This archive contains a collection of WAR and EAR compatible stagers that use a variety of communication methods to communicate back to the attacker - even if the only open port is the HTTP/JNDI port, or even if no incoming ports are open but the victim can call back (which can be tricky as usually WARs and EARs are initialized on demand).
cf16c81f64d66dc1faf03251b65351a8This archive contains a collection of pure Java payloads, from simple Shell and UpExec payloads (which need - to some degree - platform dependent parameters), to a JSh ("Java Shell") payload that supports an interactive shell to query system properties, run applications, open TCP connections, navigate the filesystem and read/write text files. Basic job control enables to run more than one command or TCP session via a single exploited session. These payloads are modular, consisting of three parts: loaders, stagers and stages. Loaders, stagers and stages can be combined arbitrarily, and the stages and stagers can also be used to integrate them into other exploit frameworks like Metasploit (if you are more Ruby-literate than me). There are also examples included how to call these payloads from standalone applications, signed Java applets, OpenOffice macros or via JDWP debug connections.
ea68471c19a1bcb2ce9752d5b4f90cb7File system investigator is a forensic tool that allows viewing of ReiserFS and EXT2/3. While primarily intended as a forensics tool, it is also useful for Linux users who dual boot with another OS; it allows them to view and extract files from their partitions. Written in Java.
6f6aab5bd77a4f8cce72a74de8011766File system investigator is a forensic tool that allows viewing of ReiserFS and EXT2/3. While primarily intended as a forensics tool, it is also useful for Linux users who dual boot with another OS; it allows them to view and extract files from their partitions. Written in Java.
33a9de11672ed91164fb0deb0f4d8c1cNetwork Packet Capture Facility for Java is a set of Java classes that provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. It utilizes libpcap, a widely used system library for packet capture.
9f71d19ea5e56cbc8ab1cdaa8cc3606cHextodec.java is a simple hex ip to dec ip converter which can be useful for many things, among them is finding the ips of users on java chats similar to the one on www.ircnet.com.
79fbfc692c66a035d6240bd2e2c4e524Java simple tcp port scanner. Very portable.
c0e2c7ff7021231e1d3639967cb905c7Secura is an open source cross platform java crypto package. Jar available here.
50b3b3c45e546049362a105b3ca9b63cjava.security.AccessController can cause Sun derived JVM to crash. Tested on v1.3.1. Article available here.
e227c58c72d81f8415527f7564b7df46Proxy Toolkit is coded in Java and checks to see what information a web proxy forwards.
4e1a802f5639dd03e31d7a28712f80e1MindTerm is a complete ssh-client in pure java which can be used either as a standalone java-application or as a java-applet. Includes a vt102/xterm-terminal with the ssh protocol and also "drop-in" socket replacements to use ssh tunnels transparently from a java application/applet.
7cc7cb2e8ae1cb6f08f3361b21317331The Marvin Obfuscater rewrites Java applications in a way that makes it almost impossible to decompile them and understand their inner workings.
7a4376d538fa45ce3757fef6c6bb7b14Sneaky Pete is a java program which lets you input an alphabetic passphrase into a computer without using a keyboard, thus foiling keylogging software/hardware. It also incorporates anti-TEMPEST fonts to make it harder for monitor-scanners to see what letters are on your display.
185c18db872456527192c2201e9654d7MindTerm is a complete ssh-client in pure java which can be used either as a standalone java-application or as a java-applet. Includes a vt102/xterm-terminal with the ssh protocol and also "drop-in" socket replacements to use ssh tunnels transparently from a java application/applet.
f641fe70d40fdb757a2de2893a1c3671MindTerm is a complete ssh-client in pure java which can be used either as a standalone java-application or as a java-applet. Includes a vt102/xterm-terminal with the ssh protocol and also "drop-in" socket replacements to use ssh tunnels transparently from a java application/applet.
a8319a11979efb1140bea1ebc7e8f138This Java script will cause Internet Explorer to consume 100% resources.
ccf266d0482f79af2aa42b9dd3497fd1Shell In A Box provides shell access to a server from within any Java-enabled Web browser. Requests are tunneled over HTTP using the same proxy settings that the browser uses. On the server, it installs as a CGI program, and there is no client-side installation necessary. It sports full VT102 emulation with Unicode support, international font files, ANSI colors, a scrollback buffer, mouse position reporting, clipboard support, and user-configurable emulation modes. All user preferences are stored as cookies in the client's browser.
e2871b0bdba2732d0b70f74b7fa0adddMindTerm is a complete GPL'd ssh-client in pure java which can be used either as a standalone java-application or as a java-applet. Includes a vt102/xterm-terminal with the ssh protocol and also "drop-in" socket replacements to use ssh tunnels transparently from a java application/applet.
aa7ac39c1864a224836630f4a462204dSecure FTP is a client package that allows for a secure connection to be made to an FTP daemon. In this release, we support connecting via the Secure Sockets Layer. This client is supported on Windows and any Unix platform where a Java 2 (or Swing) runtime environment is present. It was written in 100% Pure Java and can act as either an application or an applet.
e9891d39ed9f3755cf3754910f4203e8Java ftp login scanner is a multithreaded tool which scans ftp sites for a certain user.
d16b56c4e637441eb7b558514aae2c77Cum Security Toolkit (cst v1.0) - Contains a scriptscanner and a portscanner Coded in Java. The http-script scanner features the ability to use a proxy server, a scripts-to-scan database, anti-IDS url encoding, fake "X-Forwarded-For:" header, and uses fake "Referer: " info. The port scanner is a full TCP connection scanner which can scan port ranges and grab banners.
9ed29d4a7a41942bf773bdab4d109689Jport is a simple Java portscanner. Source and binary included. Works best under linux, uses 150 threads. The New version has more features than ever including Port Identifications and New Threading System Increases Speed.
79a9158a1cc7891b1385b97ebe07c069MindTerm is a complete ssh-client in pure java. It can be used either as a standalone java-application or as a java- applet. The source-code is freely available (GPL). Three packages of importance are provided, terminal, ssh, and security. The terminal package is a rather complete vt102/xterm-terminal. The ssh-package contains the ssh- protocol and also "drop-in" socket replacements to use ssh- tunnels transparently from a java application/applet. It also contains functionality to realize a ssh-server. Finally the security package contains RSA, DES, 3DES, RC4 and Blowfish ciphers.
19decb04be1bc8fb36613feecfd15d91JFwadmin is a Java 2 high-level X11 tool for ipchains. The GUI displays easy-to-understand services. Features include boot scripts generation, firewall save and restore, automatic interface and IP address and routes detection, and current firewall configuration display.
e98c0c629e9848f865fff33dc742e943Jport is a simple Java portscanner. Source and binary included. Works best under linux, uses 150 threads.
da8d22c30d526f214c6e79b126be14d4
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed