here’s a recent drop of a script i use to configure my ubuntu box for pentesting. yes, i could use backtrack (and i do — especially if i’m having wireless issues), but this is a quick way to get an ubuntu box up & running. cheers -jcran
</pre> #!/bin/bash # System Configuration & Utilities apt-get -y install build-essential apt-get -y install linux-headers-`uname -r` apt-get -y install sysvconfig apt-get -y install bum ## Boot-Up Manager apt-get -y install tofrodos ## DOS utils apt-get -y install xinetd ## why not. apt-get -y install unrar ## RAR support apt-get -y install p7zip-full ## 7-Zip support apt-get -y install fcrackzip ## Zip cracking apt-get -y install ipcalc ## handy apt-get -y install sharutils ## uuencode / uudecode apt-get -y install xclip ## piping is handy apt-get -y install ldap-utils apt-get -y install cabextract ## damn microsoft and their fascist compression formats! apt-get -y install g++ apt-get -y install ssh ## Network services apt-get -y install samba apt-get -y install nis apt-get -y install nfs apt-get -y install smbfs ## samba utilities ## apt-get -y install tftpd ## you need to modify the /etc/init.d file... # system monitoring apt-get -y install ntop ## apt-get -y install sysstat ## iostat,sar,mpstat apt-get -y install procinfo # Package Management #apt-get -y install apt-build #apt-get -y install apt-dpkg-ref #apt-get -y install apt-listbugs apt-get -y install apt-file #apt-get -y install apt-howto apt-get -y install apt-utils apt-get -y install apt-listchanges apt-get -y install dconf # Terminal Emulators apt-get -y install tn5250 apt-get -y install screen # Filesystem Support apt-get -y install sshfs apt-get -y install ntfs-3g apt-get -y install ntfs-config apt-get -y install ntfsprogs apt-get -y install mkisofs # Gnome-Specific Configuration apt-get -y install gconf apt-get -y install gnomebaker apt-get -y install nautilus-open-terminal # ISAKMPD # apt-get -y install isakmpd apt-get -y install vpnc # Multimedia apt-get -y install amarok apt-get -y install xmms apt-get -y install xmms-skins apt-get -y install xmms-mp4 apt-get -y install mpg123 apt-get -y install totem-xine apt-get -y install ksnapshot apt-get -y install istanbul apt-get -y install recordmydesktop apt-get -y install gtk-recordmydesktop apt-get -y install xvidcap # Basics # Netcat & Tunnelling apt-get -y install netcat apt-get -y install sbd apt-get -y install cryptcat apt-get -y install socat apt-get -y install vtun apt-get -y install stunnel # Scanning Tools apt-get -y install nmap apt-get -y install nessusd apt-get -y install nessus apt-get -y install fping apt-get -y install hping2 apt-get -y install hping3 apt-get -y install scapy apt-get -y install snmp #apt-get -y install sing #send icmp nasty garbage apt-get -y install traceroute apt-get -y install tcptraceroute apt-get -y install ike-scan ## ipsec vpn tool apt-get -y install nbtscan ## cifs info tool apt-get -y install sslscan # Passive Scanning Tools apt-get -y install p0f apt-get -y install pads # Sniffing Tools apt-get -y install wireshark apt-get -y install ettercap apt-get -y install ettercap-gtk apt-get -y install tcpdump apt-get -y install tcpflow apt-get -y install ssldump apt-get -y install nemesis # packet injection apt-get -y install dsniff apt-get -y install etherape # Libraries apt-get -y install libssl #Medusa apt-get -y install libssl-dev #Medusa apt-get -y install libssh-2 #Medusa apt-get -y install python-pycurl #wfuzz apt-get -y install libnet-dns-perl #fierce.pl apt-get -y install libsnmp-perl #?? apt-get -y install libcrypt-ssleay-perl #HEAD,GET,POST, libwhisker apt-get -y install libnet-ssleay-perl # "" "" apt-get -y install ncurses-dev # kismet-newcore apt-get -y install libpcap-dev # kismet-newcore # Cracking Tools apt-get -y install john apt-get -y install medusa ## apt-get -y install hydra? ## not really that useful.. # Wireless Tools ##apt-get -y install kismet ## disabled because of kismet-ng apt-get -y install aircrack apt-get -y install aircrack-ng # App Layer Tools apt-get -y install wget apt-get -y install curl apt-get -y install nikto ## Scripting apt-get -y install ruby apt-get -y install python apt-get -y install perl apt-get -y install perl-doc apt-get -y install gawk apt-get -y install vim-ruby apt-get -y install vim-python ## Ruby - Gems apt-get -y install gems apt-get -y install rubygems ## Metasploit dependencies apt-get -y install libopenssl-ruby apt-get -y install ruby-libglade2 apt-get -y install libgtk2-ruby ## Scapy - Python Dependencies - http://www.secdev.org/projects/scapy/portability.html apt-get -y install graphviz # graph stuff apt-get -y install imagemagick # graph stuff apt-get -y install python-gnuplot # PacketList.plot() apt-get -y install python-crypto # WEP Stuff apt-get -y install python-visual # 3D Stuff apt-get -y install python-pyx # pdfdump() / psdump() apt-get -y install acroread apt-get -y install gv apt-get -y install sox ## ProxyStrike Dependencies apt-get -y install python-qt4 apt-get -y install python-openssl ## W3af Dependencies apt-get -y install python-pyparsing apt-get -y install python-pydot apt-get -y install python-soappy ## Coding ##apt-get -y install eclipse - get the latest version... apt-get -y install kdevelop apt-get -y install subversion apt-get -y install rapidsvn apt-get -y install