Figure 1. Auditor tool
Whoppix
Like Auditor, WhiteHat Knoppix is also a penetration test pengtest tool. Whoppix was born because its developer Muts was asked to perform an internal penetration test on a large organization.
He explained, "the guiding principle of Pentest is that I cannot install it in my own notebook or modify the configurations of any clients in the Organization, just like installing software on a local computer."
Whoppix is a paradise for penetration testing. This includes many useful tools and methods by which a large number of knowledge-based hackers can access your system ). Although Muts does not like many documents in CD very much, the method used in packaging is the only one.
Muts does not give a simple explanation of these tools, but, together with several other very active members, provides these tools with several small flash Demo Video images, in this way, even a newbie can understand how to attack an unconfigured msql database.
By version 2.6 SP1, Whoppix uses the default knoppix kernel. The new version is not yet released.) a customized kernel version 2.6.11.5 is used, which provides better support for the WiFi Orinoco patch ).
Although you can install Whoppix on a hard disk, Muts does not provide strong support for this. His idea is to provide a portable pentest platform that you can use directly without having to go through the setup process of a lazy hacker computer.
"One of my long-term goals is to write documents for these tools and possibly publish a book called 'whoppix hack' that is very similar to 'knoppix hacks')," Muts said. "I am looking for some generic help from Whoppix, which includes both the technical and other aspects. It would be great if someone is willing to help me with these documents ."
Figure 2. Whoppix Tool
Knoppix-STD
This release version is also a customized Knoppix version, which focuses on information security Tools, so it is named STDSecurity Tools Distribution ). Knoppix-STD is currently maintained by Mark Cumming and has been a very active contributor since the beginning.
Cumming explains the goal of Knoppix-STD and the difference between it and other similar projects: "With all the open-source tools, many tools do the same thing; security CD is no exception.
From the beginning, STD is not user-friendly; that is to say, we will not cater to popular tastes. The actual situation is that we use Linux as a means to achieve the ultimate goal; STD is a set of security tools, not a Linux, although we have many Linux enthusiasts.
STD tries to stay away from the noise. We do not have xwindows, but if there is a simple terminal method that can implement the required functions, we will use this method; we will not develop a GUI just out of interest.
We do not care about ensuring that this is the only tool specific to implementing a function; in fact, we plan to include all the tools currently available ."
STD has created a teaching tool for those who are interested in security, which means there are a lot of documents. Each toolset has its own document directory. You can access these tools in the directory of each related toolset in/usr/bin. You will find that "stick honeypot", firewall, IDS, and some network tools can help you better map heterogeneous networks.
"Now we are building a development team to continue developing STD projects. We try to switch from the 'do all thing' mode to a more open development environment, which can be organized into several separate groups, each with its own team leader.
In this way, a LiveCD can be developed and compiled using the natural features of the LiveCD release. We also do not need to have actual hardware and bandwidth infrastructure to support CVS ." Cumming explained.
He promised that the future version would be significantly different from the existing version and provide better support for WiFi. "In the future, we will develop support for a small number of wireless NICs.
We need to provide support to users who only purchased the cheapest $9.99 Nic, which occupies most of our development time ." Cumming said.
You can also install STD on the hard disk, which can be implemented using the normal Knoppix hd-install script. The script is included by default.
STD has made great attempts to help users solve problems, but when many new users choose RedHat desktop systems to directly replace Knoppix, they lose official support.
Figure 3. Defects test in Whoppix
