Section: .. / UNIX / security /
| /// File Name: |
arp-sk-0.0.12.tgz |
Description:
|
An ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. or MAC spoofing. It gives complete control of link and network level data. See arp-sk.org for further information.
| | Author: | Cedric Blancher | | Homepage: | http://www.arp-sk.org/ | | File Size: | 187104 | | Last Modified: | Aug 8 02:30:39 2002 |
| MD5 Checksum: | 0f88fd8c5f212cf80ffa6f5e183e602d |
|
| /// File Name: |
tcptraceroute-1.4.tar.gz |
Description:
|
Tcptraceroute is an implementation of traceroute which uses TCP SYN packets, instead of the more traditional UDP or ICMP ECHO packets. In doing so, it is able to trace through many common firewall filters.
| | Homepage: | http://michael.toren.net/code/tcptraceroute | | Changes: | Now functions properly on Linux PPP interfaces. Improved command line handling, properly aligning packet data for architectures that don't allow non-aligned memory access, the ability to traceroute to a local IP address, the ability to probe with TCP ACK packets, making it possible to traceroute through stateless firewalls that permit hosts sitting behind the firewall to establish outbound connections, and the ability to track probes by source port numbers instead of IP IDs. | | File Size: | 31918 | | Last Modified: | Jul 31 02:55:01 2002 |
| MD5 Checksum: | 35c5e7d960f2b073db0109e0004e134e |
|
| /// File Name: |
oat-source-1.2.0.zip |
Description:
|
OAT v1.2.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.
| | Author: | Patrik Karlsson | | Homepage: | http://www.cqure.net/tools08.html | | Changes: | Support for command execution on Solaris was added. Now includes OracleQuery, a minimal commandline sql query tool. Many Bugfixes were made. | | File Size: | 289883 | | Last Modified: | Jul 14 20:58:48 2002 |
| MD5 Checksum: | 39eaac0f37eb7ecc8eec588b7302fa54 |
|
| /// File Name: |
netspoc-1.3.tar.gz |
Description:
|
Network Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
| | Homepage: | http://netspoc.berlios.de | | Changes: | Allows the source port to be specified for TCP and UDP services. Code generation for stateless IOS routers has been fixed. Answer packets for TCP and UDP connections are no longer restricted to ports > 1023. | | File Size: | 50428 | | Last Modified: | Jul 12 03:03:21 2002 |
| MD5 Checksum: | e9cc81c656e71e385dfc7e711c078e3f |
|
| /// File Name: |
flawfinder-1.20.tar.gz |
Description:
|
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
| | Homepage: | http://www.dwheeler.com/flawfinder | | Changes: | Added database entries to detect file openings and static character array definitions. The HTML output format has been significantly improved. Flawfinder now (by default) skips symbolic links, and always skips special files, to counter attackers who insert malicious files in their source code directories. | | File Size: | 88885 | | Last Modified: | Jul 10 02:42:04 2002 |
| MD5 Checksum: | 577bc6e8753bce69ee76f54cb4a994fa |
|
| /// File Name: |
scponly-2.1.tgz |
Description:
|
scponly is an alternative shell for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is a wrapper around the ssh suite of applications.
| | Author: | Joe | | Homepage: | http://sublimation.org/scponly | | Changes: | winscp compatibility was added. This is a substantial code change. | | File Size: | 12334 | | Last Modified: | Jul 9 01:39:52 2002 |
| MD5 Checksum: | 2c913afdf12feb800c5159f9bd178a70 |
|
| /// File Name: |
arp-sk-0.0.11.tgz |
Description:
|
An ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. See http://www.arp-sk.org/ for further information.
| | Author: | Cedric Blancher | | Homepage: | http://www.arp-sk.org/ | | File Size: | 22054 | | Last Modified: | Jul 8 01:46:51 2002 |
| MD5 Checksum: | 082491103875ba268a86c8af90a33c21 |
|
| /// File Name: |
bed-0.3.zip |
Description:
|
The Bruteforce Exploit Detector is a perl script that remotely detects unknown buffer overflow vulnerabilities in FTP, SMTP, and POP daemons.
