Section: .. / web /
| /// File Name: |
webscan_0.1.0.tar.gz |
Description:
|
Webscan is a web site fuzzer that checks for remote vulnerabilities such as sql injection, cross site scripting, remote code execution, file disclosure, directory traversal, php includes, shell escapes, and insecure perl open() calls.
| | Author: | Gunzip | | Homepage: | http://members.xoom.it/gunzip | | File Size: | 27586 | | Last Modified: | Nov 7 23:33:51 2003 |
| MD5 Checksum: | f83438c6f3e10d4d87a6ee0820bebbba |
|
| /// File Name: |
NatACL.20040508.tar.gz |
Description:
|
NatACL is an authentication daemon for NAT and transparent proxying that man in the middles outbound HTTP requests and forces the user to a login/password page requesting credentials to allow the outbound connection. After proper credentials are received, NAT rules are automatically generated.
| | Author: | Fabio Yasusi Yamamoto | | File Size: | 26553 | | Last Modified: | May 10 03:07:58 2004 |
| MD5 Checksum: | 9a752673abf7c8931bef4b6f9595c7c7 |
|
| /// File Name: |
webterm-0.0.2.tar.gz |
Description:
|
WebTerm is a program in three parts that sends a shell over HTTP. These include a cgi binary, a client-side terminal, and another binary to execute commands via /bin/sh.
| | Author: | Seunghyun Seo | | Homepage: | http://igrus.inha.ac.kr/~seo/ | | File Size: | 26184 | | Last Modified: | Sep 10 01:42:29 2002 |
| MD5 Checksum: | cc636b605562308f9ff82f78256dbb0c |
|
| /// File Name: |
squidefender-1.3.tar.gz |
Description:
|
Squidefender is a Perl script which analyzes a squid log file in native format to detect attacks. This can be used to automatically adapt your firewall when an attack has occurred. The power of squidefender lies in its configuration options, which let you easily add new attacks to scan for. Another interesting option of squidefender is its ability to use different message templates based on the attack found.
| | Homepage: | http://www.jeroen.se/squidefender.php | | Changes: | IPs can now be blocked for a specified time based on the pattern. | | File Size: | 24920 | | Last Modified: | Nov 11 00:44:49 2003 |
| MD5 Checksum: | 6f770e1296f00093afca9121293401d2 |
|
| /// File Name: |
stompy.tgz |
Description:
|
Stompy is a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they're predictable or simply vulnerable to brute-force attacks, we do have a problem.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 24523 | | Last Modified: | Jan 29 11:26:19 2007 |
| MD5 Checksum: | d5f3de170e61b5ec865dfc5d0c1790a1 |
|
| /// File Name: |
mod_dosevasive.1.9.tar.gz |
Description:
|
The Apache DoS Evasive Maneuvers Module is a module for Apache 1.3 and 2.0 that detects and fights off DoS attacks and brute force attempts by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack. Also support iPlanet and Netscape webservers.
| | Author: | Jonathan A. Zdziarski. | | Homepage: | http://www.nuclearelephant.com/projects/dosevasive | | Changes: | Support for NSAPI has been added (SunONE Servers: iPlanet, Netscape). A TEMP_HOME definition has been added to make changing the location of temporary data easier. | | File Size: | 23850 | | Last Modified: | Oct 30 13:55:23 2003 |
| MD5 Checksum: | 994333fa0ea901ae035919ce869332b0 |
|
| /// File Name: |
guileproxy.tar.gz |
Description:
|
Guilecool proxy scanner and checker C source. In Italian.
| | File Size: | 23375 | | Last Modified: | Jan 5 03:20:22 2003 |
| MD5 Checksum: | 332797d09ee2a0d06de04ef90edc66e9 |
|
| /// File Name: |
wpoison-dev.tgz |
Description:
|
Wpoison (May 28 snapshot) is a tool which attempts to find any SQL-injection vulnerabilities on a remote web document, finding bugs in dynamic content such as php and asp. Readme available here.
| | Author: | M. Meadele | | Homepage: | http://wpoison.sourceforge.net | | File Size: | 21280 | | Last Modified: | May 29 02:44:00 2002 |
| MD5 Checksum: | a3f98ae45b8cfdcd96d13c73b76bc2ad |
|
| /// File Name: |
mod_evasive_1.10.1.tar.gz |
Description:
|
Mod_evasive is a module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive reports abuses via email and syslog facilities. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from requesting the same page more than a few times per second or making more than 50 requests with the same child per second.
| | Author: | Jonathan A. Zdziarski | | Homepage: | http://www.zdziarski.com/projects/mod_evasive/ | | File Size: | 20454 | | Last Modified: | Feb 5 13:47:38 2007 |
| MD5 Checksum: | 784fca4a124f25ccff5b48c7a69a65e5 |
|
| /// File Name: |
mod_dosevasive_1.10.tar.gz |
Description:
|
The Apache DoS Evasive Maneuvers Module is a module for both Apache 1.3 and 2.0 that provides functionality for detecting and fighting off DoS attacks and brute force attacks. It does this by adding addresses to a 10-second '403 List' and rejecting rapidly repeated requests for the same URL from the same addresses, using an internal hash table, on a per-child basis. This module can be configured to talk to ipchains, ipfilter, or any other tool designed to push the attack out to the network layer, and provides email notification in the event of an attack.
| | Author: | Nuclear Elephant | | Homepage: | http://www.nuclearelephant.com/projects/dosevasive/ | | File Size: | 19567 | | Last Modified: | Jan 22 15:13:58 2005 |
| MD5 Checksum: | 5e5eee54b3fba64c83898828693931ff |
|
| /// File Name: |
swiftsurf.tar.gz |
Description:
|
SwiftSurf v1.01 is an HTTP proxy that lets you do a lot of things. You can spy, filter, and modify the HTTP requests that your browser sends, as well as the answers it receives. Some of its possible uses include filtering ads, limiting access to a specific domain, or suppressing cookies.
| | Homepage: | http://pauillac.inria.fr/~ailleret/prog/swiftsurf/index-eng.html | | File Size: | 18199 | | Last Modified: | Jan 15 02:06:47 2001 |
| MD5 Checksum: | 4840088e4e843dfa9867c966260e43af |
|
| /// File Name: |
spkproxy1.0.tar.gz |
Description:
|
SPIKE proxy is a proxy which uses the SPIKE API to help reverse engineer new and unknown network protocols. Provides security analysis features for Web applications, a multi-threaded design, man in the middle SSL proxying, handles Connection: keep-alive properly (it is possible to log in to Hotmail with it), and rewrites User-Agent to pretend to be running IE. Requires pyOpenSSL pre 0.5 from the SPIKE Web page. Several working examples are included.
| | Author: | Dave Aitel | | Homepage: | http://www.immunitysec.com/spike.html | | File Size: | 16436 | | Last Modified: | Jul 14 21:18:41 2002 |
| MD5 Checksum: | 8bf40cc6cecfff2da3663229ce715a79 |
|
| /// File Name: |
wsh-2.0.1.tar.gz |
Description:
|
Wsh is a remote UNIX shell that works via HTTP. The client script provides a shell-like prompt, encapsulating user commands into HTTP POST requests and sending them to the server script. The server script extracts and executes commands and returns STDOUT and STDERR output. Features include command line history support, file upload/download, and it can work through an HTTP proxy server.
| | Homepage: | http://dyatlov.ru | | Changes: | SSL Support and new configuration script. | | File Size: | 16227 | | Last Modified: | Jun 16 19:32:28 2003 |
| MD5 Checksum: | 8bfe7a7f6d2c8641bff43e34e07d32b2 |
|
| /// File Name: |
mailprotect_2005_05_14.zip |
Description:
|
Mail Protect was written as a quick and easy way to add an anti-spam version of an email address to web pages. It supports iso 8859 encoding of characters and JavaScript as a means of thwarting automated email harvesting while leaving the email address usable by any modern web browser.
| | Author: | Monty McDougal | | Homepage: | http://www.foolmoon.net/security | | File Size: | 15508 | | Last Modified: | Aug 14 01:30:57 2005 |
| MD5 Checksum: | 9243f8df7eb9eb707908dda0d5f8eae0 |
|
| /// File Name: |
httptype-1.3.9.tar.gz |
Description:
|
Httptype is a program that returns the http host software of a website. It is written in Perl.
| | Homepage: | http://staff.ncst.ernet.in/~philip/downloads/httptype | | Changes: | New stable version. You can now use URLs in a host file as well. Unsupported URL schemes will return a warning and be skipped. This version also tries to figure out the server type of SSL hosts. | | File Size: | 15254 | | Last Modified: | Aug 30 01:10:02 2002 |
| MD5 Checksum: | 6941ca3c2c8dd990f6e56dfce2fd9668 |
|
| /// File Name: |
GoogleRower.zip |
Description:
|
Google Rower was created to automate google searches and retrieve the links. It can brute force searches to get more results by adding a letter or number to the end of each search. It then combines all the results found into one html file and removes the duplicates. It can be used to search an ip range using google's site operator, thus looking for backup/old http servers.
