User:Maffblaster/Drafts/Gentoo for hackers

From Gentoo Wiki
Jump to:navigation Jump to:search

This article showcases technology available for ethical hacking, and related activities, on Gentoo-based systems. If the software package is not available in Gentoo, then it will likely be available via the Pentoo ebuild repository. If it's not available in Pentoo, then I'll probably try to write an ebuild for it...

Ideas

Red team

Search engines.

Google:

Username search:

  • xlek.com
  • namechk.com
  • whatsmyname.com

Crawlers

Blue team

Risk measurement metrics

Measure risk with timers and updates... if a software project has not been updated in N number of days, increase the risk rating. If the software has an existing CVE for the targeted version, increase risk rating. If the image is 'stale', increase risk rating. Be dynamic.

Available software

Password guessing

OSINT

  • SpiderFoot - A FOSS OSINT data collection and analysis tool Available via app-forensics/spiderfoot in pentoo.

Website recon

  • Custom Wordlist Generator - A tool written in ruby that collects useful information from a website for later consumption. Available via app-text/cewl in pentoo.

SMB share recon

Possible FOSS options include:

  • smbeagle GitHub - Not (yet) available within an ebuild repo.

Search tools

  • Recoll Homepage GitWeb app-misc/recoll - Could integrate for scanning accessible SMB shares as an FOSS alternative to something like Copernic Desktop Search. Missing OCR search.
  • Xapian Homepage GitWeb - Same as Recoll.

Misc

Data transformation

  • CyberChef [GitHub] - A data encoder/decoder utility for transforming encoded data between forms. Most useful for returning encoded data to its natural form. Available via pentoo

OpSec

Anonymity

Data sharing

Tools that may require Windows

Unavailable software

It would be nice to have these available on Gentoo...

  • Velociraptor - An endpoint visibility and collection tool used for advanced digital forensics and incident response Docs.