vim-full apt-get -y install git apt-get -y install git-core ## Documentation apt-get -y install notecase apt-get -y install vim apt-get -y install liferea ## Web / Browser Utilities apt-get -y install azureus apt-get -y install opera apt-get -y install filezilla apt-get -y install flashplugin-nonfree apt-get -y install pidgin apt-get -y install pidgin-otr apt-get -y install thunderbird apt-get -y install lightning-extension apt-get -y install enigmail apt-get -y install irssi apt-get -y install silc apt-get -y install tor ## Windows Stuff apt-get -y install wine apt-get -y install quicksynergy ## Encryption apt-get -y install dmsetup apt-get -y install password-gorilla apt-get -y install gpa apt-get -y install seahorse ## Java apt-get -y install sun-java6-jre apt-get -y install sun-java6-plugin #set our java version to java-6-sun as this plays well with burpsuite update-java-alternatives -s java-6-sun ## Upgrade & Such apt-get update apt-get upgrade apt-get dist-upgrade ## Remove auto-start services update-rc.d -f exim4 remove update-rc.d -f tor remove update-rc.d -f ntop remove update-rc.d -f p0f remove ## not sure this is necessary update-rc.d -f pads remove update-rc.d -f isakmpd remove update-rc.d -f nessusd remove update-rc.d -f cups remove update-rc.d -f samba remove update-rc.d -f nis remove update-rc.d -f nfs-common remove ### Manual installs ### ------------------------------------------------------------------------------------------ ### truecrypt -- http://www.howtogeek.com/howto/ubuntu/install-truecrypt-on-ubuntu-edgy/ ### - you will need the linux kernel source for this one... ### onesixtyone -- http://www.phreedom.org/solar/onesixtyone/ ### libdvdcss2 -- "sudo /usr/share/doc/libdvdread3/./install-css.sh" <pre> <pre>
Jonathan Cran 
Nice post, I’ve always wanted to compile a list of all the tools I use. But never got around to it; Great work.
@hammackj thanks man. this is really the /basic/ list. i’ve got an svn repo i use to keep most of the tools. i’m thinking about making it public. not sure about licensing issues. there’s a lot of scattered code in there.
maybe just the structure / tools & leaving it up to people to download themselves?
or has backtrack solved this problem?
Do you keep the code to the tools in the svn, or just the binaries?
I never use Backtrack, at work we have to use an Ubuntu setup and other places I use MacOS. So that doesn’t solve any problems in my case.
I would love access if you make it public, never can have enough tools. =)
Sweet!!! I have always want to do this but just never took the time. Thank you very much to you for making it and mubix for posting on his site.
This is nice. It would be better however if you could remove the non-pentest related stuff. I did it in my copy but for the sake of the lazier it would be nice.
Also a tool you might want to add is inguma. It requires a bit of setup but it’s a great bruteforcing tool.
If you provide a list of the tools you want to include that don’t exist in the repo I, and I’m sure many others, would be happy to help out writing download-install scripts for them so you don’t have to worry about distributing them.
@chicagonpg – thanks for reading
@haxwithaxe – to be honest, i use all these in some form when pentesting. feel free to modify & redist if you’d like. interesting idea about the download / install scripts. as far as non-repo tools, i think it’s probably better to contribute to the backtrack project, either packaging tools. – see the package list here: http://repo.offensive-security.com/dist/bt4/Packages
i keep a svn repository around for my own use, and for windows tools. you can find a relatively recent tool list here: http://www.0x0e.org/x/toolkit-12142009.txt
@hammackj – sorry for the delay – both code & binaries. i try to store the minimum necessary, but it still gets pretty large in size. – svn’s definitely not ideal for lots of binary storage.
it also references a whole lot of other svn projects via svn:externals:
nix/framework-net/metasploit-svn http://metasploit.com/svn/framework3/trunk/
nix/framework-web/grendelscan-svn http://svn2.assembla.com/svn/grendel/Grendel-Scan/
nix/framework-net/fasttrack-svn http://svn.thepentest.com/fasttrack/
nix/parser/fierceparser-svn https://svn.assembla.com/svn/fierce/FierceParser/trunk
nix/recon-net/fiercev2-svn https://svn.assembla.com/svn/fierce/fierce2/branch/
nix/attack-web-sqlinjection/sqlmap-svn https://svn.sqlmap.org/sqlmap/trunk/sqlmap/
#nix/scanner-net/nmap-svn svn://svn.insecure.org/nmap/
#nix/utility-net/ncat-svn svn://svn.insecure.org/ncat/
#nix/parser/ndiff-svn svn://svn.insecure.org/nmap-exp/ndiff
#nix/scanner-net/portbunny-svn http://portbunny.recurity.com/svn/PortBunny/trunk/PortBunny/
nix/wardialer/warvox-svn http://metasploit.com/svn/warvox/trunk/
nix/communication/dradis-svn https://dradis.svn.sourceforge.net/svnroot/dradis
nix/framework-user/set-svn/ http://svn.thepentest.com/social_engineering_toolkit/
nix/attack-wireless/aircrack-ng-svn http://trac.aircrack-ng.org/svn/trunk/
nix/attack-wireless/airoscript-svn http://trac.aircrack-ng.org/svn/branch/airoscript/
doc/owasp-asvs http://owasp-asvs.googlecode.com/svn/trunk/
Nothing is to large for svn, I know of companies that store 40gb+ vms in svn…
Thanks for the reply and info.
http://ubuntu-pe.tk
How about this one?