An ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. See http://www.arp-sk.org/ for further information.
082491103875ba268a86c8af90a33c21Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
2d524a1ec4a377b8dd2d01ad2189d267The Bruteforce Exploit Detector is a perl script that remotely detects unknown buffer overflow vulnerabilities in FTP, SMTP, and POP daemons.
976bdafd892a582b58fe5d2bba36bc56Libvoodoo is a library which makes heap overflow exploitation much easier by providing the user with valuable internal data from Doug Lea's malloc implementation.
703a0930d0c1ea65de3e22966afb88f3The Bruteforce Exploit Detector is a perl script that remotely detects unknown buffer overflow vulnerabilities in FTP, SMTP, and POP daemons.
0d7c7fb871e4abad5d8a881181ef3eeeFlawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
2e0efe7f3bb1a5cb4aab4497bde3c639Exec Denier is a kernel module for NetBSD that restricts exec syscalls for certain UIDs. It is very useful for blocking exec calls for named and ntpd. It can also restrict exec calls for users to a certain directory. Changelog available here.
b626a9efb73bd3dfa1dcd2c7b2754418RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code, finding potentially dangerous function calls. The goal of the RATS project is to provide a starting point for performing manual security audits.
628e4c6000ab635b1894945c09cc1d2cFragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behavior. Includes scripts to defeat even the current CVS snort IDS.
7e4de763fae35a50e871bdcd1ac8e23aNetwork Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
164a21895f8736dab8920331faff4ec9Mieliekoek.pl is a SQL insertion crawler which tests all forms on a web site for possible SQL insertion problems. This script takes the output of a web mirroring tools as input, inspecting every file and determine if there is a form in the file.
69a47601ba11f3408544b2e8d0eeb20fSQLAT is a suite of tools which could be useful for pen-testing a MS SQL Server. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. SQLAT works over port 1433.
d3ea5274c317e3c1b93feb79ab4f80d2OAT 1.1.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.
af9c1635782aa7913afb7614e4679196Kernel Based Keystroke Loggers for Linux - This paper describes the basic concepts and techniques used for recording keystroke activity under linux. Includes proof of concept LKM which is stealthy, works with recent distributions, and is capable of logging local logins and ssh sessions to and from the host. Tested on Slackware v8.0 with kernel v2.4.5.
a9615f10eaef0364e7e748a96c2fb1c1Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
fcabc57d5addb69936915a3fbad4e32aFlawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
9530c12b60f4f8123da6a7714e4ded84Passlogd is a sniffer which logs traffic on the UDP syslog port, allowing a syslog receiver to have no open ports.
859385e7cbfa3b9e193fc298e2f7a0f5Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
e5d5be0557e69099a1994290d2ce66eaTaranis redirects traffic on switch hardware by sending spoofed ethernet traffic. This is not the same as an ARP poisoning attack as it affects only the switch, and doesn't rely on ARP packets. Plus, it is virtually invisible because the packets it sends aren't seen on any other port on the switch. Evading detection by an IDS that may be listening on a monitoring port is as simple as changing the type of packet that is sent by the packet spoofing thread.
9c30fff9a4e546b1a1435bb06e641aaeJail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automatically configures & builds all the required files, directories and libraries.
77d20fae9f44e8e5413aa5343ac5e262FreeVSD facilitates true Linux Virtual Servers within a 'chroot' environment, allowing Web servers and other applications to be deployed and administered discretely, without compromise to security. Each Virtual Server has its own IP address(es), Apache webserver, and view of the process table. FreeVSD expands the Linux system by creating a pseudo-'super user' (admin) for each Virtual Server. The admin user has the ability to create extra POP3/FTP and Telnet users and also administrate vital services such as the webserver.
ed6a22d03c837db3a0f83f0cfeaca2beTcptraceroute is an implementation of traceroute which uses TCP SYN packets, instead of the more traditional UDP or ICMP ECHO packets. In doing so, it is able to trace through many common firewall filters.
e31e3f5bfd817d32ed6d954382ca768dJail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automatically configures & builds all the required files, directories and libraries.
92978ee3cf9fec7d69da88800d07bfb4Jail Chroot Project is an attempt of write a tool that builds a chrooted environment. The main goal of Jail is to be as simple as possible, and highly portable. The most difficult step when building a chrooted environment is to set up the right libraries and files. Here, Jail comes to the rescue with a tool to automagically configures & builds all the required files, directories and libraries.
90cc9f516266237abf600c0cda27d5d0AE-Gateway is a Man-in-the-Middle Gateway to assist sniffing in switched environments. Forces itself to become an ivisible intermediary gateway between the gateway and the victim host. It works well for sniffing specified machines on switched networks. This is done through ARP reply spoofing and then ARP replys are sent upon application terminiation to set back the original MAC addresses in the ARP tables to minimize traffic interruption.
7de21e64314b39e8c9c5e18b07cd03e0
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed