#MATRIUX LEANDROS:Open Source Linux
Penetration Testing and Forensic Distribution
“Aut viam Invenium Aut Faciam”
Prajwal Panchmahalkar, C|EHLead Develop, Matriux@pr4jwal, http://www.matriux.com/#BSidesLV 2013Mentored by Josh : @savant42
#whois?Prajwal Panchmahalkar • L30• Security Researcher• Lead Developer, Matriux• Blogger• Recent Grad, MSCS, Texas Tech University• Web Developer – to feed myself..!!
• Email: [email protected]• Twitter: @pr4jwal• Website: http://www.matriux.com/
“Aut viam Invenium Aut Faciam”
“Aut viam Invenium Aut Faciam”
#Statutory warning
“Aut viam Invenium Aut Faciam”
#why?#Matriux• The most commonly asked question:
• Why another distro … while there are many others?• While there are many other desktop variants isn’t there
space for one more security distro?• Just follow the spirit of Linux…!
• The best way to learn Linux – make ONE.• Wanted to build one overcoming the existing systems• Have one that complied with out needs initially.
“Aut viam Invenium Aut Faciam”
#why?#Matriux• The most commonly asked question:
• Why another distro … while there are many others?• While there are many other desktop variants isn’t there
space for one more security distro?• Just follow the spirit of Linux…!
• The best way to learn Linux – make ONE.• Wanted to build one overcoming the existing systems• Have one that complied with out needs initially.
“Aut viam Invenium Aut Faciam”
#challenges faced?#Base Platform:• Ubuntu??• Slax??• Fedora??• Debian??• ……??#Expertize:• Lacked initial knowledge on how to start#Collaboration#Infrastructure#Legal Consultancy / advisory services#And definitely “Financial”..!
“Aut viam Invenium Aut Faciam”
#Matriux?#initial releases:• Matriux alpha (slax) – early 2008• Matriux Lithium (Ubuntu KDE) – 2009/11• Matriux Xenon (Ubuntu Gnome) – 2010/11• Matriux Krypton (Debian) – 2011/08• Matriux Krypton v1.2 (Debian) – 2012/02• Matriux Ec-Centric (Debian) – 2012/08
“Aut viam Invenium Aut Faciam”
#who should use?• Penetration Testers• Digital Forensic Investigators• Auditors • System and Network Administrators• Exploit Developers• Security enthusiasts• Casual Linux users??
“Aut viam Invenium Aut Faciam”
#features?• 330+ open source penetration testing, forensic and security
tools• Custom Kernel 3.9.4• Very own custom installation tool – MID (Matriux Installation
Disk)• Latest tools – until last updated (2013.07.30)• Smart phone penetration testing applications.• Forensics not neglected – given equal importance. • Build update tool – MUT (Matriux update tool)• Applications from team Matriux• USB persistent• New section in arsenal - PCI-DSS
“Aut viam Invenium Aut Faciam”
#matriux• Security tools logically organized based on work-flow into
#Arsenal :• Reconnaissance• Scanning• Gain Access• Frameworks• Wireless• Forensics• PCI- DSS• Debuggers• Tracers• Misc• Services
“Aut viam Invenium Aut Faciam”
#matriux• #Reconnaissance :• DNS• HTTrack• Dradis Framework• etherape• Magic Tree• quickrecon• peepdf• tcptracers• wireshark
“Aut viam Invenium Aut Faciam”
#matriux• #Scanning:• CISCO• Batman tools• Web Scanners• Angry IP scan• ettercap• gggooglescan• metagoofil• Blind eliphant• Nikto• XSS tools• Vega• p0f• t50
