[TOOL] PHLAK - Security Targeted Linux Distribution

From: SecuriTeam (support_at_securiteam.com)
Date: 10/08/03

  • Next message: SecuriTeam: "[NEWS] JBoss Remote Command Injection" 
    To: list@securiteam.com
Date: 8 Oct 2003 17:58:49 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      PHLAK - Security Targeted Linux Distribution
    ------------------------------------------------------------------------

    DETAILS

     <http://www.phlak.org/> PHLAK is "a modular security distribution, geared
    to be used as a live CD. PHLAK was created to become the only tool
    security professionals would need to perform security analysis,
    penetration testing, forensics, and security auditing. PHLAK comes with
    two light gui's (fluxbox and XFCE4), packages for printing, publishing, a
    little multimedia, many security tools, and a file cabinet full of
    security related documentation for your reading/educational purposes. This
    distro is based on Morphix, created by Alex de Landgraaf. PHLAK is a
    direct fork of Morphix."

    What security tools does PHLAK have?
     * Debian Packages:
    aide, airsnort, amap, argus-client, argus-server, arpd, arping, arpwatch,
    autopsy, bfbtester, biew, bing, cabextract, cflow, cheops, chkrootkit,
    chntpw, cracklib2, cryptcat, darkstat, dlint, dnswalk, driftnet, dsniff,
    echoping, etherape, ethereal, ethereal-commo, ethereal-dev,
    ettercap-commo, ettercap-gtk, farpd, fenris, flawfinder, fping, fragroute,
    fragrouter, freeswan, ftp-ssl, gdb, gnupg, gtkrecover, hammerhead, hping2,
    httptunnel, httpush, hunt, icmpinfo, icmpush, idswakeup, ipchains,
    iproute, iptraf, iputils-ping, irpas, isic, john, kismet, l2tpd, lde,
    libcrypt-blowf, libcrypt-cbc-p, libcrypt-ciphe, libcrypt-crack,
    libcrypt-gpg-p, libcrypt-hcesh, libcrypt-passw, libcrypt-rijnd,
    libcrypt-smbha, libcrypt-sslea, libcrypt-unixc, libcrypto++-de,
    libcrypto++-ut, libcrypto++5, lsof, ltrace, macchanger, mtr, nasm, nast,
    nbtscan, nemesis, nessus, nessus-plugins, nessusd, netsed, ngrep, nikto,
    nmap, nmapfe, nstreams, ntop, openssl, p0f, packit, paketto, partimage,
    pnscan, pptpd, rarpd, recover, scanssh, scli, secpanel, sendip, sing,
    sleuthkit, smb-nat, socat, spikeprox, splint, ssh, ssh-askpass-gn,
    ssldump, strace, stunnel, stunnel4, sudo, tcpdump, tcpflow, tcpreplay,
    tcpslice, tcptrace, tethereal, transproxy, tsocks, valgrind, wipe

     * Hand-compiled Packages:
    01-sdi-brutus-eng.pl, ADM-SAMBA-CLIENT, ADMsnmp, SPIKE, WAP_Assessment,
    babelweb, cmospwd, dcetest, dcfldd, dd_rescue, ddb-sfe, di,
    domainobsencontroll, fatback, ffp, grenzgaenger, hackbot, hellkit,
    hjksuite, hydra, ipsorc, isnprober, itunnel, lcrzeox, lj, login_hacker,
    mac-robber, manipulate_data, md5deep, memfetch, netcat(compiled statically
    with Big-Gaping Security Hole), numby, obiwan, objobf, ol2mbox,
    onesixtyone, pandora-linux, photorec, pwl9x, rda, redir, reverb, revinetd,
    samba-tng, sara, screamingCobra, secure_delete, sharefuzz, shiva,
    slogdump, snapscreenshot, tarballz, tct, thcrut, tnef, vmap, walker,
    wardrive, whisker, zylyx

     * Windows Packages (using wine):
    achillies, AINTX, brutus, THC-CUPASS, ispy, nbtdump, photorec, md5deep,
    pdd

    ADDITIONAL INFORMATION

    PHLAK's homepages: <http://www.phlak.org/> http://www.phlak.org/
    The tool can be downloaded from:
    <http://www.phlak.org/modules/mydownloads/>
    http://www.phlak.org/modules/mydownloads/

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[NEWS] JBoss Remote Command Injection"

    Relevant Pages

    • Re: Exploit Archive
      ... from the more practical tools stand ... kismet, l2tpd, lde, libcrypt-blowf, libcrypt-cbc-p, libcrypt-ciphe, ... Ethical Hacking at the InfoSec Institute. ... learn to write exploits and attack security infrastructure. ...
      (Pen-Test)
    • RE: Windows XP SP2 and Security Tools
      ... Do you know of any installable Linux Distros which are all good to go like Knoppix STD? ... Windows XP SP2 and Security Tools ...
      (Security-Basics)
    • RE: Windows XP SP2 and Security Tools
      ... Do you know of any installable Linux Distros which are all good to go like Knoppix STD? ... Windows XP SP2 and Security Tools ...
      (Pen-Test)
    • RE: Security Evaluation Project
      ... security and assurance - auditing, VA, Pen-testing, etc. ... allow you to use and learn about security tools. ... "Information Assurance & Security" ... We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
      (Security-Basics)
    • New SecurityFocus mailing list - Beta-Announce
      ... There are an overwhelming number of security tools and products available ... to an informed, qualified community. ... SecurityFocus community access to upcoming security tool and product beta ...
      (Pen-Test)