_tools

Security Frameworks & Distributions

Backtrack

BackTrack 5

BlackArch Linux 2015.04.08 (released April 8, 2015)

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1217 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. For more information, click here to access the project page with instructions and various download options. This is a relative new distribution, and is recently very active. This could be a good addition to you toolkit in addition to the “staple” Kali Linux.

Digital Evidence & Forensic Toolkit

DEFT 8.2 (released August 10, 2014)

DEFT (acronym of “Digital Evidence & Forensic Toolkit) is a customized distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics.

Helix

Helix3 2009R1

Helix is a customized distribution of the Knoppix Live Linux CD. Helix is more than just a bootable live CD. You can still boot into a customized Linux environment that includes customized linux kernels, excellent hardware detection and many applications dedicated to Incident Response and Forensics.

Note that Helix is offered by e-Fense and is part of a suite for commercial products. They still offer the free version.

Kali Linux

Kali Linux Rolling (2016.1) (released January 16, 2016)

Network Security Toolkit

Network Security Toolkit (NST) 20-6535 (released February 9, 2015)

This is a bootable live CD/DVD based on Fedora 20 (kernel 3.18.5-101.fc20) containing a comprehensive site of open source network security tools.

OpenVAS

OpenVAS-4 (released March 17 2011)

OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. It is available in several formats:

Virtual Appliance - Community Edition compatible with VirtualBox 3.x and VMware

Ophcrack

Ophcrack 3.6.0 (released June 5, 2013)

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. It is available as either a LiveCD or an installable file.

Pentoo

Pentoo 2015.0 RC3.7 3.6.0 (released January 4, 2015)

Pentoo is a penetration testing LiveCD distribution based on Gentoo. It features a set of tools for auditing and testing a network, from scanning and discovering to exploiting vulnerabilities (yes, it too includes the metasploit framework!).

SamuraiSTFU (Control Things)

SamuraiSTFU 1.8 (released May 14, 2015)

For years, penetration testing distributions like BackTrack and SamuraiWTF have been available to help perform penetration testing in most IT environments. These distributions however have been generic in nature to enable their use in a wide variety of different environments. One environment where these distributions have failed to meet the needs of their users is on SCADA and Smart Grid systems. The folks at UtilSec are fixing this problem. Taking their experience running SamuraiWTF over the last four years, UtiliSec, a leading provider of security consulting services in the energy sector, has created an open source linux distribution specifically for Electric Utility security teams. SamuraiSTFU takes the best in bread security tools for traditional network and web penetration testing, adds specialized tools for embedded and RF testing, and mixes in a healthy dose of energy sector context, documentation, and sample files. It also includes emulators for SCADA, Smart Meters, and other types of energy sector systems to provide leverage a full test lab. So whether you work for an electric utility or are interested in gaining sufficient experience to start doing security work in these environments, this distribution is something that should be evaluated.

Secmic

Secmic 4.04 (released November 18, 2010)

Security Onion

Security Onion 12.04 (updated February 28, 2014)

Network Security Monitoring (NSM) is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an adversary or trying to keep malware at bay, NSM provides context, intelligence and situational awareness of your network. There are some commercial solutions that get close to what Security Onion provides, but very few contain the vast capabilities of Security Onion in one package.

Security Onion seamlessly weaves together three core functions: full packet capture, network-based and host-based intrusion detection intrusion detection systems (NIDS and HIDS, respectively), and powerful analysis tools. Doug Burks has done an amazing job with this security distribution!

Since this tool requires some level of configuration, it needs to be installed on either a physical or virtual host. The DVD iso image provides a complete build environment, including the underlying Xubuntu operating system, or there are scripts available for installing Security Onion on top of a particular version of Linux.

Other Online Resources

There are many other distributions, both active and inactive, that may contains valuable tools and techniques not listed here.

The list below contains sites which have been identified that list additional security options for consideration.

Security Enhanced (SE) Linux Distributions - Linux.com

Security Distributions - SecurityDistro.com

Industrial Protocol Fuzzers

Commercial

Codemicon Defensics

Wurldtech Achilles

Open-Source

Automatak Aegis

Standalone Security Applications

Cain & Abel Password Cracking Application for Windows

Dsniff Network Auditing Suite

Hping3 Network Probing Tool

John the Ripper Password Cracking Application

Metasploit Framework Security Testing Framework (see Documentation below)

Nessus Vulnerability Accessment Tool

Network Miner Network Forensic Analysis Tool (NFAT) for Windows

Netcat / Cryptcat The Network “Swiss Army Knife”

Ophcrack Password Cracking Application for Windows based on Rainbow Tables

PuTTY Secure Shell Client

Snort Intrusion Detection System

Splunk Security Event Monitoring (SEM) System

THC Hydra Network Authentication (SSH) Cracking Application

WCE Windows Credential Editor

Wireshark Network Sniffer and Packet Analyzer

WhosThere Tool to List Logon Sessions with NTLM Credentials on Windows Domains

winAUTOPWN Auto hacking shell gaining tool

Android and Tablet Security Applications

Anti Android Network Toolkit

Backtrack5 with Metasploit on Android Documentation

Metasploit Framework User Guide

Meterpreter Guide

Websites

Pentestmonkey Cheat Sheets (reverse shell, ssh, jtr, sql injection)

Top 100 Network Security Tools (sectools.org)

Tools Watch

Supplemental Tools

How to build a mulitiple-boot USB Drive from ISO images

Using UNetbootin to create a persistent Linux USB

atrc_website/scada_security_tools.txt · Last modified: 2022/07/20 18:42 by wikiadmin