Login  |  繁體中文

What is Resource Catalog ?

catalog-iconThe OpenFoundry Resource Catalog lists professional resources and applications related to the development of open source software. If you have any recommendation listing / category  or bug for this resource catalog, please do not hesitate to contact us.

Live CD


Results 1 - 18 of 18

Slitaz Aircrack-ng Distribution

The "Slitaz Aircrack-ng Distribution" is the base Slitaz cooking version plus the latest Aircrack-ng SVN version, wireless drivers patched for injection and other related tools. The custom distribution is especially tuned for the Acer Aspire One netbooks but will work well on virtually all desktops, notebooks and netbooks.

Slitaz Aircrack-ng, a Linux distro for security auditors working with wireless auditing projects. Loaded with latest Aircrack-ng version and working completely in RAM and booting from removable media such as a cdrom or USB key, Slitaz certainly sounds like a time saving distro for WPA crack process in wireless auditing process. SliTaz is distributed as a LiveCD, and weighs less than 30MB.


The Matriux is a phenomenon that was waiting to happen. It is a fully featured security distribution consisting of a bunch of powerful, open source and free tools that can be used for various purposes including, but not limited to, penetration testing, ethical hacking, system and network administration, cyber forensics investigations, security testing, vulnerability analysis, and much more. It is a distribution designed for security enthusiasts and professionals, although it can be used normally as your default desktop system.

Matriux is currently under development and the first beta version is available for download now. The current dowload version does not contain all of the tools listed under Arsenal section. However, the team will be adding more tools in the coming days / releases and update.


Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo includes Nessus and Metasploit for penetration testing and security assessment. The user interface is the Enlightenment window manager. Pentoo is optimized for Pentium III architecture. Pentoo supports package modularity in the same fashion that Slax does. We have Qemu with virt-manager so you can play some VMs in there, lots of tools update (msf, exploit-db, kismet, sqlmap, firefox & plugins), and some tools additions (airpwn, wapiti, pppd) and some graphics fixes (nvidia, intel).

Frhack OS

FRHACK OS is an updated/modified version of the latest BackTrack 4 iso, available for download ( https://www.remote-exploit.org/backtrack.html ). We have updated and added tons of tools, such as spoonwep-wpa, fakeap, airgraph-ng, airoscript, WEPcrack, ssidsnif, aphopper, fierce, wfuzz, zulu, airsnort, mdk3, wepbuster, bluemaho, bluescan, bluesnarfer, ghettotooth.pl, bt_audit, fatback, pasco, unhide, memdump, allin, tor, privoxy, ophcrack, vncrack, TFTP-bruteforce, DNSBruteforce, kalgecin, fuzzgrind, origami, MetaScan.rb, complemento and middler etc.


Frenzy is a "system administrator portable instrument", LiveCD based on FreeBSD OS, wich allows the administrator to boot from it and get fully functional system with wide variety of software for tunning, testing and analyzing the network, testing computer hardware and much more.

Frenzy is released in two different variants:

  • Frenzy standard - oriented specially on system administrators. size of ISO is 200 MB. Distributive contains 500 applications.
  • Frenzy extended - oriented on administrators and advanced users. It contains all standard applications plus many more. ISO is 250 MB. Distributive contains more then 600 applications.

Base operating system is FreeBSD 6.1-STABLE. System includes Frenzy documentation (the one you read right now) and official FreeBSD documentation - The FreeBSD Handbook and FAQ. Frenzy can be installed on a hard drive as a fully functional operating system. USB Flash install is also supported.


The OWASP Live CD project was originally started to update the previous OWASP Live CD 2007. The project met the September 15th, 2008 deadline for the OWASP Summer of Code (SoC) and produced its first release - the SoC release. In addition to creating these releases of the OWASP Live CD, the maintainer has created a series of forums and tutorials for support and documentation in an effort to help the Application Security community best use the tools and resources available.

Several mini-releases have sprung from this project. Currently, a version of the OWASP Live CD installed to a virtual hard drive (VMware) is available and work continues on making other versions of the project available including a bootable USB, portable VM installation, an installation for the Asus Eee PC. These are either downloadable files or instructions on how to create the alternate delivery mechanisms.

