http://packetstormsecurity.org/ Packet Storm Last 10 Tools en-us http://packetstormsecurity.org/filedesc/httpry-0.1.5.tar-gz.html httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields. http://packetstormsecurity.org/filedesc/hex-head.c.html This is a simple head utility that outputs in hexadecimal format. Characters that are non-printable are replaced with the . character. http://packetstormsecurity.org/filedesc/picviz-0.6.tar-gz.html Picviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events. This tarball includes the cli, gui, and the library for picviz. http://packetstormsecurity.org/filedesc/tor.uclibc.i686.20090627.iso.html Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. http://packetstormsecurity.org/filedesc/mapdav-1.0p3.tar-gz.html MAPDAV, or the More Accurate Password Dictionary Attack Vector, is designed to use what is known about a user or users (ex, username, first name, middle name, last name, etc) on a unix/linux system from a /etc/passwd file and tries to come up with probable combinations that could be the user's password. An administrator could run the output through a cracker and see if their user's passwords are anything easy to guess. http://packetstormsecurity.org/filedesc/tor-0.2.0.35.tar-gz.html Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). http://packetstormsecurity.org/filedesc/trafscrambler_0.1-tgz.html Trafscrambler is an anti-sniffer/IDS NKE (Network Kernel Extension) for Mac OS X. This initial release implements SYN-decoy, Pre/Post connections SYN, TCP reset, and zero window attacks. Author tested this on x86 OS X versions 10.5.6 and 10.5.7. It should work on PPC and older releases as well. http://packetstormsecurity.org/filedesc/kismet-2009-06-R1.tar-gz.html Kismet is an 802.11 layer 2 wireless network sniffer. It can sniff 802.11b, 802.11a, and 802.11g traffic. It is capable of sniffing using almost any wireless card supported in Linux, which currently divide into cards handled by libpcap and the Linux-Wireless extensions (such as Cisco Aironet), and cards supported by the Wlan-NG project which use the Prism/2 chipset (such as Linksys, Dlink, and Zoom). Besides Linux, Kismet also supports FreeBSD, OpenBSD and Mac OS X systems. Features Multiple packet capture sources, Runtime network sorting by AP MAC address (bssid), IP block detection via ARP and DHCP packet dissection, Cisco product detection via CDP, Ethereal and tcpdump compatible file logging, Airsnort-compatible interesting (cryptographically weak) logging, Secure SUID behavior, GPS devices and wireless devices fingerprinting. Kismet also includes a tool called gpsmap that can be used to create maps from logged GPS data. http://packetstormsecurity.org/filedesc/analyse_malware.py.txt.html This is a python script designed to analyze malware. http://packetstormsecurity.org/filedesc/mobiusft-0.4.6.tar-gz.html Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.