| | Author: | SnakeByte, Martin J. Muench | | Homepage: | http://www.kryptocrew.de/snakebyte/bed.html | | Changes: | Added the HTTP and IRC protocol, as well as made some minor fixes. | | File Size: | 18291 | | Last Modified: | Jun 21 00:45:44 2002 |
| MD5 Checksum: | 976bdafd892a582b58fe5d2bba36bc56 |
|
| /// File Name: |
voodoo2.tar.gz |
Description:
|
Libvoodoo is a library which makes heap overflow exploitation much easier by providing the user with valuable internal data from Doug Lea's malloc implementation.
| | Author: | Boldface | | Homepage: | http://www.u-n-f.com/voodoo.html | | File Size: | 44264 | | Last Modified: | Jun 10 03:24:21 2002 |
| MD5 Checksum: | 703a0930d0c1ea65de3e22966afb88f3 |
|
| /// File Name: |
flawfinder-0.22.tar.gz |
Description:
|
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
| | Homepage: | http://www.dwheeler.com/flawfinder | | Changes: | Updated the report given about having %s in scanf when a limit for %s was provided. | | File Size: | 51024 | | Last Modified: | May 16 03:23:15 2002 |
| MD5 Checksum: | 2e0efe7f3bb1a5cb4aab4497bde3c639 |
|
| /// File Name: |
execdeny.tar.gz |
Description:
|
Exec Denier is a kernel module for NetBSD that restricts exec syscalls for certain UIDs. It is very useful for blocking exec calls for named and ntpd. It can also restrict exec calls for users to a certain directory. Changelog available here.
| | Homepage: | http://www.netbsd.ro/kefren/execdeny/ | | Changes: | Supports allowing/denying PROT_EXEC nmap calls on certain files, and cleanups to previously written code. | | File Size: | 7794 | | Last Modified: | May 16 03:22:40 2002 |
| MD5 Checksum: | b626a9efb73bd3dfa1dcd2c7b2754418 |
|
| /// File Name: |
rats-1.5.tar.gz |
Description:
|
RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code, finding potentially dangerous function calls. The goal of the RATS project is to provide a starting point for performing manual security audits.
| | Author: | RATS Team | | Homepage: | http://www.securesw.com/rats/ | | Changes: | RATS version 1.5 is a bug fix release. | | File Size: | 301972 | | Last Modified: | May 15 01:00:03 2002 |
| MD5 Checksum: | 628e4c6000ab635b1894945c09cc1d2c |
|
| /// File Name: |
fragroute-1.2.tar.gz |
Description:
|
Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behavior. Includes scripts to defeat even the current CVS snort IDS.
| | Author: | Dug Song | | Homepage: | http://www.monkey.org/~dugsong/fragroute/index.html | | File Size: | 85247 | | Last Modified: | Apr 23 01:16:44 2002 |
| MD5 Checksum: | 7e4de763fae35a50e871bdcd1ac8e23a |
|
| /// File Name: |
linspy2beta2.tgz |
Description:
|
Linspy is keystroke logger for linux kernels v2.2 and 2.4 which records TTY activity. Based on Halflife's article from Phrack 50.
| | Author: | Xian | | File Size: | 4524 | | Last Modified: | Apr 17 02:35:56 2002 |
| MD5 Checksum: | 0099f4b8f9f3268dbea495ee6168b78a |
|
| /// File Name: |
netspoc-1.1.tar.gz |
Description:
|
Network Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.
