Packages that are used to protect a user from malware & attacks from other users.

Tool count: 28

BlackArch defensive
Name Version Description Homepage
arpon 2.7 A portable handler daemon that make ARP protocol secure in order to avoid the Man In The Middle (MITM) attack through ARP Spoofing, ARP Cache Poisoning or ARP Poison Routing (APR) attacks.
arpstraw 27.ab40e13 Arp spoof detection tool.
artillery 219.b71d006 A combination of a honeypot, file-system monitoring, system hardening, and overall health of a server to create a comprehensive way to secure a system.
artlas 140.728aea5 Apache Real Time Logs Analyzer System.
chkrootkit 0.52 Checks for rootkits on a system
detect-sniffer 151.63f0d7f Tool that detects sniffers in the network.
fastnetmon v1.1.3.r304.g12ac8ce High performance DoS/DDoS load analyzer built on top of multiple packet capture engines.
fssb 73.51d2ac2 A low-level filesystem sandbox for Linux using syscall intercepts.
ifchk 1.1.0 A network interface promiscuous mode detection tool.
inetsim 1.2.8 A software suite for simulating common internet services in a lab environment, e.g. for analyzing the network behaviour of unknown malware samples.
jhead 3.00 EXIF JPEG info parser and thumbnail remover
lorg 96.3960fa7 Apache Logfile Security Analyzer.
malmon 0.3 Hosting exploit/backdoor detection daemon. It's written in python, and uses inotify (pyinotify) to monitor file system activity. It checks files smaller then some size, compares their md5sum and hex signatures against DBs with known exploits/backdoor.
maltrail 3140.2269e50b Malicious traffic detection system.
mat 0.6.1 Metadata Anonymisation Toolkit composed of a GUI application, a CLI application and a library.
mat2 0.5.0 A metadata removal tool, supporting a wide range of commonly used file formats.
nipe 205.ef3e2d6 A script to make Tor Network your default gateway.
portspoof 125.a15bca7 This program's primary goal is to enhance OS security through a set of new techniques.
prowler 527.2437f8f Tool for AWS security assessment, auditing and hardening.
quicksand-lite 28.857210e Command line tool for scanning streams within office documents plus xor db attack.
sniffjoke 0.4.1 Injects packets in the transmission flow that are able to seriously disturb passive analysis like sniffing, interception and low level information theft.
snort A lightweight network intrusion detection system.
suricata 4.1.0 An Open Source Next Generation Intrusion Detection and Prevention Engine.
tabi 13.068a406 BGP Hijack Detection.
tor-autocircuit 0.2 Tor Autocircuit was developed to give users a finer control over Tor circuit creation. The tool exposes the functionality of TorCtl library which allows its users to control circuit length, speed, geolocation, and other parameters.
tor-browser-en 8.0.3 Tor Browser Bundle: anonymous browsing using Firefox and Tor
truecrypt 7.1a Free open-source cross-platform disk encryption software
zeus 107.da38d0d AWS Auditing & Hardening Tool.