Skip to content

Security onion

Description

Security Onion is a distribution of Linux which comes with several forensic, IDS, and NSM tools pre-installed. Although Security Onion is mainly intended for IDS and NSM, it does provide a useful platform for performing forensics, as it comes with many forensics tools installed.

The image can be downloaded at: https://blog.securityonion.net/p/securityonion.html

List of Installed Tools

The following is the list of tools included on the Security Onion distro, as listed at https://github.com/security-onion-solutions/security-onion:

  • abcip
  • argus
  • barnyard2
  • bittwist
  • Bro
  • chaosreader
  • Daemonlogger
  • driftnet
  • dsniff
  • Dumbpig
  • ELSA
  • fwsnort
  • Hogger
  • hping
  • httpry
  • hunt
  • inundator
  • labrea
  • mergecap
  • ncat
  • netsed
  • netsniff-ng
  • NetworkMiner
  • nftracker
  • ngrep
  • nmap
  • oinkmaster
  • OSSEC
  • ostinato
  • p0f
  • pcapcat
  • ptunnel
  • Reassembler
  • scapy
  • sguil
  • Sniffit
  • Snorby
  • Snort
  • SnortValidator
  • Squert
  • ssldump
  • sslsniff
  • Suricata
  • tcpdump
  • tcpick
  • tcpreplay
  • tcpslice
  • tcpstat
  • tcpxtract
  • traceroute-circl
  • tshark
  • u2boat
  • u2spewfoo
  • udptunnel
  • Vortex
  • Wireshark
  • xpipes
  • Xplico
  • xprobe2
  • Zenmap