| | Author: | Jeffball55 | | File Size: | 13095 | | Last Modified: | Oct 27 16:51:53 2006 |
| MD5 Checksum: | 8ee131d92b371022c11a9cada4409072 |
|
| /// File Name: |
mod_security_1.3b.tar.gz |
Description:
|
Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads.
| | Homepage: | http://www.webkreator.com/mod_security/download | | Changes: | Selective filtering has been introduced. You can now filter requests based on the contents of individual variables (HTTP headers, environment variables, and individual script arguments) coming either from GET or POST. | | File Size: | 12967 | | Last Modified: | Dec 15 17:38:28 2002 |
| MD5 Checksum: | 55a6ab4938c0f27140ead7ecac3bf5ca |
|
| /// File Name: |
pixpirate.pl |
Description:
|
Pixpirate.pl will goto a source URL, download all other sub-URL's from an index of URL's, then goto each of those source url's, downloading every jpg file that it comes into contact with.
| | Author: | Ajax | | Homepage: | http://users.dhp.com/~ajax/code/ss | | File Size: | 12166 | | Last Modified: | Dec 2 19:10:56 2000 |
| MD5 Checksum: | dd5c3e955dc00e9e2c75f59d05543ddc |
|
| /// File Name: |
mod_rootme-0.3.tgz |
Description:
|
mod_rootme is a very cool module that sets up a backdoor inside of Apache where a simple GET request will allow a remote administrator the ability to grab a root shell on the system without any logging.
| | Author: | Christophe Devine | | Changes: | This version adds support for a large number of unix systems, including the BSDs, Solaris, OSF/Tru64 and more. | | File Size: | 11894 | | Last Modified: | Jun 25 08:41:00 2004 |
| MD5 Checksum: | 5ae58a3aca398a4c2534413269dc13b6 |
|
| /// File Name: |
dom-checker-1.00.tgz |
Description:
|
A simple utility to thoroughly validate DOM, XMLHttpRequest, and cookie security restriction handling in modern web browsers. Notable features include exhaustive hierarchy crawling, cross-domain IPC system for blind write verification, page transition checks, and more.
| | Author: | Filipe Almeida, Michal Zalewski | | Homepage: | http://code.google.com/p/dom-checker/ | | File Size: | 11631 | | Last Modified: | Jan 25 19:20:06 2008 |
| MD5 Checksum: | e28d130fba312da6a933f088e0ea34e2 |
|
| /// File Name: |
prtunnel-0.1.2.tar.gz |
Description:
|
prtunnel tunnels a TCP connection to a remote server using an HTTP or SOCKS5 proxy, which is useful if you want to send packets from programs that don't have native proxy support through a proxy.
| | Author: | Josh Beam | | Homepage: | http://joshbeam.com/software.html | | Changes: | Bugs fixed. | | File Size: | 11067 | | Last Modified: | Jan 10 04:32:46 2003 |
| MD5 Checksum: | 8fc2d6028d8a92a223ebeabf967699b9 |
|
| /// File Name: |
tinyurlfuckery.c |
Description:
|
The tinyurlfucker utility encodes data in base64 chunks and lets it get moved using tinyurl.com as a transit.
| | Author: | lazy-xo of xoc | | Homepage: | http://xoc-staff.com/ | | File Size: | 10895 | | Last Modified: | May 22 00:56:21 2006 |
| MD5 Checksum: | 0b9124f92507c41d4058abed01024d99 |
|
| /// File Name: |
http_filter.tar.gz |
Description:
|
HTTP Filter v1.4 is a HTTP tunnel with filtering and multiplexing which sits in front of not-so-secure Web servers (like IIS), and it accepts requests, applies a set of rules to them, and allows the requests to be passed through to the back-end Web server only if they pass all filters.
| | Homepage: | http://glob.com.au/http_filter | | Changes: | An issue with HTTP/1.1 persistant connections was resolved. Previous versions only applied filtering to the first request of the connection. | | File Size: | 10605 | | Last Modified: | Aug 26 01:08:23 2001 |
| MD5 Checksum: | 8682dd9a95b52c6ad1e5625dec7690e8 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
