Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6f011407b67edf10783197b1a087d7cbSamhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
75cb3b50e277373ff3e08278ded7af69This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
ee7c72d7ace7f4a32d4e693950bb36eaCircumference is a server-client-style implementation of a WebAuth client and server to supplement the WebAuth Diameter subprotocol, complete with an extensible Diameter server and base library. Diameter is a peer-to-peer authentication protocol as specified in RFC3588 and its updates.
8faa6be4cc0205c2a6448b5b0d763591A MAC changing utility that uses both ifconfig and GNU-Macchanger (checks if mac changer exists, if not, uses ifconfig) to spoof ones MAC with a totally random value. Written in Python.
cb4a03a3851cd847f91c37c693e96a72CSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.
4d7379f8b72c66d21b2d10ed8ed273f8XssScanner is a tool designed to help penetration testers find cross site scripting vulnerabilities. It analyzes a webpage to determine which are the payloads that could be used according to the position of the parameter. Then, for each selected payload, XssScanner sends a request using the payload and checks the returned page to find the payload. The major feature of XssScanner is its ability to detect many encodings that do not change the behavior of the payload (eg: double quote encoded into ").
81a8c81d88805ecc5d92819b6a859f6eXSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.
615140e4f1e583ef2d645171be63a1ccVega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 64-bit version.
443659b64e2e92bf63a5835f46a29672Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Windows 32-bit version.
2ee91bca51dd6f2acb4b8b86f76eb4e7Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Linux 64-bit version.
8ef3d1ed87dc5eb63e8b6a17f7974c4cVega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Linux 32-bit version.
8419cb08c608773642a79d86b84b01daVega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 64-bit version.
ba117340fec4b22ec30bd7e8569f8ff2Vega is a GUI-based, multi-platform, free and open source web security scanner that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web applications. Vega also includes an intercepting proxy for interactive web application debugging. Vega attack modules are written in Javascript, users can easily modify them or write their own. This is the Mac OS X 32-bit version.
212c508f3d3ce663a676d4790a8d6b3eWordPress Security Scanner can perform username enumeration, weak password cracking, version / vulnerability / plugin enumeration, and more.
c35bae835539df4069f41c5e3ac16693ARP Toxin is a simple Perl script designed to ARP poison a host on the LAN. It uses Nemesis as a packet crafting tool to create and send the ARP packets. It is NOT original code, merely a slightly improved version of the sample arpredirect script from the book "Hacking: The Art of Exploitation". This variant allows one to set their own poisoning interval and interface to poison on.
e92c2a88da193a2857879d6593066017Tripwire is a very popular system integrity checker, a utility that compares properties of designated files and directories against information stored in a previously generated database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email and pager reporting. Support files (databases, reports, etc.) are cryptographically signed.
c174df418df13d5a97dbeaea9d544a25PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
cc3429f5d272c133cdb59915934b3ef6This is a python script that uses the Max-Forwards header in HTTP and SIP to perform a traceroute-like scanning functionality.
ae56d53ec6967cafda77f5544aeaabbaOpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.
bcc7a7787b1c4370b0cd85679b047897A small collection of scanners using SCAPY that scan for Remote Desktop, VNC, SSH and Telnet servers on networks. It can be used to build target lists or discover rogue services running on your networks. Written in Python.
9bba7b2916a414b2feb786fd15e80c76fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.
fbb652f8bc9fd7b74c450b09def52234LFI Fuzzploit is a simple tool to help in the fuzzing for, finding, and exploiting of local file inclusion vulnerabilities in Linux-based PHP applications. Using special encoding and fuzzing techniques, lfi_fuzzploit will scan for some known and some not so known LFI filter bypasses and exploits using some advanced encoding/bypass methods to try to bypass security and achieve its goal which is ultimately, exploiting a local file inclusion.
8adb584643536d79538aa0d7d080800dSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
8e0d1c3d04694ffcb67334f222446bd1Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.
82df762231b40c0bacfb4861cb2b105c
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed