lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu Nov 10 16:25:54 2005
From: madhat at unspecific.com (MadHat)
Subject: sugget a small pentest distro

On Nov 8, 2005, at 11:51 PM, crazy frog crazy frog wrote:
> Hi,
> can anyone suggest a small pentest liux distro.smallest means(under
> 250 mb.),i seen one on whax site.has any one used it?
> ****no google please****

so why can't you do your own research?  What wrong with using Google  
to get a simple answer?

So for auditing, with live CDs...
Knoppix STD is not bad, except for the name... http://www.knoppix- 
std.org/
Whoppix was ok.  It has been renamed to whax  (http://www.iwhax.net/ 
modules/news/)
Phlak (http://www.phlak.org/modules/news/)
Auditor (http://new.remote-exploit.org/index.php/Auditor_main)
PLAC: http://sourceforge.net/projects/plac

if you want to look at forensics tools instead of auditing tools.
Fire: http://fire.dmzs.com/
Helix: http://www.e-fense.com/helix/
FCCU: http://www.d-fence.be/
SleuthKit: http://www.sleuthkit.org/sleuthkit/desc.php
Penguin Sleuth: http://www.linux-forensics.com/downloads.html
etc....

You just want super small?
LMS:  http://linuxmobile.sourceforge.net/
Damn Small Linux:  http://www.damnsmalllinux.org/
FeatherLinux: http://featherlinux.berlios.de/
FlashLinux: http://flashlinux.org.uk/
CPX-Mini: http://www.informatik.hu-berlin.de/~bading/cpx-mini/
Knoopix-USB: http://rz-obrian.rz.uni-karlsruhe.de/knoppix-usb/
Puppy-Linux: http://www.goosee.com/puppy/
etc...

And of course if you don't know how to add and remove the tools you  
want from these, maybe you should do more research.

Everyone has different needs.  You don't state yours, so how can we  
answer?  I have used several of these, some were useful, others, not  
so much...  Will they work for you? who knows, since you don't say  
specifically what you want.  What is "pentest" exactly?  What are you  
testing?  What kind of environment?  Not that anyone here really  
cares, but if you are going to ask a question, you might try and  
research it first, then ask detailed questions.

--
MadHat (at) Unspecific.com, C?ISSP
E786 7B30 7534 DCC2 94D5  91DE E922 0B21 9DDC 3E98
gpg --keyserver wwwkeys.us.pgp.net --recv-keys 9DDC3E98

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