Samurai Web Testing Framework

The Samurai Web Testing Framework is a live linux environment that has been pre-configured to function as a web pen-testing environment. The CD contains the best of the open source and free tools that focus on testing and attacking websites. In developing this environment, we have based our tool selection on the tools we use in our security practice. We have included the tools used in all four steps of a web pen-test.

Starting with reconnaissance, we have included tools such as the Fierce domain scanner and Maltego. For mapping, we have included tools such WebScarab and ratproxy. We then chose tools for discovery. These would include w3af and burp. For exploitation, the final stage, we included BeEF, AJAXShell and much more. This CD also includes a pre-configured wiki, set up to be the central information store during your pen-test.

Network Security Toolkit

Network Security Toolkit (NST) is bootable Live CD/DVD. This ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms.

The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 100 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system administration, navigation, automation and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.

What we find rather fascinating with NST is that we can transform most x86/x86_64 systems into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, virtual session serving, or a sophisticated network/host scanner. This can all be done without disturbing or modifying any underlying system storage. NST can be up and running on a typical x86/x86_64 notebook in less than a minute by just rebooting NST Live. The notebook's hard disk will not be altered in any way.

NST also makes an excellent tool to help one with crash recovery troubleshooting scenarios and diagnostics.

DEFT Linux

DEFT (acronym of 'Digital Evidence & Forensic Toolkit) is a customized distribution of the Kubuntu live Linux CD. It is a very easy to use system that includes an excellent hardware detection and the best open source applications dedicated to incident response and computer forensics.

DEFT Linux v5 is based on the new Xubuntu Kernel 2.6.31 (Linux side) and the DEFT Extra 2.0 (Computer Forensic GUI) with the best freeware Windows Computer Forensic tools ; it isn t a customization of Xubuntu like the old version, it is a new concept of Computer Forensic live system that use LXDE as desktop environment and thunar file manager, mount manager as tool for device management, dhash2, guymager, dcfldd, ddrescue and linen as forensic imager tools, sleuthkit 3.01 andvautopsy 2.21 as landmark for the disk forensic, nessus 4 as security scanner and much more.

MultiISO LiveDVD

MultiISO LiveDVD is an integrated Live DVD technology which combines some of the very popular Live CD ISOs already available on the internet. It can be used for security reconnaissance, vulnerability identification, penetration testing, system rescue, media center and multimedia, system recovery, etc. It's a all-in-one multipurpose LiveDVD put together. There's something in it for everyone.

We had a good run with the first release of the MultiISO LiveDVD. Thanks to all those who downloaded. After countless hours of downloading livecds, testing, and BSDGurl bugging me to finish it before Christmas and New Year, I'm glad to present the second edition of MultiISO LiveDVD which hope will assist in reinforcing the hacking spirit and being creatively evil.


The Ophcrack Windows password cracker is the best free Windows password recovery tool available. Ophcrack is fast and easy enough for a first time password cracker with basic Windows skills. As an open source (GPL license) program, it cracks Windows LM hashes using rainbow tables. The program includes the ability to import the hashes from a variety of formats, including dumping directly from the SAM files of Windows. There is also a LiveCD version which automates the retrieval, decryption, and cracking of passwords from a Windows system.

Rainbow tables for LM hashes of alphanumeric passwords are provided for free by the developers. These tables can crack 99.9% of alphanumeric passwords of up to 14 characters in usually a few seconds, and at most a few minutes. Larger rainbow tables (for LM hashes of passwords with all printable characters, including symbols and space) are available for purchase from Objectif Securité. Save time and energy by skipping the other tools (even the expensive premium Windows password recovery programs) and download, burn and use the LiveCD version of Ophcrack.


Protech is a specially designed Linux distribution for security technicians and programmers, although it can be used normally as your default desktop system. It's imcomparable usability and stability makes this a unique product. Being the first 'stable' version of Protech, we wanted to make it one-of-a-kind, and we did. No more strange hardware bugs. Ubuntu's engine allowed us to have a wide range of hardware working right out of the box. Graphics, network cards, audio, etc, are no longer a nightmare in Protech. Just plug it in. No more complicated instalations. With two easy clicks you can install your favourite package or you can use the in-built package-manager. Easy!

Protech can run from anywhere in a Live environment from a CD or USB stick or it can easily be installed in your hard drive in a few minutes. Protech ONE comes with a great variety of the best security tools for your use.