“Aut viam Invenium Aut Faciam”
#matriux• #Gain Access:• Passwords:
• Brutessh• Crunch• Ophcrack• John• Sucrack• Gcrack• Etemenanki• Vncpwdump• Iisbruteforecer• Medusa• rarcrack
“Aut viam Invenium Aut Faciam”
#matriux• #Gain Access:• Passwords:
• Brutessh• Crunch• Ophcrack• John• Sucrack• Gcrack• Etemenanki• Vncpwdump• Iisbruteforecer• Medusa• rarcrack
“Aut viam Invenium Aut Faciam”
#matriux• #Gain Access:• SQL:
• Bing-sqli-scanner• bsqlbf• minimysqlat0r• SQLBrute• sqlmap• sqlninja• sqlsus
“Aut viam Invenium Aut Faciam”
#matriux• #Gain Access:• SQL:
• Bing-sqli-scanner• bsqlbf• minimysqlat0r• SQLBrute• sqlmap• sqlninja• sqlsus
“Aut viam Invenium Aut Faciam”
#matriux• #Gain Access:• THC - IPv6:
“Aut viam Invenium Aut Faciam”
#matriux• #Gain Access:• THC - IPv6:
“Aut viam Invenium Aut Faciam”
#matriux• #Frameworks:• Inguma• Metasploit• Social Engineering Toolkit• w3af• BEef• GrendelScan• OWASP Mantra• Skipfish• Web Scarab• yersinia• Subterfuge• BurpSuite• maltego
“Aut viam Invenium Aut Faciam”
#matriux• #Wireless:• Bluetooth• Kismet• Reaver• VOIP
• SIP
• Aircrack-ng Suite• Fern wifi cracker• Gerix wifi cracker• GrimWEPA• WepBuster• WEPlab• pyrit• Wifi radar
“Aut viam Invenium Aut Faciam”
#matriux• #Forensics:• Acquisition• Analysis• Meta extractors• Dhash• dcfldd• fmem• memdump• Mobius forensic toolkit• pyflag• warrick• LIME
“Aut viam Invenium Aut Faciam”
#matriux• #Forensics:• Acquisition:
• A.I.R.• Galleta• Guymager• Steghide• Volatilitux• Volatility
“Aut viam Invenium Aut Faciam”
#matriux• #Forensics:• Analysis:
• androguard• apkviewer• Autopsy sleuthkit• foremost• Forensic data identifier• Gparted• Iphone Analyzer• Jbrofuzz• Vinetto• Pasco• Scalpel
“Aut viam Invenium Aut Faciam”
#matriux• #Forensics:• Metaextractors:
• pdftools• Flash tools• Text extractors• Image extractors• Meta info extractors
“Aut viam Invenium Aut Faciam”
#matriux• #PCI-DSS:• Babel• Ccsrch• Code janitor• Dep-checker• Eramba• Fossbarcode• Fossology• Ftimes• Open SCAP• Panbuster• SeNF• Spider Helix• Verinice
“Aut viam Invenium Aut Faciam”
#matriux• #Debuggers:• Boomerang• Crash• Ddd• Dissy• E2dbg• Electronic fence (efence)• Gdb• Hexedit• Javascript lint• Netifera• valgrind
“Aut viam Invenium Aut Faciam”
#matriux• #Tracers:• Etrace• Leak-tracer• Ltrace• Pstack• Strace• xtrace
“Aut viam Invenium Aut Faciam”
#what you do now?• Download Matriux.• Install it.• Play with it. • Have fun (you can help us improve it.)• Get back to us at:• [email protected]• @matriuxtig3r
“Aut viam Invenium Aut Faciam”
#what we from do now?• Public release - in couple of weeks. • Package repository – in a couple of weeks. • MSTF – Matriux Security Testing Framework. (WIP)• DVM – Damn Vulnerable Matriux. (WIP)
“Aut viam Invenium Aut Faciam”
#Thanks for sitting through this !!
Prajwal Panchmahalkar • Email: [email protected]• Twitter: @pr4jwal• Website: http://www.matriux.com/• irc: freenode.net/ #matriux
“Aut viam Invenium Aut Faciam”
Thanks to Josh: @savant42 for helping me!
Many thanks to Manu Zacharia, Gokul C Gopinath and Mikael Schoentgen for helping me through this build