| | Homepage: | http://netspoc.berlios.de | | Changes: | This release fixes bugs with the pix security levels. | | File Size: | 42245 | | Last Modified: | Apr 9 02:03:59 2002 |
| MD5 Checksum: | 164a21895f8736dab8920331faff4ec9 |
|
| /// File Name: |
mieliekoek.pl |
Description:
|
Mieliekoek.pl is a SQL insertion crawler which tests all forms on a web site for possible SQL insertion problems. This script takes the output of a web mirroring tools as input, inspecting every file and determine if there is a form in the file.
| | Author: | Roelof W Temmingh | | Homepage: | http://www.sensepost.com | | File Size: | 9446 | | Last Modified: | Feb 26 01:48:46 2002 |
| MD5 Checksum: | 69a47601ba11f3408544b2e8d0eeb20f |
|
| /// File Name: |
sqlat-src-1.0.0.tar.gz |
Description:
|
SQLAT is a suite of tools which could be useful for pen-testing a MS SQL Server. The tools do dictionary attacks, upload files, read registry and dump the SAM. They do this by wrapping extended stored procedures. There is also a tool for doing a minimal analysis of a SQL Server with output as HTML. You need to be 'sa' to run some of the tools, but this usually isn't a problem. SQLAT works over port 1433.
| | Author: | Patrik Karlsson | | Homepage: | http://www.cqure.net/tools06.html | | File Size: | 81417 | | Last Modified: | Feb 26 01:03:15 2002 |
| MD5 Checksum: | d3ea5274c317e3c1b93feb79ab4f80d2 |
|
| /// File Name: |
oat-source-1.1.0.zip |
Description:
|
OAT 1.1.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.
| | Author: | Patrik Karlsson | | Homepage: | http://www.cqure.net/tools08.html | | Changes: | The password guessing is now done on all SIDs of the database. The SIDs enumeration should now be more reliable, Errors reported in a more readable form. | | File Size: | 255672 | | Last Modified: | Feb 26 00:59:08 2002 |
| MD5 Checksum: | af9c1635782aa7913afb7614e4679196 |
|
| /// File Name: |
kernel.keylogger.txt |
Description:
|
Kernel Based Keystroke Loggers for Linux - This paper describes the basic concepts and techniques used for recording keystroke activity under linux. Includes proof of concept LKM which is stealthy, works with recent distributions, and is capable of logging local logins and ssh sessions to and from the host. Tested on Slackware v8.0 with kernel v2.4.5.
| | Author: | Mercenary | | Homepage: | http://www.phreedom.org/article.php?id=28 | | File Size: | 20270 | | Last Modified: | Jan 26 15:24:34 2002 |
| MD5 Checksum: | a9615f10eaef0364e7e748a96c2fb1c1 |
|
| /// File Name: |
flawfinder-0.21.tar.gz |
Description:
|
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
| | Homepage: | http://www.dwheeler.com/flawfinder | | Changes: | Fixed an error that would cause incorrect hits in syslog, added an INSTALL file. | | File Size: | 49612 | | Last Modified: | Jan 11 01:05:27 2002 |
| MD5 Checksum: | fcabc57d5addb69936915a3fbad4e32a |
|
| /// File Name: |
flawfinder-0.20.tar.gz |
Description:
|
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
| | Homepage: | http://www.dwheeler.com/flawfinder | | Changes: | Includes a man page and more command line options. | | File Size: | 58144 | | Last Modified: | Dec 14 02:40:18 2001 |
| MD5 Checksum: | 9530c12b60f4f8123da6a7714e4ded84 |
|
| /// File Name: |
passlogd-0.1d.tar.gz |
Description:
|
Passlogd is a sniffer which logs traffic on the UDP syslog port, allowing a syslog receiver to have no open ports.
| | Author: | Christian Void | | Homepage: | http://www.morphine.com/src/passlogd.html | | Changes: | Fixed serious bugs that caused all hell to break loose. Since you do not like hell breaking loose in passlogd, you will upgrade. | | File Size: | 8178 | | Last Modified: | Nov 21 01:25:02 2001 |
| MD5 Checksum: | 859385e7cbfa3b9e193fc298e2f7a0f5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
