PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 114 network security tools pre-installed to aid the penetration tester. It is built on the debian squeeze image from the raspberry pi foundation’s website and uses Xfce as the window manager

Information Gathering
—————————
dnstracer
lynis
netmask
tcptraceroute
tcpdump (new)
ngrep (new)
sslsniff (new)
dnswalk (new)
dmitry (new)
ike-scan (new)
darkstat (new)
arping (new)
tcpflow (new)
bing-ip2hosts-0.2 (new)
metagoofil-blackhat (new)
theHarvester (new)

Network Mapping
———————-
fping
hping3
nbtscan
netdiscover
nmap
onesixtyone
p0f
sslscan
tcptraceroute
xprobe
zenmap
pbnj (new)

Vulnerability Identification
———————————-
curl
flasm
ratproxy
smbclient
sqlmap
w3af
wapiti
wbox
nikto
skipfish (new)
metasploit (new)
S.E.T (new)
Fasttrack (new)

Penetration
————–
ExploitDB
metasploit (with db_autopwn)
S.E.T
Fasttrack (new)

Privilege Escalation
————————-
bkhive
chntpw
dsniff
etherape
ettercap
john
medusa
netsed
ophcrack
packeth
packit
samdump2
ssldump
tcpick
tcpreplay
wireshark
yersinia
fcrackzip (new)

Maintaining Access :
———————–
6tunnel
cryptcat
dns2tcp
proxychains
ptunnel
socat
stunnel4
tinyproxy
udptunnel
vidalia
netcat (new)
openvpn (new)
iodine (new)
httptunnel (new)

—————————–
airodump-ng
aircrack-ng
airdecloak-ng
packetforge-ng
wash
airdecap-ng
ivstools
makeivs-ng
airbase-ng
aireplay-ng
airserv-ng
airdriver-ng
airmon-ng
airtun-ng
btscanner
obexftp
reaver
weplab (new)
wavemon (new)
prismstumbler (new)
kismet(new)

VoIP Analysis
—————
sipcrack
sipsak (new)

Digital Forensic
—————-
aimage
chkrootkit
foremost
galleta
magicrescue
mboxgrep
scalpel
scrub
vinetto
wipe

Stress Testing
—————-
siege

Miscellanious
————-
pentbox-1.5 (new)
ppcalc
sendemail
macchanger (new)

Download : pwnpi-v3.0.7z (619.1 MB)
md5:d8c5e00574a34eb13006019a19e5ad25:pwnpi-v2.0.7z
username:password:root:root

Find other Version |
Read more in here
Our post Before : http://www.seclist.us/2012/05/pwnpi-v10-pen-test-drop-box-distro-for_27.html

Security Onion is a Linux distro for IDS (Intrusion Detection) and NSM (Network Security Monitoring). It’s based on Ubuntu and contains Snort, Suricata, Sguil, Squert, Snorby, Bro, NetworkMiner, Xplico, and many other security tools.

Security Onion

RAM Minimum Requirements

• 512MB – 1GB RAM for the core OS (512MB for Ubuntu Server with no GUI)
• +512MB RAM for the server components (apache, sguild, Snorby, ELSA web, etc.)
• +1GB RAM for EACH network interface that you choose to monitor
• + >=512MB RAM if you choose to enable ELSA

Hardware Recommendations

• 64-bit
• Intel NICs
• as much RAM as your server holds!
• as much Disk as your server holds!

For Installation Procedures :  http://code.google.com/p/security-onion/wiki/Installation

Download version :
securityonion-12.04-20121224.iso (1.3 GB)
MD5 : securityonion-12.04-20121218.iso.md5 (64 Bytes) 
Find Other Version |
Resources : http://securityonion.blogspot.com/ | http://code.google.com/p/security-onion/

Security Onion is a Linux distro for IDS (Intrusion Detection) and NSM (Network Security Monitoring). It’s based on Ubuntu and contains Snort, Suricata, Sguil, Squert, Snorby, Bro, NetworkMiner, Xplico, and many other security tools.