The Kcpentrix Project was founded in May 2005 , KCPentrix 1.0 was liveCD designed to be a standalone Penetration testing toolkit for pentesters, security analysts and System administrators. After release 2.0 is a liveDVD, It features a lot of new or up to date tools for auditing and testing a network, from scanning and discovering to exploiting vulnerabilities.

Kcpentrix is based on SLAX 5, a Slackware live DVD. The Powerful modularity which Kcpentrix uses, allow us to easily customize our version, and include whichever modules we need. KCPENTRIX 2.0 is the most inovative and promising KCPENTRIX ever. It switched to 2.6 kernel line. Zisofs compression was replaced by SquashFS, which provides better compression ratio and higher read speed.


Damn Vulnerable Linux (DVL) works fine under Windows, Linux and Mac OSX using any virtual machine such as VMware, Qemu or KVM. You can let it run installed natively on a standard PC or even boot it from USB. It is everything a good Linux distribution isn't. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn't built to run on your desktop -- it's a learning tool for security students.

DVL is a live CD available as a 150MB ISO. It's based on the popular mini-Linux distribution Damn Small Linux (DSL), not only for its minimal size, but also for the fact that DSL uses a 2.4 kernel, which makes it easier to offer vulnerable elements that might not work under the 2.6 kernel. It contains older, easily breakable versions of Apache, MySQL, PHP, and FTP and SSH daemons, as well as several tools available to help you compile, debug, and break applications running on these services, including GCC, GDB, NASM, strace, ELF Shell, DDD, LDasm, LIDa, and more.


BackTrack 是基於 SLAX (一款 Slackware Live DVD) 可開機光盤客製而來的。它包含了一套系統與網路的安全取證工具。本專案其實是融合 Auditor Security Linux 和 WHAX (先前的 Whoppix) 而創立的。到了 BackTrack 4 以後,改用了 Ubuntu 為基礎客製。BackTrack 是一種專門用來破解無線網路密碼的工具,可以用來破解 WEP 的加解密,甚至 WPA 加解密的方式亦可以順利破解,但前提是需要足夠多的字典檔。

適用平台: Linux;原始碼授權類型: GNU Genearal Public License v2

資料來源: https://www.backtrack-linux.org/


Operator is a complete Linux (Debian) distribution that runs from a single bootable CD and runs entirely in RAM. The Operator contains an extensive set of Open Source network security tools that can be used for monitoring and discovering networks. This virtually can turn any PC into a network security pen-testing device without having to install any software. Operator also contains a set of computer forensic and data recovery tools that can be used to assist you in data retrieval on the local system.

The technique to allow Operator to boot and run from RAM is based on a project called KNOPPIX. KNOPPIX is a bootable CD with a collection of GNU/Linux software, automatic hardware detection, and support for many graphics cards, sound cards, SCSI and USB devices and other peripherals. KNOPPIX can be used as a Linux demo, educational CD, rescue system, or adapted and used as a platform for commercial software product demos. It is not necessary to install anything on a hard disk. Mastering of this CD uses on-the-fly decompression which allows for up to 2 GB of stored data.

The Penguin Sleuth Kit

The Penguin Sleuth Kit is a Bootable CD and a Vmware Virtual Platform.The Penguin Sleuth Kit adapts a great Linux resource to include tools that are useful when performing a forensic computer analysis & Security Auditing.

The goals of The Penguin Sleuth Kit are to offer a platform of communication to the Computer Forensics Examiner, Computer Security Specialist, Law Enforcement, and people interested in the fields. The project provided forums, a chat room along with other resources. There will be seperate sections for both the Bootable CD and Virtual Platform. Each section contains links for downloading. At present the links for downloading the New Penguin Sleuth Kit can be found in the forums section.


The main goal of nUbuntu is to create a distribution which is derived from the Ubuntu distribution, and add packages related to security testing and remove unneeded packages. nUbuntu is the result of an idea two people had to create a new distribution for the learning experience back in early 2006, when Ubuntu was in its still early stages. nUbuntu started many years ago as a project with the intent for its developers to learn about distribution development and quickly evolved into a full scale project after recieving a large community response. Currently today, we have many developers and a large contributing communinty. Anyone interested in helping may do so by contributing ideas and packages directly to the nUbuntu developers.

That all being said, if you want to try something with a clean interface, fast, and an excellent range of security tools please don't hesitate to download nUbuntu. Help make nUbuntu your number one choice when it comes to security.