Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor

Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor 

Whonix, which is earlier called TorBOX or aos; now been reintroduced with a new style. This time we got a complete anonymous general purpose Operating System based on Virtual Box, Debian GNU/Linux and Tor.  According to the project wiki page - in Whonix IP and DNS leaks are impossible. Not even malware with root rights can find out the user's real IP/location. This is because Whonix consists of two virtual machines. One machine solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other machine, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. 

We request our reader to See Security for a more comprehensive description, security features and threat model. You can even go through with full change log and also download the source code from github. 

Key Features:- 

• Adobe Flash anonymously
• browse the web anonymously
• Anonymous IRC
• Anonymous Publishing
• Anonymous E-Mail with Mozilla Thunderbird and TorBirdy
• Add a proxy behind Tor (Tor -> proxy)
• Based on Debian GNU/Linux.
• Based on the Tor anonymity network.
• Based on Virtual Box.
• Can torify almost any application.
• Can torify any operating system
• Can torify Windows.
• Chat anonymously.
• Circumvent Censorship.
• DNSSEC over Tor
• Encrypted DNS
• Full IP/DNS protocol leak protection.
• Hide the fact that you are using Tor/Whonix
• Isolating Proxy
• Java anonymously
• Javascript anonymously
• Location/IP hidden servers
• Prevents anyone from learning your IP.
• Prevents anyone from learning your physical location.
• Private obfuscated bridges supported.
• Protects your privacy.
• Protocol-Leak-Protection and Fingerprinting-Protection
• Secure And Distributed Time Synchronization Mechanism
• Security by Isolation
• Stream isolation to prevent identity correlation through circuit sharing
• Virtual Machine Images
• VPN/Tunnel Support
• Whonix is produced independently from the Tor (r) anonymity software and carries no guarantee from  The Tor Project about quality, suitability or anything else.
• Transparent Proxy
• Tunnel Freenet through Tor
• Tunnel i2p through Tor
• Tunnel JonDonym through Tor
• Tunnel Proxy through Tor
• Tunnel Retroshare through Tor
• Tunnel SSH through Tor
• Tunnel UDP over Tor
• Tunnel VPN through Tor

To Download Whonix-0.4.5 Click Here. Before download please note that Whonix is produced independently from the Tor anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Whonix -Anonymous Operating System Based on Debian/GNU Linux & Tor"https://www.voiceofgreyhat.com/2012/10/Whonix-Anonymous-Operating-System.html</a>

TOR Client Leaking Sensitive Information From Cache Memory, Later The Bug Has Been Fixed

TOR Client Leaking Sensitive Information From Cache Memory, Later The Bug Has Been Fixed  

Major security issue has been found in the world's most famous and widely used software for online anonymity, Tor (The Onion Router). A software developer named Andrey Karpov found that the anonymisation software uses a function called memset() to delete cache data, which is not supported by all compilers. In some cases, that can cause the TOR client to leave confidential data like passwords in the system memory when it is closed. The memset() function is problematic because it is automatically deleted when TOR is optimized for speed with a compiler like the one in Microsoft Visual Studio 2010. Once that happens, the data remains in system memory, where it can be read by malicious programs.

As soon as this security issue get spot light The Tor Project has immediately issues a fix to close the security vulnerability which leads to leak information from memory on some machines running Tor that could give an attacker access to sensitive information stored in the cache. The developers at the Tor Project were alerted to the problem recently and began looking into the issue. What they found is that in some cases, when the Tor client uses a function called memset to erase some cache data on a machine, some of that information will still remain when Tor exits. The data that remains could give an attacker access to sensitive information in the cache. The strring explaining the bug fix in Tor says that different compilers handle the situation differently. In their bug fix Tor Project says that "Tor tries to wipe potentially sensitive data after using it, so that if some subsequent security failure exposes Tor's memory, the damage will be limited. But we had a bug where the compiler was eliminating these wipe operations when it decided that the memory was no longer visible to a (correctly running) program, hence defeating our attempt at defense in depth. We fix that by using OpenSSL's OPENSSL_cleanse() operation, which a compiler is unlikely to optimize away. Future versions of Tor may use a less ridiculously heavy approach for this. Fixes bug 7352."

-Source (Tor Project, The-H & threatpost)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">TOR Client Leaking Sensitive Information From Cache Memory, Later The Bug Has Been Fixed"https://www.voiceofgreyhat.com/2012/11/TOR-Client-Leaking-Information-From-Cache-Memory.html</a>

Tor 0.2.3.9-alpha With Initial IPv6 Support

Tor 0.2.3.9-alpha introduces initial IPv6 support for bridges, adds a "DisableNetwork" security feature that bundles can use to avoid touching the network until bridges are configured, moves forward on the pluggable transport design, fixes a flaw in the hidden service design that unnecessarily prevented clients with wrong clocks from reaching hidden services, and fixes a wide variety of other issues.

Features:-  

• Clients can now connect to private bridges over IPv6. Bridges still need at least one IPv4 address in order to connect to other relays. Note that we don't yet handle the case where the user has two bridge lines for the same bridge (one IPv4, one IPv6). Implements parts of proposal 186.

• New "DisableNetwork" config option to prevent Tor from launching any connections or accepting any connections except on a control port.

• Bundles and controllers can set this option before letting Tor talk to the rest of the network, for example to prevent any connections to a non-bridge address. Packages like Orbot can also use this   option to instruct Tor to save power when the network is off.

• Clients and bridges can now be configured to use a separate "transport" proxy. This approach makes the censorship arms race easier by allowing bridges to use protocol obfuscation plugins.  It implements the "managed proxy" part of proposal 180 (ticket 3472).

• When using OpenSSL 1.0.0 or later, use OpenSSL's counter mode implementation. It makes AES_CTR about 7% faster than our old one (which was about 10% faster than the one OpenSSL used to provide). Resolves ticket 4526.

•  Add a "tor2web mode" for clients that want to connect to hidden services non-anonymously (and possibly more quickly). As a safety measure to try to keep users from turning this on without knowing what they are doing, tor2web mode must be explicitly enabled at compile time, and a copy of Tor compiled to run in tor2web mode cannot be used as a normal Tor client. Implements feature 2553.

•  Add experimental support for running on Windows with IOCP and no kernel-space socket buffers. This feature is controlled by a new "UserspaceIOCPBuffers" config option (off by default), which has no effect unless Tor has been built with support for bufferevents, is running on Windows, and has enabled IOCP. This may, in the long run, help solve or mitigate bug 98.

•  Use a more secure consensus parameter voting algorithm. Now at least three directory authorities or a majority of them must vote on a given parameter before it will be included in the consensus. Implements proposal 178.

Major Bugfixes:-

• Hidden services now ignore the timestamps on INTRODUCE2 cells.
• They used to check that the timestamp was within 30 minutes of their system clock, so they could cap the size of their  replay-detection cache, but that approach unnecessarily refused service to clients with wrong clocks. Bugfix on 0.2.1.6-alpha, when the v3 intro-point protocol (the first one which sent a timestamp field in the INTRODUCE2 cell) was introduced; fixes bug 3460.
• Only use the EVP interface when AES acceleration is enabled, to avoid a 5-7% performance regression. Resolves issue 4525; bugfix on 0.2.3.8-alpha.

Privacy/Anonymity Features (bridge detection):-

• Make bridge SSL certificates a bit more stealthy by using random serial numbers, in the same fashion as OpenSSL when generating self-signed certificates. Implements ticket 4584.
• Introduce a new config option "DynamicDHGroups", enabled by default, which provides each bridge with a unique prime DH modulus to be used during SSL handshakes. This option attempts to help against censors who might use the Apache DH modulus as a static identifier for bridges. Addresses ticket 4548.

To Download Tor 0.2.3.9-alpha Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Tor 0.2.3.9-alpha With Initial IPv6 Support"https://www.voiceofgreyhat.com/2011/12/tor-0239-alpha-with-initial-ipv6.html</a>

Infondlinux: Install Useful Security Tools and Firefox Addons!

infondlinux is a script that installs most of tools, that we use during penetration tests and capture the flag tournaments. It is a post configuration script for Ubuntu Linux. We can also install it on other *nix system but not all of the below mentioned tools may work depending on environment. It has been actively tested on Ubuntu 10.10.
It installs useful security tools and Firefox addons. Tools installed by script are listed at the beginning of source code, which we can edit as per our requirement.
List of security tools included:
Debian packages:

• imagemagick
• vim
• less
• gimp
• build-essential
• wipe
• xchat
• pidgin
• vlc
• nautilus-open-terminal
• nmap
• zenmap
• sun-java6-plugin et jre et jdk
• bluefish
• flash-plugin-nonfree
• aircrack-ng
• wireshark
• ruby
• ascii
• webhttrack
• socat
• nasm
• w3af
• subversion
• mercurial
• libopenssl-ruby
• ruby-gnome2
• traceroute
• filezilla
• gnupg
• rubygems
• php5
• libapache2-mod-php5
• mysql-server
• php5-mysql
• phpmyadmin
• extract
• p0f
• spikeproxy
• ettercap
• dsniff :
  • arpspoof Send out unrequested (and possibly forged) arp replies.
  • dnsspoof forge replies to arbitrary DNS address / pointer queries on the Local Area Network.
  • dsniff password sniffer for several protocols.
  • filesnarf saves selected files sniffed from NFS traffic.
  • macof flood the local network with random MAC addresses.
  • mailsnarf sniffs mail on the LAN and stores it in mbox format.
  • msgsnarf record selected messages from different Instant Messengers.
  • sshmitm SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
  • sshow SSH traffic analyser.
  • tcpkill kills specified in-progress TCP connections.
  • tcpnice slow down specified TCP connections via “active” traffic shaping.
  • urlsnarf output selected URLs sniffed from HTTP traffic in CLF.
  • webmitm HTTP / HTTPS monkey-in-the-middle. transparently proxies.
  • webspy sends URLs sniffed from a client to your local browser
• unrar
• torsocks
• secure-delete
• nautilus-gksu
• sqlmap

Third party packages:

• tor
• tor-geoipdb
• virtualbox 4.0
• google-chrome-stable

Manually downloaded software’s and versions:

• DirBuster (1.0RC1)
• truecrypt (7.0a)
• metasploit framework (3.6)
• webscarab (latest)
• burp suite (1.3.03)
• parosproxy (3.2.13)
• jmeter (2.4)
• rips (0.35)
• origami-pdf (latest)
• pdfid.py (0.0.11)
• pdf-parser.pym (0.3.7)
• fierce (latest)
• wifite (latest)
• pyloris (3.2)
• skipfish (1.86 beta)
• hydra (6.2)
• Maltego (3.0)
• SET

Author made scripts:

• hextoasm
• md5crack.py (written by Corbiero)
• chartoascii.py
• asciitochar.py
• rsa.py

Firefox extensions:

• livehttpheaders
• firebug
• tamperdata
• noscript
• flashblock
• flashgot
• foxyproxy
• certificatepatrol
• chickenfoot 1.0.7

Pretty good list of applications we must say.
How to install?

1	sudo infondlinux.sh

or

1	sh infondlinux.sh

Download infondlinux v0.5 (infondlinux.sh) here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Infondlinux: Install Useful Security Tools and Firefox Addons!"https://www.voiceofgreyhat.com/2011/04/infondlinux-install-useful-security.html</a>

10GB of Law Enforcement Data Exposed (#AntiSec)

Hackers associated with the "AntiSec" collaboration between Anonymous and recently disbanded hacker group LulzSec have released more than 10GB of information from 70 different law enforcement agencies across the United States. The leakers called it one of their largest data dumps yet, released as retaliation for recent U.S. and U.K. arrests of alleged AntiSec members.
Nestled within the data dump, posted as both a BitTorrent release and posted on sites accessible via the Tor anonymity network, are more than 300 different email accounts from 56 law enforcement Web sites. Details from the ransacked Missouri Sherriff's Association Web site also appear in the release, including user names and passwords as well as users' home addresses, phone numbers, and Social Security numbers–a move that's sure to infuriate law enforcement officials even before they note the actual name of the hackers' release, "Shooting Sheriffs Saturday."

Also found within the release are various police training files, a list of users who have submitted information to an online "anonymous" crime tip system, and various server-related information and login credentials.

"We have no sympathy for any of the officers or informants who may be endangered by the release of their personal information. For too long they have been using and abusing our personal information, spying on us, arresting us, beating us, and thinking that they can get away with oppressing us in secrecy," reads the hackers' Pastebin-posted. "Well it's retribution time: we want them to experience just a taste of the kind of misery and suffering they inflict upon us on an everyday basis."

The hack was allegedly carried out following an initial breach of a server owned by the company Brooks-Jeffrey Marketing, which hosts various sheriff's association sites. Its server was initially taken offline following confirmation of the first attack, but its subsequent relaunch allegedly kept intact the same backdoor methods the hackers users to access the original server. At that point, the hackers went ahead and started defacing the more than 70 different law enforcement agency domains associated with Brooks-Jeffrey Marketing.
"We lol'd as we watched the news reports come in, quoting various Sheriffs who denied that they were ever hacked, that any personal information was stolen, that they did not store snitch info on their servers. Many lulz have been had as we taunted the sheriffs by responding to their denials by tweeting teasers exposing their SSNs, passwords, addresses, and private emails," reads the hackers' manifesto.

The hackers also used stolen credit card information to make donations to the American Civil Liberties Union, the Electronic Frontier Foundation, and the Bradley Manning Support Network, among other organizations.

-News Source (PC Mag)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">10GB of Law Enforcement Data Exposed (#AntiSec)"https://www.voiceofgreyhat.com/2011/08/10gb-of-law-enforcement-data-exposed.html</a>

WikiLeaks Again Under DDoS Attack For Last 5 Days

WikiLeaks Again Under DDoS Attack For Last 5 Days

Yet again Wikileaks official website faced denial of service attack. Earlier we have seen two similar attack, first it was in 2011 when  an Anonymous member took responsibility of that Attack on Wikileaks website. That  time the attacker executed a massive Denial of Service while using newly developed tool #refref. In an exlusive report by Corero Network Security said the attack on Wikileaks site was one of the largest DDoS attack ever took place in 2011. Back in May this year, Wikileaks was also taken down by a DDoS attack which also infected controversial file sharing site "The Pirate Bay". As per sources the site has been down for the last five days, during which it has been experiencing a massive Distributed Denial of Service (DDoS) attack. So far it was the longest attack ever happened against Wikileaks. The most notable thing is that according the organisation already claimed a government entity is behind the hit. Many of other unofficial sources are connecting this attack with a recent story, which restarted the WikiLeaks donation. At the time of the attack team VOGH took the following screen shot which clearly showing that Wikileaks.org was indeed inaccessible. 

The first tweet was sent out on August 3:-

WikiLeaks.org is down for unknown reasons. We are investigating. wikileaks.org is still up.

#WikiLeaks donation page and FDNN portal down. You can still donate via supporter merchandise: http://wikileaks.spreadshirt.com/ http://www.cdbaby.com/cd/wikileaksbeattheblockade2

WikiLeaks has been under sustained large scale DDoS attacks since August 3. Help us purchase more bandwidth: http://shop.wikileaks.org/donate

Speculation on DDoS attack against WikiLeaks timing: 1. Olympics cover 2. Upcomng release. 3. Ongoing Syria, Stratfor releases

Wikileaks est actuellement sous le feu d’une attaque DDOS d’ampleur.

wlcentral.org and http://justice4assange.com are now down.

Update: http://wikileaks.org https://secure.fdn2.org/fdn2/nouser http://cabledrum.net/ still down. http://wlcentral.org/ http://justice4assange.com/ back online.

UPDATE: WikiLeaks battles ongoing DDoS attack

#WikiLeaks .onion mirror available: http://isax7s5yooqgelbr.onion/ Accessible only through Tor

Most WikiLeaks mirrors have been brought offline as well, with some coming back today. Even sites simply related to WikiLeaks have been targeted. These include the WikiLeaks-endorsed website Cabledrum, including its mirror of the WikiLeaks website, and French non-profit FDNN, which hosts a WikiLeaks' donation portal. The latter was attacked shortly after WikiLeaks linked to it as an alternative to donate while the WikiLeaks website is down. WL Central and Justice for Assange were also attacked for a short period of time. According to Zdnet a hacker group calling themselves 'AntiLeaks' is claiming responsibility for the attack, and has issued the following statement:-
"You can call me DietPepsi. I am the leader of AntiLeaks. We are not doing this to call attention to ourselves. We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at aslyum in Ecuador.
Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">WikiLeaks Again Under DDoS Attack For Last 5 Days"https://www.voiceofgreyhat.com/2012/08/WikiLeaks-Again-Under-DDoS-Attack.html</a>

BeEF v0.4.2.8 (Alpha)

BeEF, the Browser Exploitation Framework is a professional security tool provided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target. The user of BeEF will control which browser will launch which exploit and at which target.
BeEF hooks one or more web browsers as beachheads for the  launching of directed exploits in real-time. Each browser is likely to be within a different security context. This provides additional vectors that can be exploited by security professionals.BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Development has focused on creating a modular framework. This has made module development a very quick and simple  process. Current modules include Metasploit, port scanning, keylogging, TOR detection and more.

This release contains support for the XssRays extension, which is still in pilot stage and will be improved further in the next release. The framework now loads faster due to the dynamically loading modules. The core enhancements has had a great impact on the command module navigation. This should be quite noticeable.
Unfortunately, this release also has a bug that prevents MSF from interacting with BeEF. The author mentions that this will be taken care of pretty soon. Until then, it is recommended that the latest version be downloaded via the SVN repository.

To download BeEF v0.4.2.8-alpha here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BeEF v0.4.2.8 (Alpha)"https://www.voiceofgreyhat.com/2011/08/beef-v0428-alpha.html</a>

BeEF v0.4.2.6-alpha

BeEF, the Browser Exploitation Framework is a professional security toolprovided for lawful research and testing purposes. It allows the experienced penetration tester or system administrator additional attack vectors when assessing the posture of a target. The user of BeEF will control which browser will launch which exploit and at which target.

BeEF hooks one or more web browsers as beachheads for the  launching of directed exploits in real-time. Each browser is likely to be within a different security context. This provides additional vectors that can be exploited by security professionals.BeEF provides an easily integratable framework that demonstrates the impact of browser and Cross-site Scripting issues in real-time. Developmenthas focused on creating a modular framework. This has made moduledevelopment a very quick and simple  process. Current modules include Metasploit, port scanning, keylogging, TOR detection and more.

This release adds a new Cold Fusion directory traversal exploit. When this module is launched the attack will appear to originate from the hooked browser. Also, a new ‘Detect Social Networks‘ module was implemented! This will determine if the hooked browser is logged into Facebook, GMail or Twitter! Looks like an awesome release! Keep up the good work guys!

Download BeEF v0.4.2.6-alpha (beef-latest-alpha.tar.gz/0.4.2.6alpha.zip) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">BeEF v0.4.2.6-alpha"https://www.voiceofgreyhat.com/2011/06/beef-v0426-alpha.html</a>

Hcon Security Testing Framework (HconSTF) v0.5 Codename 'Prime' Released

Hcon Security Testing Framework (HconSTF) v0.5 Codename 'Prime' Released

Previously we have discussed couple of times about HconSTF - a browser based security testing framework. Earlier in last year we got HconSTF version 0.4, now after almost 14 month, the author of Hcon, Mr. Ashish Mistry (Information Security Researcher) has proudly released the version 0.5 of HconSTF code named "Prime." No doubt that Hcon has already became a very popular and widely used browser based pen testing framework. Not only in hackers community but also several security experts and infosec researcher's prefers Hcon as one of their all time favorite pentesing tool as HconSTF is very flexible and very handy multipurpose tool for any IT Security Professionals, Web Bug bounty Hunters, Web Developers or any one interested in IT security. As expected this version of Hcon, came with enhanced features and more functionality, so lets take a glance of HconSTF v0.5 -

HconSTF is semi-automated but you still need your brain to work it out. It can be use in all kind of security testing stages, it has tools for conducting tasks like,

• Web Penetration Testing
• Web Exploits Development
• Web Malware Analysis
• Open Source Intelligence ( Cyber Spying & Doxing )
• and much more with lots of hidden features

HconSTF v0.5 in Brief:-

• Based on Firefox 17.0.1
• Designed in Process based methodology
• Less in size (40mb packed-80mb extracted), consumes less memory
• More than 165+ search plugins
• New IDB 0.1 release integrated
• Underlined Logging for each and every request
• More NEW scanners for DomXSS, Reflected XSS
• New reporting features like note taking, url logging for easy report making
• Smart searchbox - just select and it will copy it and just change search engine to search
• Integrated Tor, AdvoR, I2p and more proxies
• New Grease monkey scripts (18 scripts)

To Download HconSTF v0.5 Click Here [Download Type- Portable (no need to install , run from usb drive or any memory card) Platform : Windows XP , Vista , 7 both x32 & x64]

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Hcon Security Testing Framework (HconSTF) v0.5 Codename 'Prime' Released"https://www.voiceofgreyhat.com/2013/04/HconSTF-v0.5-Codename-Prime-Released.html</a>

"Devil Robber" Trojan Infects Mac OS-X & Stealing Personal Information

"DevilRobber" Trojan Infects Mac OS-X & Stealing Personal Information (Credit Cards, User-name, Passwords & so on).

 

Now another piece of malware has struck unsuspecting Mac owners.  The new multiplatform trojan is much more sophisticated than most of the past malware to hit the Mac platform. The malicious program installs as part of infected torrent downloads from sites such as The Pirate Bay.  Thus far the malware has been primarily found to be piggybacking on pirated copies of the image editing app GraphicConverter version 7.4 (whose authors are not involved in the screen and do not approve of the pirating in the first place).  The onboard malware is officially known in security circles as OSX/Miner-D, and is nicknamed the "DevilRobber".

Once installed on the victim's machine, the malware opens a back-door to the OS X system, allow remote command-and-control.  It also monitors your computer, attempting to steal personal information like credit cards.

To do this it takes screenshots.  It also periodically dumps confidential information from various applications -- such as truecrypt data, Vidalia (TOR plugin for Firefox), your Safari browsing history, and .bash_history -- into the creatively named file dump.txt.  It also records your username and passwords via monitoring using a proxy server (on port 34522 in the most common variant, but likely to change).

-News Source (NS, Intego, Dailytech)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">"Devil Robber" Trojan Infects Mac OS-X & Stealing Personal Information"https://www.voiceofgreyhat.com/2011/11/devilrobber-trojan-infects-mac-os-x.html</a>

Anonymous-OS Alpha -First Operating System Released By #Anonymous

Anonymous-OS Alpha - First Operating System Released By #Anonymous

Earlier hacktivist Anonymous has released several DoS tool like LOIC, #refref, HOIC and so on but now we have all in one. Anonymous has officially released their first Operating system named Anonymous-OS. Basically its a live ubuntu-based distribution and created for educational purposes, to checking the security of web pages. In short Anonymous-OS can be regarded as a penetration testing distribution like BackBox, BackTrack and so on.

Preinstalled Apps on Anonymous-OS:-
- ParolaPass Password Generator
- Find Host IP
- Anonymous HOIC
- Ddosim
- Pyloris
- Slowloris
- TorsHammer
- Sqlmap
- Havij
- Sql Poison
- Admin Finder
- John the Ripper
- Hash Identifier
- Tor
- XChat IRC
- Pidgin
- Vidalia
- Polipo
- JonDo
- i2p
- Wireshark
- Zenmap

As expected in a sourceforge project page the OS is made available for download. For Additional information & to Download Anonymous-OS click Here. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Anonymous-OS Alpha -First Operating System Released By #Anonymous"https://www.voiceofgreyhat.com/2012/03/anonymous-os-alpha-first-operating.html</a>