RAM Minimum Requirements

• 512MB – 1GB RAM for the core OS (512MB for Ubuntu Server with no GUI)
• +512MB RAM for the server components (apache, sguild, Snorby, ELSA web, etc.)
• +1GB RAM for EACH network interface that you choose to monitor
• + >=512MB RAM if you choose to enable ELSA

Hardware Recommendations

• 64-bit
• Intel NICs
• as much RAM as your server holds!
• as much Disk as your server holds!

For Installation Procedures : http://code.google.com/p/security-onion/wiki/Installation

Download version :
securityonion-12.04-20121224.iso (1.3 GB)
MD5 : securityonion-12.04-20121218.iso.md5 (64 Bytes) 
Find Other Version |
Resources : http://securityonion.blogspot.com/ | http://code.google.com/p/security-onion/

Our Post Before :  http://seclist.us/2012/12/security-union-v-12-04-rc1-released.html

HoneyDrive is a virtual appliance (OVA) with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot and more. Additionally it includes useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, and much more. Lastly, many other helpful security, forensics and malware related tools are also present in the distribution.

Features

• Virtual appliance based on Xubuntu 12.04 Desktop.
• Distributed as a single OVA file, ready to be imported.
• Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin.
• Kippo SSH Honeypot, plus Kippo-Graph, Kippo2MySQL and other helpful scripts.
• Dionaea malware honeypot, plus phpLiteAdmin and other helpful scripts.
• Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts.
• LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator, INetSim and SimH.
• A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, ClamAV, ettercap, Automater, UPX, pdftk, Flasm, pdf-parser, Pyew, dex2jar and more.
• Firefox plugins pre-installed, plus extra helpful software such as GParted, Terminator, VYM, Xpdf and more.

Download : HoneyDrive_0.1_Santa_edition.ova (2.9 GB)
Find Other Version |
Resources : http://bruteforce.gr/honeydrive

Tools Include :

+Information Gathering
- Flagfox
- JSView
- PassiveRecon
- Wappalyzer
- View Dependencies
- Link Sidebar
+Editors
- JSView
- Firebug
+Network Utilities
- FireFTP
- DNS Cache
- SQLite Manager
- HTTP Fox
- FireSSH
+Miscellaneous
- Greasemonkey
- Greasefire
- CacheToggle
- URL Flipper
- Event Spy
- Stacked Inspector
- Scriptish
- Session Manager
- FireEncrypter
+Application Auditing
- Hackbar
- RESTClient
- Tamper Data
- Live HTTP Headers
- RefControl
- User Agent Switcher
- Web Developer
- DOM Inspector
- Inspect This
- Form Fox
- SQL Inject Me
- XSS Me
- Cookies Manager+
- Firecookie
- Autofill Forms
- Cookie Monster
- Fireforce
- Groundspeed
- Http Requester
- Modify Headers
- Poster
- Ref Spoof
- SeleniumExpertSeleniumIDE
- SeleniumIDE
- NoRedirect
- Websecurify
- Ra.2
+Proxy
- FoxyProxy
- Http Fox
- Proxy Tool

OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.

Mantra is lite, flexible, portable and user friendly with a nice graphical user interface. You can carry it in memory cards, flash drives, CD/DVDs, etc. It can be run natively on Linux, Windows and Mac platforms. It can also be installed on to your system within minutes. Mantra is absolutely free of cost and takes no time for you to set up.

Download : OWASP Mantra Janus Linux 64.tar.gz (123 MB) 

Windows : OWASP Mantra Janus.exe (125 MB)
Linux 32bit : OWASP Mantra Janus Linux 32.tar.gz (121 MB) 

Find Other Version |
Resources : http://code.google.com/p/getmantra/
Our post Before : http://seclist.us/2012/10/owasp-mantra-os-v-12-04-released.html

ESSPEE is a derivetive of Back | Track 5, based on Ubuntu 12.04. Designed for users who wish to use only free software. It is packed with featured security tools with stable configurations. This version consolidates the Unity desktop interface; a brand new way to find and manage your applications.

