Blog | snarl 0.0.1a released

snarl 0.0.1a released

snarl is a bootable forensics ISO based on FreeBSD and using @stake's autopsy and task as well as scmoo's list of known good checksums.

read on for instructions

once you boot the iso just log in as root there is no password.

you will boot into a dialog driven menu. select the first option and choose the checksum set for the OS you are auditing. this will convert the schmoo checksum database into a format that autopsy understands.

then select the second option. this will configure and start autopsy.

then select the third option and links will be launched browsing the autopsy page.

you can also select exit and use the large collection of security related ports:

Hermes-1.3.2 Fast pixel formats conversion library

LaBrea-2.3 Defense mechanism against CodeRed

Mesa-3.4.22 A graphics library similar to SGI's OpenGL

XFree86-4.2.01,1 X11/XFree86 core distribution (complete, using mini/meta-po

XFree86-FontServer-4.2.0 XFree86-4 Font Server

XFree86-Server-4.2.13 XFree86-4 X server and related programs

XFree86-clients-4.2.11 XFree86-4 Client environments

XFree86-documents-4.2.0 XFree86-4 Document Files

XFree86-font100dpi-4.2.0 XFree86-4 bitmap 100 dpi fonts

XFree86-font75dpi-4.2.0 XFree86-4 bitmap 75 dpi fonts

XFree86-fontCyrillic-4.2.04 XFree86-4 Cyrillic Fonts

XFree86-fontDefaultBitmaps-4.2.0 XFree86-4 default bitmap fonts

XFree86-fontEncodings-4.2.0 XFree86-4 font encoding files

XFree86-fontScalable-4.2.0 XFree86-4 Scalable font files

XFree86-libraries-4.2.11 XFree86-4 include/(shared) library kit

aafid2-0.10 A distributed monitoring and intrusion detection system

adodb-1.90 A database library for PHP4

aescrypt-0.7 A command-line AES encryption/decryption suite

aide-0.71 A replacement and extension for Tripwire

analog-5.24,1 An extremely fast program for analysing WWW logfiles

apache-1.3.27 The extremely popular Apache http server. Very fast, very

apg-2.1.0 An automated password generator

argus-2.0.5 A generic IP network transaction auditing tool

arirang-1.6,1 Powerful webserver security scanner

arts++-1-1-a81 A network data storage and analysis library from CAIDA

audit-1.0 Tools for remote and centralized audit data collection

authforce-0.9.6 HTTP authentication brute forcer

autoconf-2.531 Automatically configure source code on many Unx platforms

autoconf213-2.13.0002272 Automatically configure source code on many Unx platforms

autopsy-1.70 Autopsy - @Stake's Forensics Toolkit

avcheck-0.9 A simple antivirus solution for a mail system

bash-2.05b.004 The GNU Bourne Again Shell

bcwipe-0.2.4 BCWipe securely erase data from magnetic and solid-state me

beecrypt-2.1.0 BeeCrypt is an open source cryptography library

bfbtester-2.0.1 A security tool for testing binaries for overflows

biew-5.3.2 Binary vIEWer + editor for binary, hexadecimal and dis-asm

bison-1.351 A parser generator from FSF, (mostly) compatible with Yacc

bjorb-0.5.5p1 Secure TCP relay software with SSL

boclient-1.21 Client program for the Back Orifice Windows program

borzoi-1.0.1 An Elliptic Curve Cryptography Library

botan-1.0.11 A portable, easy to use, and efficient C++ crypto library

bounce-1.0 Bounce tcp connections to another machine/port

bsd-airtools-0.2 BSD Wireless Scanning Tools

c-nocem-3.6 NoCeM for C News and INN

ca-roots-1.01 A list of SSL CA root certificates

calife-2.8.4d A lightweight alternative to sudo

ccrypt-1.21 A command-line utility for encrypting and decrypting files

cdroot-1.2.5 Scripts to automate setting up a bootable CD-ROM based Free

cflowd-2-1-b15 Flow analysis tool used for analyzing Cisco's NetFlow switc

cfs-1.4.1 A cryptographic file system implemented as a user-space NFS

cfv-1.10 Utility to both test and create .sfv, .csv and md5sum files

cgiwrap-3.7.11 Securely execute ~user CGI scripts

chkrootkit-0.36 A tool to locally check for signs of a rootkit

chrootuid-1.3 A simple wrapper that combines chroot(8) and su(1) into on

cksfv-1.3 Create or manipulate Simple File Verification (SFV) checksu

clog-1.6 Tcp connection logger daemon

cops-1.04 A system secureness checker

crack-5.0 The "Sensible" Unix Password Cracker

cracklib-2.71 Password-checking library

crank-0.2.1 CRyptANalysis toolKit

cryptopp-4.1 A free C++ class library of cryptographic schemes

curl-7.9.8 Non-interactive tool to get files from FTP, GOPHER, HTTP(S)

cvsup-16.1f General network file distribution system optimized for CVS

cvsup-without-gui-16.1f General network file distribution system optimized for CVS

cvsupit-3.1 CVSup installation and setup front-end package (16.1 / GUI

ddosscan-1.6 Scans for a limited set of distributed denial of service ag

despoof-0.9 Command-line anti-spoofing detection utility

digest-200108072 MD5/SHA-1/RIPEMD-160 checksumming utility

donkey-0.5 An alternative for S/KEY's key command

drweb-4.28.21 DrWeb antivirus suite

dsniff-2.3 Various sniffing utilities for penetration testing

dumpasn1-20011018 Dumps the contents of an ASN.1 encoded file, e.g. an SSL ce

ettercap-0.6.9 A network sniffer/interceptor/injector/logger for switched

expat-1.95.5 XML 1.0 parser written in C

findddos-4.2 Scans a host filesystem for distributed denial of service p

findzlib-1.9 Scans files for statically linked zlib (libz) code

firewalk-1.0 A network auditing tool

flawfinder-1.01 Examines source code looking for security weaknesses

flowscan-1.0065 Processes IP flows recorded in cflowd-format raw flow files

fragroute-1.21 A tool for intercepting, modifying and rewriting egress tra

fragrouter-1.6 Tool for testing network IDS implementations

freetype2-2.1.2 A free and portable TrueType font rendering engine

fuzz-0.6 Tool for testing software by bombarding the program with ra

fwanalog-0.6.1 A firewall log summarizer that uses Analog

gag-2.9 A stacheldraht (DOS attack) agent detector

gd-1.8.46 A graphics library for fast image creation

gettext-0.11.51 GNU gettext package

glib-1.2.107 Some useful routines of C programming (previous stable vers

gmake-3.79.13 GNU version of 'make' utility

gnupg-1.0.7 The GNU Privacy Guard

gpa-0.4.3 This is a graphical frontend for the GNU Privacy Guard

gtk-1.2.108 Gimp Toolkit for X11 GUI (previous stable version)

guile-1.4.12 GNU's Ubiquitous Intelligent Language for Extension

hafiye-1.0 Multi Platform Customizable TCP/IP Packet Sniffer

hashish-0.4b A file and string hashing utility

help2man-1.26 Automatically generating simple manual pages from program o

hping-2.0.0r11,1 Network auditing tool

imake-4.2.01 Imake and other utilities from XFree86

integrit-3.02.00 Integrit is a file integrity verification programs

iplog-2.2.31 TCP/IP traffic logging tool

john-1.6 Featureful Unix password cracker

jpeg-6b1 IJG's jpeg compression utilities

l0pht-watch-1.1 A program to report on what goes on in /tmp

l0phtcrack-1.5 L0pht Heavy Industries' cracker for SAMBA or Windows NT pas

l5-1.2 File Integrity Assessment Tool

lcrzo-4.10 Lcrzo is a network library (used by Lcrzoex, network testin

lcrzoex-4.10 Lcrzoex contains over 300 functionnalities using network li

libdnet-1.4 A simple interface to level networking routines

libevent-0.4 Provides an API to execute callback functions on certain ev

libgmp-4.11 A free library for arbitrary precision arithmetic

libgnugetopt-1.2 GNU getopt library

libiconv-1.81 A character set conversion library

libmcrypt-2.5.3 Multi-cipher cryptographic library (used in PHP3)

libnet-1.0.2a A C library for creating IP packets

libnids-1.161 Network monitoring library with TCP/IP reassembly

libparanoia-1.41 Safe (in the mean of stack smashing) reincarnation of strcp

libtool-1.3.44 Generic shared library support script

libungif-4.1.0b1 Tools and library routines for working with GIF images

libxml2-2.4.24 Xml parser library for GNOME

libxslt-1.0.20 The XSLT C library for GNOME

links-2.01,1 Lynx-like text WWW browser

livecd-1.2.2 Tool Set to create custom FreeBSD LiveCD

logcheck-1.1.1 Auditing tool for system logs on Unix boxes

lxnb-0.4 NetBus client

lynx-2.8.4.1c A non-graphical, text-based World-Wide Web client

lzo-1.081 Portable speedy, lossless data compression library

m4-1.41 GNU's m4

mdcrack-1.2 Bruteforce password MD5 hashes

mhash-0.8.14 Library provides an easy way to access strong hashes such a

mkisofs-1.15.a27 Create iso9660/Rock Ridge/Joliet filesystems

modphp4-4.2.3 PHP4 module for Apache

mysql-client-3.23.52 Multithreaded SQL database (client)

nbaudit-1.0 NetBIOS Auditing Tool / Security Kit

nbtscan-1.0.2 NetBIOS name network scanner

nemesis-1.32 Command-line UNIX network packet creation and injection sui

nessus-1.2.5 A security scanner: looks for vulnerabilities in a given ne

nessus-libnasl-1.2.5 Nessus Attack Scripting Language

nessus-libraries-1.2.5 Libraries for Nessus, the security scanner

nessus-plugins-1.2.51 Plugins for Nessus, the security scanner

net-snmp-5.0.32 An extendable SNMP implementation

netcat-1.101 Simple utility which reads and writes data across network c

netsed-0.011 Alters the contents of packets in real-time

ngrep-1.40.1 Network grep

nmap-3.00 Port scanning utility for large networks

ntl-5.3 Victor Shoup's Number Theory Library

openssl-0.9.6g SSL and crypto library

openvpn-1.3.0 Secure IP/Ethernet tunnel daemon

outguess-0.2 Steganographic tool

p5-Boulder-1.27 An API for hierarchical tag/value structures

p5-Cflow-1.051 Analyze raw flow files written by cflowd (Cisco NetFlow dat

p5-ConfigReader-0.51 Perl5 module to read directives from a configuration file

p5-DBI-1.28 The perl5 Database Interface. Required for DBD:: modules

p5-Data-ShowTable-3.3 Perl5 module to pretty-print arrays of data

p5-HTML-Table-1.15 Generate HTML tables for CGI scripts

p5-Mysql-modules-1.2216 Perl5 modules for accessing MySQL databases

p5-Net-Patricia-1.010 Perl module for fast IP address lookups

p5-String-CRC32-1.2 Perl interface for cyclic redundency check generation

p5-Time-101.062101 A collection of functions to convert and use time variables

p5-Tk-800.023 A re-port of a perl5 interface to Tk8.0p2

p5-XML-Parser-2.311 Perl extension interface to James Clark's XML parser, expat

pad-1.0.4,1 A command-line utility to encrypt files

pcsc-lite-1.1.1 A smartcard development library

pdksh-5.2.14p2 The Public Domain Korn Shell

perl-5.6.18 Practical Extraction and Report Language

pgpdump-0.17 PGP packet visualizer

php4-4.2.3 PHP4 commandline interpreter

pkgconfig-0.12.0 An utility used to retrieve information about installed lib

png-1.2.4 Library for manipulating PNG images

poc-1.2 Program for managing passwords on smartcards

py22-fchksum-1.6.1 find the checksum of files

python-2.2.1 An interpreted object-oriented programming language

radiusniff-0.2 Sniffer for RADIUS traffic

rain-1.2.9.b1 Rain is a packeting tool used for testing system stability

rats-2.0 Source code auditing tool

rid-1.0 Configurable remote distributed denial of service tool dete

rlytest-1.22 Test an SMTP host for third-party relay

rrdtool-1.0.39 Round Robin Database Tools

saint-3.4.11 Security Administrator's Integrated Network Tool

scanssh-1.60b Scanssh scans a subnet and reports the version of SSH insta

sing-1.1 Tool for sending customized ICMP packets

siphon-0.666 Passive host OS identifier using characteristics of sniffed

slurpie-2.0b A passwd file cracker (supports distributed nodes)

smurflog-2.1 A program to assist logging of smurf attacks

sniff-1.0 Program to sniff logins and passwords

sniffit-0.3.7b1 A packet sniffer program. For educational use

snort-1.8.7 Lightweight network intrusion detection system

snort-rep-1.7 A Snort reporting tool that can produce text or HTML from l

snortsnarf-020516 Generate HTML report summaries from snort incident alerts

splint-3.0.1.6 A tool for statically checking sourcecode for security vuln

srm-1.2.2 Secure rm, a utility which destroys file contents before un

ssldump-0.9b3 SSLv3/TLS network protocol analyzer

stegdetect-0.5 An automated tool for detecting steganographic content in j

strobe-1.06 Fast scatter/gather TCP port scanner

subweb-1.0 SubWeb is a (reverse) proxy to inspect HTTP flows on the fl

task-1.60 Autopsy - @Stake's Forensics Toolkit

tcpshow-1.74 Decode tcpdump(1) output

tcptrace-6.0.0b2 A TCP dump file analysis tool

termlog-1.0.1 Monitor or log multiple system terminals synchronously (rea

tiff-3.5.7 Tools and library routines for working with TIFF images

towitoko-2.0.6 UNIX driver for Towitoko smartcard readers

trinokiller-1.0 Remotely kill trino nodes

unzip-5.50 List, test and extract compressed files in a ZIP archive

vlog-1.1f A curses based real-time logfile viewer esp. useful for ipf

vomit-0.2 Voice over misconfigured internet telephones

wget-1.8.21 Retrieve files from the 'net via HTTP and FTP

whisker-1.41 A sophisticated CGI (in)security scanner

windowmaker-0.80.1 GNUStep-compliant NeXTStep window manager clone

wmicons-1.0 Icons mainly for use in Window Maker

wrapper-1.02 Wrapper for XFree86-4 server

wxgtk-2.3.21 The wxWindows GUI toolkit with GTK+ bindings (unstable vers

xmlsec-0.0.9 XML Security Library

xprobe-0.0.1p1 ICMP active OS fingerprint scanner

zombiezapper-1.0 Send a terminate command to Trinoo/TFN/Stacheldracht DDoS a

Subscribe

Metadata

Post date:

Sunday, March 16th, 2003 at 8:34:18 PM

Tags