Section: .. / UNIX / scanners /
| /// File Name: |
scapy-1.0.0.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes. | | File Size: | 90189 | | Last Modified: | Aug 10 03:08:06 2005 |
| MD5 Checksum: | e4930279664b4651c0b657aeb1a0f195 |
|
| /// File Name: |
fwknop-0.9.2.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and bug fixes. | | File Size: | 247018 | | Last Modified: | Aug 10 02:48:31 2005 |
| MD5 Checksum: | d062bf97701b910244db34ab332c95ac |
|
| /// File Name: |
fwknop-0.9.1.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and bug fixes. | | File Size: | 246308 | | Last Modified: | Aug 5 02:18:02 2005 |
| MD5 Checksum: | 414d580f97bed829aaec4233f05392bc |
|
| /// File Name: |
upnpscan-v0.4-src.tgz |
Description:
|
LAN scanning utility that scans a given address range for UPnP capable devices. This is done by sending M-SEARCH discovery packets to either the UPnP multicast address or to the specified ip range.
| | Homepage: | http://www.cqure.net/ | | File Size: | 309011 | | Last Modified: | Jul 7 10:08:22 2005 |
| MD5 Checksum: | 23db71f206cefd67a5d4c1397577d77f |
|
| /// File Name: |
knock-0.5.tar.gz |
Description:
|
knock is a server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. This can be useful for opening up temporary holes in a restrictive firewall for SSH access or similar.
| | Author: | Judd Vinet | | Homepage: | http://www.zeroflux.org/knock/ | | Changes: | Added ability to change the knocking protocol on a per-port basis. Various other fixes/patches. | | File Size: | 83990 | | Last Modified: | Jul 1 01:11:25 2005 |
| MD5 Checksum: | ca09d61458974cff90a700aba6120891 |
|
| /// File Name: |
pictosniff-0.2.tar.bz2 |
Description:
|
PictoSniff allows you to spy live on PictoChat communications between Nintendo DS gaming consoles. It requires an 802.11 device with support for monitor mode and Radiotap (tested only under FreeBSD with the p54u driver). It is based upon GTK2 and libpcap.
| | Author: | lekernel | | Homepage: | http://lekernel.lya-fr.com/ | | File Size: | 12675 | | Last Modified: | Jun 20 02:34:05 2005 |
| MD5 Checksum: | 9f5bd75755f9534a727f842ca073b684 |
|
| /// File Name: |
fwknop-0.9.0.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Added new authorization mode. Updated man page and there are a few other additions to the functionality. | | File Size: | 243091 | | Last Modified: | Jun 1 04:02:49 2005 |
| MD5 Checksum: | 0656d8123f4d40498754c7d245a36ba4 |
|
| /// File Name: |
0x90-net.c |
Description:
|
This is a fast banner scanner which uses fork().
| | Author: | un10x | | Homepage: | http://www.0x90sec.tk | | File Size: | 2621 | | Last Modified: | Apr 28 00:15:59 2005 |
| MD5 Checksum: | 8f7ae86fe1b681827ddbffdcb0b2daef |
|
| /// File Name: |
fwknop-0.5.0.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and reworks. | | File Size: | 172995 | | Last Modified: | Mar 22 01:23:01 2005 |
| MD5 Checksum: | cf43e1981cd67d67a03f8f636aa3be5b |
|
| /// File Name: |
p0f-db-20050307.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Added a patch. | | File Size: | 17925 | | Last Modified: | Mar 15 03:07:26 2005 |
| MD5 Checksum: | b95d46afd1f43382b862b880bfac6aa2 |
|
| /// File Name: |
plsql_portscanner-0.1.tar.gz |
Description:
|
P/L SQL port scanner is a TCP CONNECT port scanner in P/L SQL code. In order to run these procedures you must have access to the UTL_TCP package. By default the DBSNMP user has access to this package. The tool can be useful during penetration testing if you want to gain more knowledge about the networks residing behind the actual database. Also, if you can access an Oracle database only through SQL injection or sqlplus you now have a simple functioning port scanner within the database system.
| | Author: | MadByte | | Homepage: | http://www.binken.com | | File Size: | 2135 | | Last Modified: | Mar 15 01:50:44 2005 |
| MD5 Checksum: | 219ae3325ab2ae6cfa04450c558cc41d |
|
| /// File Name: |
ndisc-0.1.0.tar.bz2 |
Description:
|
ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | File Size: | 13090 | | Last Modified: | Feb 26 00:28:27 2005 |
| MD5 Checksum: | 12d1e1bd1a5191785d917fd6141921a3 |
|
| /// File Name: |
ike-scan-1.7.tar.gz |
Description:
|
ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
| | Author: | Roy Hills | | Homepage: | http://www.nta-monitor.com/ike-scan/ | | Changes: | New psk-crack program, support for IKE over TCP, ability to use the OpenSSL MD5 and SHA1 hash functions, and much more. | | File Size: | 1350170 | | Last Modified: | Feb 22 16:31:59 2005 |
| MD5 Checksum: | c06c6a3d78ba9b93c0abf79b3a3d2a11 |
|
| /// File Name: |
nmbscan-1.2.4.tar.gz |
Description:
|
NMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. It is useful for acquiring information on a local area network for such purposes as security auditing. It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser. It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
| | Author: | Gregoire Barbier | | Homepage: | http://gbarbier.free.fr/prj/dev/#nmbscan | | File Size: | 9790 | | Last Modified: | Feb 6 00:40:39 2005 |
| MD5 Checksum: | 554c3bf829f8f8f91fbb18c73d40fcdf |
|
| /// File Name: |
ocs.c |
Description:
|
Compact mass scanner for Cisco routers with default telnet/enable passwords.
| | Author: | OverIP | | Homepage: | http://www.hacklab.tk | | File Size: | 6829 | | Last Modified: | Jan 30 17:55:14 2005 |
| MD5 Checksum: | 5ee92e30989dae45e18bf56d7d61ffc9 |
|
| /// File Name: |
knock-0.4.tar.gz |
Description:
|
knock is a server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. This can be useful for opening up temporary holes in a restrictive firewall for SSH access or similar.
| | Author: | Judd Vinet | | Homepage: | http://www.zeroflux.org/knock/ | | Changes: | Added support for DLT_RAW (PPPoE) interfaces, Changed packet inspection to use the interface's IP address to determine the flow direction, rather than the ethernet MAC address, Changed logging date format to ISO (yyyy-mm-dd), Added hostnames to logging output. | | File Size: | 77181 | | Last Modified: | Jan 16 01:34:45 2005 |
| MD5 Checksum: | 6795a3c32d8e4373790bed50655360a9 |
|
| /// File Name: |
relay.pl |
Description:
|
Simple script that scans class-c's for open mail relays.
| | Author: | konewka | | File Size: | 1498 | | Last Modified: | Jan 8 13:31:24 2005 |
| MD5 Checksum: | a2a01ba79bdcd431c3010e4f1d68c672 |
|
| /// File Name: |
ciscos.c |
Description:
|
Ciscos.c v1.3 scans class A, B, and C networks for cisco routers which have telnet open and have not changed the default password from cisco.
| | Author: | Okiwan | | File Size: | 5512 | | Last Modified: | Dec 31 15:14:22 2004 |
| MD5 Checksum: | c8d0bd0b1965c7973a76097d542488d6 |
|
| /// File Name: |
xprobe2-0.2.1.tar.gz |
Description:
|
Xprobe2 is a remote active operating system fingerprinting tool. Xprobe2 uses advanced techniques, such as the usage of fuzzy logic to match fingerprinting results with the tool's signature database and unique fingerprinting methods to provide accurate results.
| | Author: | Ofir Arkin,Fyodor Yarochkin,Meder Kydyraliev | | Homepage: | http://www.sys-security.com | | Changes: | A number of bugs have been fixed and more features have been introduced. | | File Size: | 481766 | | Last Modified: | Dec 31 13:36:17 2004 |
| MD5 Checksum: | aaddb4bf793ef573b7fb43ee91bb2224 |
|
| /// File Name: |
ftp-spider.pl |
Description:
|
FTP server spider, written in perl. Scans a ftp server to get the entire directory structure, detect anonymous access and writable directories, and look for user specified data. Not tested against Windows ftpd.
| | Author: | Nithen Naidoo | | File Size: | 6403 | | Last Modified: | Nov 25 00:30:33 2004 |
| MD5 Checksum: | e8c27b5dfc647be35cefe32afd5bd366 |
|
| /// File Name: |
p0f-db-20041116.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | File Size: | 17819 | | Last Modified: | Nov 20 14:30:26 2004 |
| MD5 Checksum: | 2708341a74fe286cbad57cab05eb041d |
|
| /// File Name: |
apprecon_src_1_0_0.zip |
Description:
|
AppRecon is small java tool that tries to identify applications by sending appropriate discovery broadcast packets. It currently finds PcDUO, SQL servers, and PCAnywhere. Source version.
| | Homepage: | http://www.cqure.net/ | | Related File: | apprecon_bin_1_0_0.zip | | File Size: | 72521 | | Last Modified: | Nov 12 19:46:04 2004 |
| MD5 Checksum: | ab0c1c931f31f1f01a84871b8110ca4d |
|
| /// File Name: |
apprecon_bin_1_0_0.zip |
Description:
|
AppRecon is small java tool that tries to identify applications by sending appropriate discovery broadcast packets. It currently finds PcDUO, SQL servers, and PCAnywhere. Binary version.
| | Homepage: | http://www.cqure.net/ | | Related File: | apprecon_src_1_0_0.zip | | File Size: | 84044 | | Last Modified: | Nov 12 19:45:23 2004 |
| MD5 Checksum: | 85706ec7551c2ad7c9c2e7b3772046df |
|
| /// File Name: |
oscanner_src_1_0_0.zip |
Description:
|
Oscanner is an Oracle assessment framework developed in Java. It has a plugin-based architecture and comes with a couple of plugins that currently do: Sid Enumeration, passwords tests (common and dictionary), enumeration of Oracle version, account roles, account privileges, account hashes, audit information, password policies, database links. Source version.
| | Homepage: | http://www.cqure.net | | Related File: | oscanner_bin_1_0_0.zip | | File Size: | 1777739 | | Last Modified: | Nov 12 19:34:39 2004 |
| MD5 Checksum: | f89cc2a830d702926b12c8b06e03086c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