Features

• A Perfect Forensics Mode – Read-Only Mount
• A Perfect Stealth Mode – Networking Disabled
• Latest kernel with aufs support (Kernel 3.7.4)
• Metasploit Framework v4.6.0-dev [core:4.6 api:1.0]
• OSSEC – Open Source Host-based Intrusion Detection System
• Gnome-fallback Desktop Environment.
• Gnome-Pie – All your favourite applications at single click
• Suricata – Open Source Next Generation IDS/ IPS.
• Snorby – Suricata IDS/IPS Monitoring Web Interface.
• Meld – A visual diff and merge tool for compare files and directories.
• MySQL Workbench – A visual MySQL database designing tool.
• ESSPEE Personal Firewall – Realtime Pop-up Notification.
• Net Activity Viewer – A graphical network connections viewer.
• LOIQ – Open source network stress testing application.
• Guymager – Forensics imaging tool (GUI)
• Ostinato – Open-source network packet crafter/traffic generator.
• FSlint – Find and clean various unwanted extraneous files.
• Ruby 1.9.3p327 (2012-11-10 revision 37606)
• Fern Wi-Fi Cracker
• Virtualbox – Create your own virtual lab
• Nemiver – A standalone graphical C and C++ debugger
• Open Audit – Network inventory, audit and management tool
• Mobile Phone Forensics tools
• Anonymity – Tor network and many more

Download : ESSPEE-R3-x86.iso (3.35 GB) 

md5 : 61aa7c877568d8c109fb407b0540f0f4

firewall : ESSPEE-Personal-Firewall-Ubuntu.7z (248.1 kB) 
Forensics : ESSPEE-initrd-Forensics-Stealth.7z (60.9 MB) 
our post before : http://seclist.us/2012/07/update-esspee-r1-x86-penetration-testing-forensics.html

resources : http://sourceforge.net/projects/esspee

Pentoo is a security-focused livecd based on Gentoo
It’s basically a gentoo install with lots of customized tools, customized kernel, and much more. Here is a non-exhaustive list of the features currently included :

• Hardened Kernel with aufs patches
• Backported Wifi stack from latest stable kernel release
• Module loading support ala slax
• Changes saving on usb stick
• XFCE4 wm
• Cuda/OPENCL cracking support with development tools
• System updates if you got it finally installed

It features the following :

1. Changes saving
2. CUDA/OpenCL Enhanced cracking software
3. - John the ripper
4. - Hashcat Suite of tools
5. Kernel 3.7.5 and all needed patches for injection
6. XFCE 4.10
7. All the latest tools and a responsive development team!

DISCLAIMER :
THIS IS EXPERIMENTAL SOFTWARE. USE AT YOUR OWN RISK. PENTOO.CH CAN NOT BE HELD LIABLE UNDER ANY CIRCUMSTANCES FOR DAMAGE TO HARDWARE OR SOFTWARE, LOST DATA, OR OTHER DIRECT OR INDIRECT DAMAGE RESULTING FROM THE USE OF THIS SOFTWARE. IN SOME COUNTRIES THE CRYPTOGRAPHIC SOFTWARE AND OTHER COMPONENTS ON THE ISO ARE GOVERNED BY EXPORT REGULATIONS AND THUS MAY NOT BE FREELY COPIED AS IS OTHERWISE NORMAL FOR SOFTWARE UNDER THE GPL LICENSE. IF YOU DO NOT AGREE TO THESE CONDITIONS, YOU ARE NOT PERMITTED TO USE OR FURTHER DISTRIBUTE THIS SOFTWARE. IF YOU PLAN TO COMMERCIALLY USE OR DISTRIBUTE (AND SELL) THE SOFTWARE, YOU HAVE TO ACQUIRE THE NECESSARY LICENSES AND PERMISSIONS FROM ALL SOFTWARE COPYRIGHT HOLDERS OF NON-FREE SOFTWARE COMPONENTS, OR REMOVE THESE COMPONENTS BEFORE DISTRIBUTING THE SOFTWARE

Download :
Pentoo Linux 2013.0 i686 RC1.1.torrent (130K) 
Pentoo Linux 2013.0 x86_64 RC1.1.torrent (152K) 
Sources : https://code.google.com/p/pentoo/

Tool Includes :

Wifi Cracking Tools:

