NEAT is a script language driven exploit/vulnerability management tool that does active penetration testing. This is a pre-release with documentation and code snippets. NEAT is similar to raccess but is more sophisticated.
700ecd7f8e5a6ef94ed88f525857f928Neolock is a tool that is a combination of console security locking tool (vlock) matrix console screensaver (cmatrix). Provides more discreet and nicer console locking.
41964d2908f09178a3236451c69b8434Illeech is a collection of search engine harvesting scripts (google/altavista).
65f6de1a09696cba6259da19b86de59eLibMix is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread).
66413546a6bb32d9a2542a33408e3ee8Q v2.4 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports.
45a5b2c2b2612f6d6703cd984cc1d8e1iSSL is a library offering a minimal cryptographical API that uses the ciphers RSA and AES to establish SSL-alike, secure encrypted communications between two peers communicating through a network socket, including session key generation and public key exchange.
f33f0a92dece3a0bd3133e8388206549LibMix is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread).
5215dbbb8a81284514fc464abb1297d3Introduction to programming in C - Written with the goal of letting people get the most knowledge as fast as possible from it.
0dfb6b88c529649f6bd66cbaac844772md5bd.c is a shell server/backdoor that uses a md5 encrypted password to authenticate, therefore the password cannot be retrieved from the server.
2fa9b94368cf2d9b511d009aece38bcePing Analysis Tool II (PAT) performs icmp echo scans on a range of ip addresses as fast as physically possible. Features a dual-threaded scanning process and allows you to scan from a list of IP's.
fe66341a62796622fb1ac3ae3058cbfcLibMix v1.08 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread).
5e50da4e8dd8833151f69c583357848enbnbs.c is a NetBIOS name bulk security scanner for unix. It does long-range network scans for NetBIOS names (Windows and UNIX Samba servers) and logs positives. Based off of nbname.c by mynock and ADM.
95369af2293ee9272ded0f4b579790b7Q v2.0 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports.
1496eb28b5caf5fa795763c70e646c77LibMix v1.07 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread).
d608f9a95c75ddc25f532bf2aea596ffLibMix v1.05 is a library that provides an API for various useful functions, including an AES encryption interface, various network front-ends and low level datagram functions, as well as functions for string manipulations and other miscellaneous utility functions. It also includes functions to transmit encrypted data via stateless spoofed datagrams (tfntransmit/tfnread).
a5f25a51844c2d2458fcb8b29e82a539Coding in C - a summary of some popular mistakes. Most of them are not detected at compile time with all warnings enabled, which makes them very nasty and hard to detect.
9889337cf26f2aa2a05d599e8dc01111shlog.c is a small program that will do getpeername on its input descriptor, and log a remote host, if it is invoked via a remote session, along with uid/gid to syslog. can be used as additional logging tool for login shells (by putting it into the system profile).
b17d771cbd59596955397a3bab80a2cepcfs.c is a tool that creates a fake CFS (cryptographic file system) encrypted directory tree, which is reasonable indistinguishable from a real CFS directory. It proves that just having a CFS styled directory doesn't prove it actually contains real encrypted data.
fcbe9499588006cf5d254790ba212460webscan.c is a fast multithreaded CGI and HTTP version scanner that is based off cgichk and can easily be updated. the cgi scanning y2k problem has been fixed in this version.
c6e38c01c1fabe5224ff911b945ee1bdvirii.tgz is a collection of files that are supposedly infected by a linux/elf virus that could be out and spreading in the wild. it also contains a detailed description of the suspicious actions the virus performs and the patterns that can be found in the files.
7d5f0cf3425f20c6c069786e6ab8797dtrojans.txt is a paper that deals with methods of analyzing, debugging and disassembling unix binaries, looking for viruses, trojans and other malicious code.
991a7c392ee5d69e6f0a774c7d90c7a6rawpowr.c can access a block device containing an EXT2 file system in raw mode, changing all executables into suid executables. this demonstrates that security can easily be breached as soon as block devices are directly writable by the attacker.
dafe38921ef1b67bdf99fddf6a4d3873Stasis is a tool to fool atime/mtime timestamp checking. It records the timestamp of files, then periodically finds atime/mtime changes and restores the old timestamps, as if the files were never accessed / changed.
3e89aa06fa1548680d0d602628d0d46eIntrusion Detection Evasion System is a daemon that monitors connections, and forges additional packets to hide from and disturb network monitoring processes of IDS and sniffers. It does this by inserting rst/fin and ack packets with bogus payloads and invalid sequence numbers that only affect network monitors. It also sends a custom amount of SYN requests from arbitrary sources on every real connection attempt it sees, which can for example be used to simulate coordinated scans.
3c1e3c3539b845434d8444f5ab36993bQ 1.0 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports. This version is downward compatible and includes a few bugfixes that make the remote access daemon work reliably.
f07dcb0f5e25fb3d735c483431436308
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed