cyberpack, Tsurugi Linux, Kali Linux, ParrotOS, CSI Linux, Sherlock Linux, BlackArch Linux, BackBox Linux
UALinux CyberPack
CyberPack FaP (digital Forensics And Penetration testing)
Conducting penetration tests, security audits, information gathering, digital forensics and analysis tools
This system is designed to conduct penetration tests, audits and assess the level of security. In skilled hands, it can also be used to identify vulnerabilities. This puts it on par with projects such as: Tsurugi Linux, Kali Linux, ParrotOS, CSI Linux, Sherlock Linux, BlackArch Linux, BackBox Linux.
It contains tools for conducting primary digital forensic analysis, such as:
- analysis of computer network/server/service security for vulnerabilities;
- penetration testing and security scanning;
- search and recording of hidden and deleted data/files on digital media;
- making digital copies of research objects for further detailed analysis;
- obtaining information from Android and iPhone mobile devices;
- memory dump analysis;
- hacking/pickup of passwords for Wi-Fi networks, archives, mobile devices, operating systems;
- data/file recovery on various file systems and partitions;
- extended information retrieval from MS Windows (registry, cache, etc.).
And also:
- supports most file systems: ext2, ext3, ext4, NTFS, FAT, FAT32, vFAT, exFAT, XFS, BtrFS, UFS, ReiserFS, Reiser4, HFS, HFS+, ZFS, encrypted encFS and others;
- recognizes and allows you to work with partitions: RAID, LVM and others, as well as encrypted: LUKS, BitLocker, Truecrypt/Veracrypt and others;
- allows you to view/edit and listen to content (documents of various formats, multimedia files).
The objects of research can be any digital data: data carriers (and their contents, such as files or disk partitions), servers, workstations, web resources, network traffic, mobile devices, etc.
The system can work both in the "live system" mode without installation, and can be installed on a computer.
Languages included: Ukrainian, Russian, English.
▼ CyberPack FAP (digital Forensics And Penetration testing)
- guymager - RAW (dd), EWF (E01), AFF,...
- gparted
- gpart
- ddrescueview
- gddrescue
- dc3dd
- dcfldd
- ddrutility
- ewf-tools - ewfacquire, ewfacquirestream, ewfmount,...
- fdisk
- gnome-disk-utility
- kpartx
- mount
- xmount
- mdadm
- lvm2
- afflib - affuse,...
- fuse3
- disktype
- veracrypt
- dislocker
- libbde-utils
- gnome-encfs-manager
- adb
- apktool
- gmtp
- checkra1n
- volatility - /opt/
- voldiff - /opt/
- aeskeyfind
- memdump
- rsakeyfind
- gnome-nettool - ping, netstat, traceroute, port scanning, DNS lookup, finger, whois
- masscan
- openvas
- etherape
- ettercap-graphical
- kismet
- kismon
- nmap
- dmitry
- nbtscan
- arp-scan
- p0f
- smbmap
- wig
- hydra hydra-gtk - (xhydra)
- sslsniff
- netdiscover
- dnstracer
- tcpdump
- iftop
- nload
- netstat-nat
- qnetstatview
- wireshark tshark
- braa
- bruteforce-salted-openssl
- chaosreader
- cowpatty
- aircrack-ng
- mdk3 mdk4
- dirb
- dsniff
- cewl
- dhcpdump
- dns-flood-detector
- dnsrecon
- ethstatus
- ethtool
- dnsutils
- ed2k-hash
- hcxdumptool
- horst
- hping3
- ike-scan
- ipgrab
- ipv6toolkit
- linssid
- lltdscan
- mdns-scan
- medusa
- nast
- ncrack
- ngrep
- nstreams
- ntopng
- pnscan
- reaver
- smb4k
- smbmap
- smb-nat
- ssldump
- tcpflow
- tcpick
- tcpreplay
- tcptrace
- tcpxtract
- telnet
- whatweb
- whois
- sslscan
- routersploit
- LinEnum - /opt/
- badKarma - /opt/
- fcrackzip
- hashcat
- john
- pdfcrack
- samdump2
- ophcrack ophcrack-cli
- bruteforce-luks
- chntpw
- cmospwd
- crack crack-md5
- fcrackzip
- johnny
- hashcat-utils
- coreutils - ( md5sum, sha1sum, sha256sum, sha512sum)
- gtkhash - (MD5, MD6, SHA1, SHA256, SHA512, RIPEMD, TIGER, WHIRLPOOL)
- hash-identifier
- libvshadow-utils - (vshadowdebug, vshadowinfo, vshadowmount)
- virtualbox-7.0
- libguestfs-tools - (guestmount, guestunmount)
- snapper snapper-gui
- qemu-utils - (qemu-img)
- docker.io
- grepmail
- pst-utils - (lspst, readpst)
- libemail-outlook-message-perl - (msgconvert)
- mblaze
- mboxgrep
- isoqlog
- pff-tools
- undbx
- fred
- galleta
- grokevt
- missidentify
- pasco
- polenum
- reglookup
- rifiuti
- rifiuti2
- samdump2
- winregfs
- foremost
- scalpel
- rlinux
- rstudio
- testdisk
- extundelete
- fatcat
- dares
- ext3grep
- ext4magic
- magicrescue
- myrescue
- recoverdm
- recoverjpeg
- safecopy
- scrounge-ntfs
- maltego
- sqlitebrowser
- autopsy sleuthkit - (blkcalc, blkcat, blkls, blkstat, fcat, ffind, fiwalk, fls, fsstat, hfind, icat, ifind, img_cat, img_stat, istat, jcat, jls, jpeg_extract, mactime, mmcat, mmls, mmstat, sigfind, sorter, srch_strings, tsk_comparedir, tsk_gettimes, tsk_loaddb, tsk_recover, usnjls)
- clamav clamav-gui
- libimage-exiftool-perl - (exiftool)
- exif
- exifprobe
- exiftags
- libnfc-bin - ( nfc-list )
- usbguard
- filezilla
- ghex
- wxmedit
- oracle-java8-installer - (java8-web-start)
- python2.7
- python3 - v3.8.2
- proxychains4
- rdesktop
- remmina
- vlc
- brasero
- pdfgrep
- vokoscreen-ng
- peazip - 200+: 001, 7Z, ACE, ARC, ARJ, BR, BZ2, CAB, DMG, GZ, ISO, LHA, PAQ, PEA, RAR, TAR, UDF, WIM, XZ, ZIP, ZIPX, ZST,...
- cpu-x
- network-manager-fortisslvpn-gnome
- network-manager-l2tp-gnome
- network-manager-openconnect-gnome
- network-manager-openvpn-gnome
- network-manager-pptp-gnome
- network-manager-ssh-gnome
- network-manager-vpnc-gnome
- network-manager-sstp-gnome
- network-manager-strongswan
- origami-pdf
- dares
- beef
- /opt/ tor-browser
- audacity
- binwalk
- btscanner
- evince
- gimp
- crunch
- cupp
- dictconv
- statsprocessor
- wamerican
- wamerican-huge
- wamerican-insane
- wamerican-large
- wamerican-small
- wbrazilian
- wbritish
- wbritish-huge
- wbritish-insane
- wbritish-large
- wbritish-small
- wbulgarian
- wcanadian
- wcanadian-huge
- wcanadian-insane
- wcanadian-large
- wcanadian-small
- wcatalan
- wesperanto
- wfaroese
- wfrench
- wgaelic
- wgerman-medical
- wirish
- witalian
- wmanx
- wngerman
- wpolish
- wportuguese
- wspanish
- wswedish
- wswiss
- wukrainian
- arc
- brotli
- bzip2
- cabextract
- clzip
- comprez
- dact
- lrzip
- lz4
- lzma
- lzop
- minizip
- mscompress
- ncompress
- nomarch
- p7zip-full
- plzip
- rzip
- unar
- unzip
- wzip
- xarchiver
- xz-utils
- zpaq
- bfbtester
- ccrypt
- chkrootkit
- cryptmount
- doona
- lynis
- o-saft
- rkhunter
- erofs-utils
- exfat-fuse
- exfat-utils
- ntfs-3g
- acct
- aesfix
- binutils
- brutespray
- capstone-tool
- curl
- de4dot
- diffstat
- dmidecode
- droopy
- dtach
- exiv2
- fdupes
- flasm
- funcoeszz
- gdisk
- geoip-bin
- gifshuffle
- grub-rescue-pc
- gwenview
- hashdeep
- hashid
- hashrat
- heartbleeder
- hexcompare
- hexedit
- hwinfo
- imageindex