• Cowpatty
• Feeding Bottle
• Wireshark
• Pyrit
• Wifite
• Reaver
• Fern Wifi Cracker
• Python Dictionary File Creator (for WPA and Brute Force)

Network Cracking Tools:

• XHydra
• Snort
• tcpdump
• Netexpect
• Etherape
• Kismet
• Net Tools 5.0
• Deny Hosts
• Zenmap
• Secure Shell
• Umit Network Scanner
• Sec Panel
• Tiger
• hPing
• Python-Scalpy
• nmap
• John the Ripper
• XHydra
• John the Ripper
• nmap
• Kismet
• Snort
• NetExpect
• Python-Scalpy
• Etherape
• w3af

Network Tools:

• pyNeighbourhood
• KPPP Dialup
• KNemo
• DC-QT
• Communication Tools:
• Pidgin + All plugins
• Skype
• TorChat
• Team Speak
• Online Money:
• Bitcoin

DDOS Tools:

• HOIC
• LOIC
• Hive Mind LOIC
• iPWin
• UDP Unicorn
• GoodBye
• XOIC
• …9 more JS LOIC bookmarked in Firefox

Website Tools:

• Heidi SQL
• Filezilla
• WebHTTrack Website Copier
• Putty SSH/Telnet
• Web Browsers:
• Konquerer
• Firefox – Mods Include:
• Noscript, Adblock, Modified Downloadhelper,
• HTTPS Everywhere, Imacros, Foxy Proxy,
• Hidemyass, NewIPNow, Greasemonkey
• And tonnes of bookmarks…

Emulation:

• Wine
• Wine Tricks
• Play on Linux
• Mono
• VirtualBox 4.2
• Security:
• ClamAV
• Tor (Enabled automatically for Firefox, Pidgin and Skype)
• Polpio
• chrootkit
• rkhunter
• Kvpnc
• Firewall Builder

Sound and Video:

• Webcam Utilities
• VLC

Extras:

• Gnome Color Changer
• Ubuntu Tweak
• MyUnity
• Ubuntu Restricted Extras
• KUbuntu Restricted Extras
• XUbuntu Restricted Extras
• Multiple Monitors
• Open JDK Java 6 Runtimes
• Open JDK Java 7 Runtimes
• IcedTea Java Plugin
• PDF Resurrect
• Original 10.04 Style Desktop(Sidebar search removed)
• Amazon results removed.
• Icons are now neatly in folders not just strung around the desktop
• New stamped Grub screen and Desktop

Downlaod :
Part I : Ubuntu Echelon V1R5.part1.exe (524.3 MB)
Part II : Ubuntu Echelon V1R5.part2.rar (524.3 MB)
Part III : Ubuntu Echelon V1R5.part3.rar (524.3 MB)
Part IV : Ubuntu Echelon V1R5.part4.rar (524.3 MB) 
Part V : Ubuntu Echelon V1R5.part5.rar (524.3 MB)
Part VI : Ubuntu Echelon V1R5.part6.rar (219.4 MB) 
sources : https://www.facebook.com/UbuntuEE

Penbang is a collection of tools aimed at the openbox environment. It includes Network Exploits, Vulnerability Assessment/Exploits, Network Analysis, Social Engineering tools, I.G.C, dsniff suite, and irpas. As well as a simple way of launching them.

[Openbox(Debian)]

#####################Update Version 0.0.2#####################
#
# ADDED
# Metasploit/Armitage
# sqlninja
# sqlsus
# wfuzz
# hydra
# hydra-gtk
# findmyhash
# etherape
# SMITM
# log_ex
# ParseLog
# Message of the day(Anything launched by Scripts.py)
# History interpreter(Arrow up shows last enrty)

###############################Pack List#########################
Network Exploits:

• aircrack-ng
• airmon-ng
• airodump-ng
• sslstrip
• sslsniff
• reaver
• ettercap
• subterfuge
• yamas
• SMITM —–0.0.2 Update

Vulnerability Assessment/Exploits —–0.0.2 Update

• Metasploit/Armitage
• sqlninja
• sqlsus
• wfuzz
• hydra
• hydra-gtk

Network Analysis:

• scapy
• kismet
• nmap
• zenmap
• tcpdump
• tshark
• wireshark
• etherape

Social Engineering:

• Maltego
• I.G.C:
• crunch
• john
• Hash-ID
• findmyhash —–0.0.2 Update
• log_ex —–0.0.2 Update
• ParseLog —–0.0.2 Update

dsniff suite:

dsniff
filesnarf
mailsnarf
msgsnarf
urlsnarf
webspy
arpspoof
dnsspoof
macof
sshmitm
webmitm

irpas: #Not all tools from irpas are used

• dfkaa
• protos
• netenum
• tctrace
• itrace
• irdpresponder
• irdp
• ass
• igrp
• file2cable
• cdp

########################################################################

Download : penbang_0.0.2.zip (6.4 MB) 
Find Other Version |
sources : http://penbang.sysbase.org/

This is an attempt to create a Pentest Distribution, based on the new Wheezy 7 with the addition of Kali linux tools. The project has keep Update all the time, there is always ways to further improve.
This distribution is extremely stable and fast with all the tools to job very well.This is the Second Updated version in my distro with code name C.I.A Version 2 (Custom Improvement Arsenal)
This effort would not have been successfully completed in such a short period of time without the invaluable help of D4rk-50ld13r Top Member of TOP-HAT-SEC Forum, thanked him for all he has done for us.

Features

• Full Pentest Firefox, chrome, Tor browser
• Arsenal HackPack (Scripts Categorized by reaperz73)
• Fulli Customizing menou Kali tools
• Fulli Update and Upgrate system
• Skype
• Login Audio
• Multiarch enabled
• YAMAS in menu
• Easy greds in menu
• Recon-ng in menu
• PwnSTAR in menu
• Slowloris in menu
• Darkstar fix
• metasploit start with the system
• Conky
• UnicornScan
• KaliLazy script installed (Use it with great caution)
• Inxi (System Information)

System: Debian Wheezy 7 Stable
Kernel: 3.7-trunk-amd64 x86_64 (64 bit)
Multiarch
Desktop: Gnome
Distro: Wheezy 7 Kali GNU/Linux 1.0
User name: root/Pass: toor
FOR IMPORTANT FIX AND TIPS: LOOK THE TICKETS
To install the distribution could begin to Default or live mode, and the Application menu select System tools >Live Installer.

Download :
CIA_Wheezy7Kali_darkc0d3.iso (3.4G)
MD5 : 030adeeac7cbaed25ce4b5ae804a23df custom-live.iso

Sources : https://drive.google.com/

Xiaopan 0.4.7.2 :
- Updated Bully to Bully.2013-09-11
- Updated @cristi_28 BullyWPS Script to v1.7 (translated & modded by me)
- Fixed RTL8187L wlan0 instead mon0 issue (reported by @Remington & @estimacamry)
- Fixed Inflator 0 AP’s detected issue (reported by @Remington)

Xiaopan OS is an easy to use software package for beginners and experts that includes a number of advanced hacking tools to penetrate WPA / WPA2 / WPS / WEP wireless networks.

Based on the Tiny Core Linux (TCL) operating system (OS), it has a slick graphical user interface (GUI) requiring no need for typing Linux commands. Xiaopan OS is Windows, Mac and Linux compatible and users can simply install and boot this ~70mb OS through a USB pen drive or in a virtual machine (VM) environment.

Some of the tools included are Inflator, Aircrack-ng, Minidwep GTK, XFE, wifite and feeding bottle. Supported cards include RTL8187L, RT3070, AR9271 and many more.

