Matriux Leandros - BSidesLV 2013

1,851 views

Published on

Matriux is the first full-fledged Debian-based security distribution designed for penetration testing and forensic investigations. Although it is primarily designed for security enthusiasts and professionals, it can also be used by any Linux user as a desktop system for day-to-day computing. Besides standard Debian software the Matriux Arsenal contains a huge collection of more than 350 most powerful and versatile security and penetration testing tools with around 20-50 more tools being added every release cycle of 6 months. Matriux comes with a custom-built Linux kernel to provide better performance and higher support for hardware to work even with a Pentium IV and 512 MB RAM comfortably.

Matriux was first released in 2009 under code name “lithium” and then followed by versions like “xenon” based on Ubuntu. Matriux “Krypton” then followed in 2011 where we moved our system to Debian. Other versions followed for Matriux “Krypton” with v1.2 and then Ec-Centric in 2012. This year we are working releasing Matriux “Leandros” which is currently in beta testing and a major revamp over the existing system.

Matriux arsenal is divided into sections with a broader classification of tools for Reconnaissance, Scanning, Attack Tools, Frameworks, Radio (Wireless), Digital Forensics, Debuggers, Tracers, Fuzzers and other miscellaneous tool providing a wider approach over the steps followed for a complete penetration testing and forensic scenario. Although there are were many questions raised regarding why there is a need for another security distribution while there is already one. We believed and followed the free spirit of Linux in making one. We always tried to stay updated with the tool and hardware support and so include the latest tools and compile a custom kernel to stay abreast with the latest technologies in the field of information security.

Matriux is also designed to run from a Live environment like a CD/ DVD or USB stick which can be helpful in computer forensics and data recovery for forensic analysis, investigations and retrievals not only from Physical Hard drives but also from Solid state drives and NAND flashes used in smart phones like Android and iPhone. With Matriux we also support and work with the projects and tools that have been discontinued over time and also keep track with the latest tools and applications that have been developed and presented in the recent conferences.

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,851
On SlideShare
0
From Embeds
0
Number of Embeds
63
Actions
Shares
0
Downloads
25
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide
  • http://mrwgifs.com/wp-content/uploads/2013/07/Panting-Catching-Your-Breath-Freak-Out-Gif.gifhttps://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRYQA8cWHwDio8ngpVojliLv2qhJjLw8ghMdxXeJCgQWvoBj4aJnwfile:///C:/Users/matriux/Desktop/bsides/brahmi-thala-badudu.gif
  • http://cdn-usa.gagbay.com/2012/04/challenge_denied-68288.jpg
  • http://onlyhdwallpapers.com/thumbnail/evolution_funny_humor_jokes_desktop_1280x1024_hd-wallpaper-28339.png
  • Image : http://i.chzbgr.com/completestore/2008/12/27/128748475817862277.jpg
  • Image: http://onlyhdwallpapers.com/wallpaper/300_mac_linux_funny_tux_gnu_debian_bsd_windows_desktop_1440x900_wallpaper-274370.jpg
  • Image: http://blog.yoeyar.com/wp-content/uploads/2010/10/BFvsDA.jpg
  • Image: http://blog.yoeyar.com/wp-content/uploads/2010/10/BFvsDA.jpg
  • Image: http://krazzysam.files.wordpress.com/2012/05/exploits_of_a_mom.png?w=620
  • Image: http://krazzysam.files.wordpress.com/2012/05/exploits_of_a_mom.png?w=620
  • Ipv6 http://ipv6friday.org/wp-content/uploads/2012/03/ipv6security.png
  • Ipv6 http://ipv6friday.org/wp-content/uploads/2012/03/ipv6security.png
  • Image http://www.customsinfo.com/Portals/129262/images/ninja.jpg
  • Image : http://jokideo.com/wp-content/uploads/2013/07/Funny-Wifi-cartoon.jpg
  • Image: https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcR162GoSVdwk2p81kwRhcb1H4hkSeSuPaqx-OMLhZMug1075MQc
  • Image: http://bigmouthbarry.com/wp-content/uploads/2013/06/next.jpg
  • Image:http://bigmouthbarry.com/wp-content/uploads/2013/06/next.jpg
  • Matriux Leandros - BSidesLV 2013

    1. 1. Open Source Linux Penetration Testing and Forensic Distribution Prajwal Panchmahalkar, C|EH Lead Develop, Matriux @pr4jwal, http://www.matriux.com/ #BSidesLV 2013 Mentored by Josh : @savant42
    2. 2. Prajwal Panchmahalkar • L30 • Security Researcher • Lead Developer, Matriux • Blogger • Recent Grad, MSCS, Texas Tech University • Web Developer – to feed myself..!! • Email: prajwal@matriux.com • Twitter: @pr4jwal • Website: http://www.matriux.com/
    3. 3. • • • • • • •
    4. 4. • • • • • • •
    5. 5. • • • • • •
    6. 6. • Matriux alpha (slax) – early 2008 • Matriux Lithium (Ubuntu KDE) – 2009/11 • Matriux Xenon (Ubuntu Gnome) – 2010/11 • Matriux Krypton (Debian) – 2011/08 • Matriux Krypton v1.2 (Debian) – 2012/02 • Matriux Ec-Centric (Debian) – 2012/08
    7. 7. • • • • • • •
    8. 8. • • • • • • • • • •
    9. 9. • • Reconnaissance • Scanning • Gain Access • Frameworks • Wireless • Forensics • PCI- DSS • Debuggers • Tracers • Misc • Services
    10. 10. • • DNS • HTTrack • Dradis Framework • etherape • Magic Tree • quickrecon • peepdf • tcptracers • wireshark
    11. 11. • • CISCO • Batman tools • Web Scanners • Angry IP scan • ettercap • gggooglescan • metagoofil • Blind eliphant • Nikto • XSS tools • Vega • p0f • t50
    12. 12. • • Passwords: • Brutessh • Crunch • Ophcrack • John • Sucrack • Gcrack • Etemenanki • Vncpwdump • Iisbruteforecer • Medusa • rarcrack
    13. 13. • • Passwords: • Brutessh • Crunch • Ophcrack • John • Sucrack • Gcrack • Etemenanki • Vncpwdump • Iisbruteforecer • Medusa • rarcrack
    14. 14. • • SQL: • Bing-sqli-scanner • bsqlbf • minimysqlat0r • SQLBrute • sqlmap • sqlninja • sqlsus
    15. 15. • • SQL: • Bing-sqli-scanner • bsqlbf • minimysqlat0r • SQLBrute • sqlmap • sqlninja • sqlsus
    16. 16. • • THC - IPv6:
    17. 17. • • THC - IPv6:
    18. 18. • • Inguma • Metasploit • Social Engineering Toolkit • w3af • BEef • GrendelScan • OWASP Mantra • Skipfish • Web Scarab • yersinia • Subterfuge • BurpSuite • maltego
    19. 19. • • Bluetooth • Kismet • Reaver • VOIP • SIP • Aircrack-ng Suite • Fern wifi cracker • Gerix wifi cracker • GrimWEPA • WepBuster • WEPlab • pyrit • Wifi radar
    20. 20. • • Acquisition • Analysis • Meta extractors • Dhash • dcfldd • fmem • memdump • Mobius forensic toolkit • pyflag • warrick • LIME
    21. 21. • • Acquisition: • A.I.R. • Galleta • Guymager • Steghide • Volatilitux • Volatility
    22. 22. • • Analysis: • androguard • apkviewer • Autopsy sleuthkit • foremost • Forensic data identifier • Gparted • Iphone Analyzer • Jbrofuzz • Vinetto • Pasco • Scalpel
    23. 23. • • Metaextractors: • pdftools • Flash tools • Text extractors • Image extractors • Meta info extractors
    24. 24. • • Babel • Ccsrch • Code janitor • Dep-checker • Eramba • Fossbarcode • Fossology • Ftimes • Open SCAP • Panbuster • SeNF • Spider Helix • Verinice
    25. 25. • • Boomerang • Crash • Ddd • Dissy • E2dbg • Electronic fence (efence) • Gdb • Hexedit • Javascript lint • Netifera • valgrind
    26. 26. • • Etrace • Leak-tracer • Ltrace • Pstack • Strace • xtrace
    27. 27. • Download Matriux. • Install it. • Play with it. • Have fun (you can help us improve it.) • Get back to us at: • info@matriux.com • @matriuxtig3r
    28. 28. • Public release - in couple of weeks. • Package repository – in a couple of weeks. • MSTF – Matriux Security Testing Framework. (WIP) • DVM – Damn Vulnerable Matriux. (WIP)
    29. 29. Prajwal Panchmahalkar • Email: prajwal@matriux.com • Twitter: @pr4jwal • Website: http://www.matriux.com/ • irc: freenode.net/ #matriux Thanks to Josh: @savant42 for helping me! Many thanks to Manu Zacharia, Gokul C Gopinath and Mikael Schoentgen for helping me through this build

    ×