Open Source Linux Virtualization Software

This is Metasploitable2 (Linux) Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is msfadmin:msfadmin. Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means). To contact the developers, please send email to msfdev@metasploit.com

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. This project is part of the ITSEC GAMES project. You can find more about the ITSEC GAMES and bWAPP projects on our blog. For security-testing and educational purposes only! Cheers Malik Mesellem

Xiaopan OS is an easy to use software package for beginners and experts that includes a number of advanced hacking tools to penetrate WPA / WPA2 / WPS / WEP wireless networks. Based on the Tiny Core Linux (TCL) operating system (OS), it has a slick graphical user interface (GUI) requiring no need for typing Linux commands. Xiaopan OS is Windows, Mac and Linux compatible and users can simply install and boot this ~70mb OS through a USB pen drive or in a virtual machine (VM) environment. Some of the tools included are Inflator, Aircrack-ng, Minidwep GTK, XFE, wifite and feeding bottle. Supported cards include RTL8187L, RT3070, AR9271 and many more.

Announcing The New Robolinux Series 14 Mate LTS - 2034 Robolinux is very pleased to announce a completely new 14.1 Mate privacy centered 1inux operating system you can download freely while also offering our users an optional 14+ advanced upgrade which comes with our Untracker and FAAST Boot along with one click popular privacy software installers like Tor and I2p, Wireshark and Bleachbit plus many more for a fair and reasonable price. Robolinux14.1-Mate is ideal for beginners and advanced users. We are proud that it comes with Enoch AI which is TOTALLY 100% PRIVATE, FREE, HONEST & UNCENSORED built into Robolinux Cinnamon 14.1 The Robolinux 14.1 version with rock solid Long Term Support through 2034! requires users to set secure boot in their BIOS. It is currently available in the Cinnamon desktop flavor. we will release series 14 Xfce version in the next two months.For more information please see Readme file. Warmest regards John Martinson Robolinux.org

Port of xboxhdm to support USB booting

Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei! username: dojo password: dojo

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, DionaeaFR, an ELK stack and much more. Lastly, almost 90 well-known malware analysis, forensics and network monitoring related tools are also present in the distribution.

IBM's Software Trusted Platform Module (TPM) includes a TPM 1.2 implementation, low level demo libraries and command line tools, a TPM test suite, and proxies to connect from a TCP/IP socket to a hardware TPM. tpm4769 is the latest version, with TPM side support for OpenSSL 1.1. The utilities and test suite have not been ported to OpenSSL 1.1. They remain at 1.0. For the SW TPM 2.0, see https://sourceforge.net/projects/ibmswtpm2/. TPM 1.2 and TPM 2.0 are not software compatible.

LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach linux,apache,php,mysql security.

BitVisor is a tiny hypervisor initially designed for mediating I/O access from a single guest OS. Its implementation is mature enough to run Windows and Linux, and can be used as a generic platform for various research and development projects.

Remote Desktop (RD) Connection Manager allows easy working with remote desktops and servers. It supports: Citrix ICA, Microsoft Windows terminal services (RDP), VMRC, VNC as well as VDI: VMWare Workstation, VMWare ESX and ESXi servers, Microsoft Hype

VPLE (Linux) Vulnerable Pentesting Lab Environment VPLE is an Intentionally Vulnerable Linux Virtual Machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing Labs. In VPLE bunch of labs are Available. NOTE:- "Only run in VMWare Pls Don’t run in VirtualBox" Will also run on the ProxMox server to understand how to do it pls refer to the doc in the zip named "Cybersecurity Lab Deployment on Proxmox" The default login and password is administrator: password. List Of All Labs in one VM:- 1. Web-DVWA 2. Mutillidae 3. Webgoat 4. Bwapp 5. Juice-shop 6. Security-ninjas 7. WordPress We are adding more labs in few days

Free TACACS+ (tac_plus) engine (written in C++) and webui (PHP) allows network administrators to limit access to network devices. This project (tacplus/webui) use to be on www.networkforums.net. New and improved features been added since the last release on old website. ** New Release of WebUI ** Improved useability More searching capabilities in reports

raw2vmdk is an OS independent Java utility that allows you to mount raw disk images, like images created by "dd", using VMware, VirtualBox or any other virtualization platform supporting the VMDK disk format.

OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

MailCleaner Open Source Edition is now discontinued but will continue under the spamtagger project https://github.com/SpamTagger [antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine templates.. - fully compatible with any SMTP mail server (Exchange, Zimbra, O365,...)

The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation.

WPE aims to help the beginners Web Penetration Testing to develop their skills * Web pentesting Enviromint :-: user:"ahmad.ninja" pass:"hacking15.org" 1. Environment to simulate the real live app (webs & mobile) but it focused on "web app". 2. This is the half of our project the other one will be on YouTube as "Video Tutorials" Which aim to help you to start your Pentesting career or develop it 3. The videos will be in English but articles will be written in Arabic 4. For instant support ask me @ahmaddotninja 5. Why didn`t I setup tools ? because you should learn how to install any tool on any platform ** Installation steps :-: 1- WPE is virtual Machine so you will need VM software we recommended Oracle VM VirtualBox Get it from here https://www.virtualbox.org/wiki/Downloads 2- uncompressed WPE.7z 3- after you install VirtualBox go to the menu bar select Machine > add 4- Browse to WPE folder select WPE.vbox // we use only OpenSource or Free software

Similar to the de-ice pentest CDs and pWnOS, Holynix is an Linux vmware image that was deliberately built to have security holes for the purposes of penetration testing. Visit http://pynstrom.com/forum/ for help setting up or completing the challenge.

Final year project with dissertation. This will host my project for my final year dissertation. All of the features of SF will be used to the best of my ability. The tools provided by SF will assist greatly!

Your friendly neighborhood hackers for hire. We are a group of individuals providing our clients the best support and troubleshooting advice and some of what we believe to be the best open source software and OS. Enjoy!

Isolated Execution is a software reference implementation of the security through isolation concept. It brings a contained environment where malware can run without affecting the whole system.

OSSEG is an IMS compatible security gateway that adds firewall, VPN, IDS, IPS, and monitoring functionalities to VoIP networks.

Power Hasher is a program that allow you to get the hash code of multiple files at once, and export the results to a file, making easy for this file to be imported and the files checked. Currently it supports MD5, SHA1, SHA256, SHA384 and SHA512.

RadicalSpam Virtual Appliance takes full solution of RadicalSpam Community Edition , pre-installed in a OVF virtual machine ( Open Virtual Format ) compatible with the best virtualization platforms on the market , including VMware ESX Server. More information : http://www.radical-spam.org