Features

• Run in Parallels Desktop / VMware / VirtualBox
• Compatible with Yumi Boot / LiLi USB Creator
• Run on Live CD
• Packages include: Minidwep, Aircrack, Inflator, Reaver, Feeding Bottle, Wifite
• 70mb ISO
• Based on TinyCore Linux
• Recommended minimum requirements: Pentium 2 or better, 128mb of ram + some swap
• Recommended: Wireless USB card that supports monitor mode and injection
• Windows / Linux / Mac Compatible

Download : Xiaopan 0.4.7.2 (72.5 MB)
Find Other Version |
Discussion Support and sources : http://xiaopan.co/forums/

24-09-2013 SmoothSec 3.4 released

[*] Improvements and fixes

New available deployments:

Standard (IDS mode – All in one mode [Snorby + Sensor]
Console (IDS mode – Distributed [Only Snorby web console])”
Sensor (IDS mode – Distributed [Only sensor])”

Ips-standard (IPS mode – All in one mode [Snorby + Sensor])”
Ips-console (IPS mode – Distributed [Only Snorby web console])”
Ips-sensor (IPS mode – Distributed [Only sensor])”
[*] Upgrades
Pigsty unified2 spooler v0.1.8

[*] New tools

Rule2alert, On-the-fly packet generation based off snort and suricata rules.
greppcap.py, Python/Scapy tool to find and extract regex-matching sessions from libpcap files.
nstreams, identify the IP streams that are occurring on a network from a non-user friendly tcpdump.
pktstat, displays a real-time summary of packet activity on an interface.
arpalert, monitor ARP changes in ethernet networks.

Smooth-Sec is a lightweight and fully-ready IDS/IPS (Intrusion Detection/Prevention System) Linux distribution based on Debian 7 (wheezy), available for 32 and 64 bit architecture. The distribution includes the latest version of Snorby, Snort, Suricata, PulledPork and Pigsty. An easy setup process allows to deploy a complete IDS/IPS System within minutes, even for security beginners with minimal Linux experience

System Requirement :

• VMware VM (Hardware Version 9)
• 4 vCPU’s
• 8GB of RAM
• 2 vNIC’s (SPAN, mgmt)
• 500GB of Storage
• 1GB network throughout

Download :
smoothsec-3.4-i386.iso (804.3 MB)
smoothsec-3.4-amd64.iso (728.6 MB)
Our post before : http://seclist.us/2012/07/smooth-sec-v-2-0-released.html
sources : https://github.com/smoothsec/docs/wiki

Viproy Voip Pen-Test Kit is developed to improve the quality of SIP Penetration Tests. It provides authentication feature that helps to create simple tests. It includes 10 different modules with authentication support: options tester, brute forcer, enumerator, invite tester, trust analyzer, proxy and registration tester. All attacks could perform before and after authentication to fuzz SIP services and value added services.
SIP Pen-test guide will be published soon. Basic Usage of Modules are presented below, it can be used before guide. All modules have DEBUG and VERBOSE supports

Preparing The Test Network
VulnVOIP is vulnerable SIP server, you can use it for tests
VulnVOIP : http://www.rebootuser.com/?cat=371

Installation – Metasploit Github Edition
Copy “lib”, “modules” and “data” folders’ content to Metasploit Root “/” Directory.
Mixins.rb File (lib/msf/core/auxiliary/mixins.rb) Should Contain This Line
require ‘msf/core/auxiliary/sip’

Installation – Metasploit Pro Edition
Copy “lib”, “modules” and “data” folders’ content to /opt/metasploit/apps/pro/msf3 directory.
Mixins.rb File (/opt/metasploit/apps/pro/msf3/lib/msf/core/auxiliary/mixins.rb) Should Contain This Line
require ‘msf/core/auxiliary/sip’

For SIP Trust Analyzer module.
Install “pcaprub” via “/opt/metasploit/ruby/bin/gem install pcaprub”
or
Metasploit – How To install Pcaprub For Windows (http://msfbt.wordpress.com/2012/05/31/metasploit-how-to-install-pcaprub-for-windows/)

Sample Usage Video
Download latest version :  viproy-voipkit-master.zip (35.5 KB) | Mirror : http://seclist.us/wp-content/uploads/2014/08/viproy-voipkit-master.zip
Sources : viproy-voipkit  | http://viproy.com/

Matriux is a GNU/Linux, Debian based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS.
Features

• Custom kernel 3.9.4 (patched with aufs, squashfs and xz filesystem mode, includes support for wide range of wireless drivers and hardware) Includes support for alfacard 0036NH
• Faster interface
• More than 340 tools powerful for penetration testing and forensics
• New Section PCI-DSS tools in Arsenal
• high emphasis on forensics
• greater hardware support
• Comes with custom installer
• supports USB persistence
• UI inspired from Greek Mythology
• IPv6 tools included.
• Easy integration with virtualbox and vmware player even in Live mode.

Authentification
Username: root
Username: matriux
Username: tiger
Password: toor

Download : Matriux-Blue-Lite-x64.iso (3.7 GB)
Md5 file : Matriux-Blue-Lite-x64.iso.md5 (60 Bytes)
Source : http://www.matriux.com/index.php?page=home

Change log September 2014

• Issue 412: OSSEC 2.8 or higher
• Issue 573: OSSEC setmaxagents
• Issue 330: ossec.conf changes
• Issue 581: NSM: avoid filling disk if CRIT_DISK_USAGE exceeded in one day
• Issue 582: NSM: only run “broctl cron” if Bro is enabled
• Issue 568: New package securityonion-samples-jackcr
• Issue 553: NetworkMiner 1.6
• Issue 572: securityonion-et-rules: update for new ISO
• Issue 536: ISO: deleting desktop icons for live user sometimes doesn’t work properly
• Issue 554: 12.04.5 ISO image

Security Onion is a Linux distro for IDS (Intrusion Detection) and NSM (Network Security Monitoring). It’s based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

Security Onion 12.04 Update Procedure
Initiating an update over SSH
If you’re updating your Security Onion box over an SSH connection and your connection drops, then your update process may be left in an inconsistent state. It is therefore recommended to run byobu so that your session will continue to run on the Security Onion box even if your connection drops. Byobu is very handy and we recommend running it all the time to avoid forgetting about it before an update.

# install byobu
sudo apt-get install byobu
# enable byobu
byobu-enable
# you’re now ready to update

Download latest version : securityonion-12.04.4-20140222.iso (1.4 GB) 
Find Other Version |
Source : http://blog.securityonion.net/p/securityonion.html
Our Post Before : http://seclist.us/update-security-union-v-12-04-3-20130904.html

Santoku includes a number of open source tools dedicated to helping you in every aspect of your mobile forensics, malware analysis, and security testing needs, including:

Development Tools:
Android SDK Manager
AXMLPrinter2
Fastboot
Heimdall (src | howto)
Heimdall (GUI) (src | howto)
SBF Flash

Penetration Testing:
Burp Suite
Ettercap
Mercury
nmap
OWASP ZAP
SSL Strip
w3af (Console)
w3af (GUI)
Zenmap (As Root)

Wireless Analyzers:
Chaosreader
dnschef
DSniff
TCPDUMP
Wireshark
Wireshark (As Root)

Device Forensics:
AFLogical Open Source Edition (src | howto)
Android Brute Force Encryption (src | howto)
iPhone Backup Analyzer (GUI) (src | howto)
libimobiledevice (src | howto)
scalpel
Sleuth K

Reverse Engineering:
Androguard
Antilvl
APK Tool
Baksmali
Dex2Jar
Jasmin
JD-GUI
Mercury
Radare2
Smali

Download Latest Version :
santoku_0.5.iso (2.5 GB) 
Source : https://santoku-linux.com/

The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts.
Simplify security in your IT infrastructure with Cyborg. Its real strength comes from the understanding that a tester requires a strong and efficient system,that benefits from a strong selection of tools, integrated with a stable linux environment.

The most advanced, powerful and yet beautiful penetration testing distribution ever created.Lined up with ultimate collection of tools for pro Ethical Hackers and Cyber Security Experts.

Features :
+ The most advanced, powerful and yet beautiful penetration testing distribution ever created.
+ More than 700+ penetration testing tools included.
+ Cyborg Hawk is totally Free and always will be.
+ Various Wireless devices support
+ Well sorted menu,everything is in just the right place.
+ Patched kernal from injection.
+ Exploitation Toolkit,Stress Testing,Reverse Engineering,Forensics,Mobile Security,Wireless Security.

Download : Cyborg-Hawk-Linux.iso (55.4 MB)
source : https://twitter.com/CyborgLinux