seeing is believing
Showing 1 - 25 of 6,165 RSS Feed

Files

Bro Network Security Monitor 2.5.2
Posted Oct 16, 2017
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro 2.5.2 fixes a security issue in the ContentLine analyzer. In rare cases a bug in the ContentLine analyzer can lead to an out of bound write of a single byte. This allows a remote attacker to crash Bro; there also is a possibility this can be exploited in other ways.
tags | tool, intrusion detection
systems | unix
MD5 | c2de260b7592418e3f136a46a069f8d1
Falco 0.8.1
Posted Oct 12, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed packaging to specify correct built-in config file.
tags | tool, intrusion detection
systems | unix
MD5 | f3c654ded00f3186f3ff92320204a747
Packet Fence 7.3.0
Posted Sep 25, 2017
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Added a RADIUS only mode to PacketFence. Added the possibility to import switches from a CSV file. Added a cluster wide view of pfqueue statistics. Added the possibility of importing switches from a CSV file.
tags | tool, remote
systems | unix
MD5 | 324b19e3dcf03c3e29e6d0068093a250
TestSSL 2.9.5
Posted Sep 21, 2017
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Various improvements and updates.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 6cc8311416eafc70b08f54534b6f29d3
ifchk 1.0.8
Posted Sep 19, 2017
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
MD5 | c1c6efe5e77f8131b9339ba6ff02701e
Blue Team Training Toolkit (BT3) 2.5
Posted Sep 12, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: Bug fixes and minor adjustments.
tags | tool, python
systems | unix
MD5 | 80ed0156b08d33062b359eb27242d763
MIMEDefang Email Scanner 2.82
Posted Sep 9, 2017
Authored by David F. Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Various bug fixes and updates.
tags | tool
systems | windows, unix
MD5 | 2b240e67e4c16ed407544893b7749ff7
Lynis Auditing Tool 2.5.5
Posted Sep 8, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Minor update to solve screen output issue in 2.5.4.
tags | tool, scanner
systems | unix
MD5 | 3c597cf312e2ff06a8a52199f72c9fe7
Blue Team Training Toolkit (BT3) 2.4
Posted Sep 4, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: Improved input validation routines. Pcapteller module now supports SMB/SMB2 and NBNS packet payload manipulation. Documentation updates and minor adjustments.
tags | tool, python
systems | unix
MD5 | c8f995b15e574362d9b037998e82913a
Flawfinder 2.0.4
Posted Sep 4, 2017
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: Now directly supports pip installs. Switched from distutils to setuptools.
tags | tool
systems | unix
MD5 | 60f3a87102de4acdb79116ad9a744bec
ifchk 1.0.7
Posted Aug 29, 2017
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
MD5 | 5a80d94ed0f5a895e8745170175a8a03
pyClamd 0.4.0
Posted Aug 28, 2017
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: The API for this new version is now object oriented. Useful classes are ClamdNetworkSocket and ClamdUnixSocket.
tags | tool, virus, python
systems | unix
MD5 | 176b00f50236fa11eaf1eb75ec8055d8
Flawfinder 2.0.2
Posted Aug 28, 2017
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: Flawfinder can now run on either Python 2.7 or 3. Added more tests. Implemented additional code cleanups recommended by Pylint. Modified documentation in various ways to clarify things.
tags | tool
systems | unix
MD5 | c9ce3115093bc3b8754b82603c8b2848
360-FAAR Firewall Analysis Audit And Repair 0.6.3
Posted Aug 24, 2017
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release updates the config parsers to permit you to specify the default service set used to scan rules and service objects. Various other updates.
tags | tool, perl
systems | unix
MD5 | 2cba5e7f228859fd636962a64d3f49d0
AIEngine 1.8.1
Posted Aug 22, 2017
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Support for Go language. Support for SSH protocol. Retrieve the SSL cipher id used on the conversation. Optimization of DatabaseAdaptor handler. Various other updates.
tags | tool
systems | unix
MD5 | 5a141d38b9079c4f281f4173007d53a7
Tenshi Log Monitoring Program 0.16
Posted Aug 17, 2017
Authored by Andrea Barisani | Site dev.inversepath.com

tenshi is a log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: PID file is now created before dropping privileges (CVE-2017-11746). Removed old redhat, solaris and suse init scripts. Rewrote and simplified the OpenRC init script. Renamed the "gentoo" init script to "openrc". Throttled monitoring loop on empty reads. Added options for listening on Redis queues (redisqueue, redisserver).
tags | tool, system logging
systems | unix
MD5 | 9512bfe87adac0c5d113661314158e23
Check Siem 201708.05
Posted Aug 14, 2017
Authored by Stephan Schmieder

check_siem is a security incidents and events monitor written in Perl. It reports on unusual user, process, net, and file activities by leveraging fuzzy LSOF statistics. Think of it as a fun-sized HIDS.