- imview
- inxi
- jdupes
- less
- lshw
- mac-robber
- maskprocessor
- mc
- membernator
- memstat
- metacam
- mfcuk
- mfoc
- mirage
- mpack
- nasm
- nasty
- netcat
- nmapsi4
- okular
- outguess
- parted
- patator
- pcapfix
- pcaputils
- pecomato
- pev
- pipebench
- pixiewps
- plaso
- pngcheck
- pompem
- poppler-utils
- psrip
- radare2
- radare2-cutter
- rarcrack
- ree
- rekall-core
- rephrase
- rfdump
- rhash
- shed
- shotwell
- sipcrack
- sipgrep
- sngrep
- snowdrop
- ssdeep
- ssh-audit
- steghide
- stegosuite
- stegsnow
- stepic
- sucrack
- sxiv
- systemd-bootchart
- tableau-parm
- testssl.sh
- unhide
- unhide.rb
- uni2ascii
- vinetto
- vuls
- wapiti
- weplab
- wfuzz
- wifite
- wipe
- xlsx2csv
- xxd
- yara
For the system to operate, it is recommended to have RAM of 2 GB or more.
CyberPack ALF (Analysis, Logging of actions and digital Forensics)
Analysis, activity logging and tools for digital forensics
The system contains tools for such actions as:
- collecting evidence on the use of a PC to commit offenses;
- recording digital evidence during the investigation of computer crimes;
- analysis and recording of offenses (recording all actions taken during the inspection, with verification of the obtained data of analysis or research).
About the system:
- the system works only in Live-mode, without the possibility of installation;
- the devices being examined are mounted in "read-only" mode, the possibility of switching to "record" mode is left;
- the system by default boots in the console version, the graphical shell is launched by the command $ startx
▼CyberPack ALF (Analysis, Logging of actions and digital Forensics):
- ClamTk
- GNOME Disk Utility
- GtkHash
- TrueCrypt
- Xfburn
- LibreOffice
- EtterApe
- Ettrcap
- Firefox
- Remmina
- Wireshark
- xHydra
- Zenmap
- GNOME Network Tool
- GNOME Search Tool
- Guymager
- Kismet
- Ophcrack
- Vokoscreen
- GNOME MPlayer
- PeaZip
- R-Studio
- GHex
- LVM manager
- galleta
- grokevt
- sslstrip
CyberPack IRF (Image RAM to File)
Creating a digital image of a computer's RAM
When investigating information security incidents, specialists sometimes encounter the fact that passwords and other information that is necessary for successful authorization or identification are not available in open form and are stored only in RAM.
When you turn off your computer, such information may be lost forever... But there is still a chance to get it.
When rebooting the operating system using the Ctrl-Alt-Del combination (the so-called "soft reboot"), the computer does not completely clear the RAM and the probability of losing the information you are looking for is significantly reduced, which means the chance of getting it increases.
With this system, you can create an exact digital image (dump) of RAM when rebooting your computer/server, excluding the 115 MB of RAM that the distribution itself will take up when running. The resulting image (dump) of RAM can be written to an external drive and its contents can be analyzed separately later.
About the system:
- the system works only in Live-mode, without the possibility of installation;
- all functionality is saving a dump of RAM of any size;
- contains two different methods of obtaining a memory dump;
- works only in the console.
Write your comments, advice and suggestions in our FACEBOOK GROUP