tags | tool, perl
systems | unix
MD5 | 1aea048508da5cbbeaf7f61b00c2598f
OpenDNSSEC 2.1.3
Posted Aug 10, 2017
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Various bug fixes.
tags | tool
systems | unix
MD5 | 2ff24d853aceac6e9d082bd0135dbaa9
Faraday 2.6.2
Posted Aug 9, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated Core Impact plugin to be compatible with 2016 version. Improved loading of fields request and website in Burp Plugin. Improved Nexpose Full plugin. Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions.
tags | tool, rootkit
systems | unix
MD5 | de4c643f965eb7be3290ca0d073c11d4
Swap Digger 1.0
Posted Aug 8, 2017
Authored by Emeric Nasi

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.

tags | tool, web, bash
systems | linux, unix
MD5 | ce88e554ecf00a5e8c7c68abb1bdacb4
I2P 0.9.31
Posted Aug 8, 2017
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
MD5 | e389d36f99899bf2b2e0871f29fc5e21
Nmap Port Scanner 7.60
Posted Aug 2, 2017
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Updated the bundled Npcap from 0.91 to 0.93, fixing several issues with installation and compatibility with the Windows 10 Creators Update. NSE scripts now have complete SSH support via libssh2, including password brute-forcing and running remote commands, thanks to the combined efforts of three Summer of Code students. Added 14 NSE scripts from 6 authors, bringing the total up to 579! Various other updates.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | 91e199d556ab5587958777ad45fe47d1
Suricata IDPE 4.0.0
Posted Jul 27, 2017
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bugs addressed and a couple of features added.
tags | tool, intrusion detection
systems | unix
MD5 | 41fb91b4cbc6705b353e4bdd02c3df4b
MIMEDefang Email Scanner 2.80
Posted Jul 26, 2017
Authored by David F. Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Various bug fixes and updates.
tags | tool
systems | windows, unix
MD5 | 0e22b573c08233276dd4687d9fddb649
Faraday 2.6.0
Posted Jul 25, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added the ability to select more than one target when creating a vuln in the Web UI. Fixed formula injection vulnerability in export to CSV feature. Various other improvements and fixes.
tags | tool, rootkit
systems | unix
MD5 | ab95c49d7e96840293238a4eaeb8efc7
Page 1 of 247
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Domino's Pizza Delivers User Details To Spammers
Posted Oct 18, 2017

tags | headline, privacy, email, spam, fraud
Adobe Patches Zero-Day Used To Plant Gov't Spying Software
Posted Oct 17, 2017

tags | headline, hacker, government, usa, flaw, cyberwar, adobe, zero day, nsa
UK TV Drama About North Korea Hit By Hackers
Posted Oct 17, 2017

tags | headline, hacker, government, britain, cyberwar, korea
Russia Tweaks Telegram With Tiny Fine For Decryption Denial
Posted Oct 17, 2017

tags | headline, government, privacy, russia, cryptography
Never Mind The WPA2 Drama... Details Emerge Of TPM Key Fail
Posted Oct 17, 2017

tags | headline, wireless, flaw, cryptography
Millions Of High Security Crypto Keys Crippled By Newly Discovered Flaw
Posted Oct 16, 2017

tags | headline, flaw, cryptography
Pizza Hut Latest To Be Hit In Card Data Breach
Posted Oct 16, 2017

tags | headline, hacker, privacy, bank, cybercrime, data loss, fraud
Artificial Intelligence - Hype, Hope, And Fear
Posted Oct 16, 2017

tags | headline, botnet, cyberwar
KRACK Attacks: Breaking WPA2 By Forcing Nonce Reuse
Posted Oct 16, 2017

tags | headline, privacy, phone, wireless, flaw, cryptography
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close