pmacct is a small set of passive network monitoring tools to measure, account and aggregate IPv4 and IPv6 traffic; aggregation revolves around the key concept of primitives (VLAN id, source and destination MAC addresses, hosts, networks, AS numbers, ports, IP protocol and ToS/DSCP field are supported) which may be arbitrarily combined to build custom aggregation methods; support for historical data breakdown, triggers and packet tagging, filtering and sampling. Aggregates can be stored into memory tables, SQL databases (MySQL or PostgreSQL) or simply printed to stdout. Data is collected from the network either using libpcap (and optionally promiscuous mode) or reading NetFlow v1/v5/v7/v8/v9 and sFlow v2/v4/v5 datagrams, both unicast and multicast.
2d0a42c3dc4eb96a5f1c38d4885f8d99d208cf2903f356e82949043a561b08c3
A small utility that shows all connections by reading open inodes and will even show related PIDs. Very useful for backdoor detection when you cannot trust other binaries.
e0f17c5b2fc829a001738b7b5d94113d2a5e8aa07f9c76d21ead02ae2514efff
AntiExploit is an exploit scanner to detect local intruders. It scans for over 3900 suspicious files, has daily database updates, and will act if a file is accessed. It uses the dazuko kernel module, which is also used by clamAV, Amavis, and other virus scanners.
50c01c400c85b72038d9386969b13645f68d8f9087df927ba4adbdb86d82a839
Pandora is a distributed system to monitor processes, performance, status, application or operating parameters of almost any system (AIX, Solaris, Linux, Windows, BSD and Nokia's IPSO). It has a decentralized management system, based in flexible user profiles, that allows generation of graphical reports, defined alarms, and a full incident management system to operate a 24x7 monitoring team.
035d150cdeb3f1c623a7848c5399880684faabe349452205a7b3ae0b0da6ae11
Simple perl script that can be used to track overflows.
358adcaadedf7d52c8116f911f5ebad392623b2e08fde65cea09264234c5e25f
NessusWC provides a simple HTTP Web interface to the Nessus Security Scanner. It connects to local or remote Nessus version 2 daemons via SSL (using OpenSSL libraries), retrieves the plugins, configures a scan for a single target host, and saves the results in HTML format. As a result, even users with limited security knowledge can scan their machines. Scan results are stored in a central place.
a96668c7005fff45df91c5bcf8af5a888e681369d2db3c4a4a8b71ce0beaf3fc
NessQuick consists of perl scripts designed to assist in managing the output from Nessus scans and creating an alternate report format. These scripts help produce a report that lists all vulnerabilities and then enumerates each host that was found to contain that vulnerability. Pulls the .nbe files into a MySQL database.
754d5fb2206faa3724831290f3e79849d98b396cb1d37880095fb6ff425b8345
Simple html parsing tool that extracts all form related information and generates reports of the data. Allows for quick analyzing of data.
775fd1d04e6784cb43827f6833c3d84a21025eb24ec1d5d74d99f835e403ad60
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
469e0087f9ab460d901241b6d80b1ad341ba5827e643127c68c4b865bc9e1972
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
4fa1e262dff5b6a08f1e81a625e335d9a832f445116798c5350dc8f72694fdcc
Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
67ce369dee026bd488baa977483c0d9784bc6763c815f6018ce19227669ec926
Nessus version 2.2.4 is a free, up-to-date, and full featured remote vulnerability scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available This is the automated *nix installer.
8877db4220b9c258e9fc7326ad0f8aaec1f499ab218105a0d328b578c3e141f2
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
46b3c43698a8fd3171e26348ce3dcb97090e19e73b8424d1a0fc1dbf6c1f753b
NessusWC provides a simple HTTP Web interface to the Nessus Security Scanner. It connects to local or remote Nessus version 2 daemons via SSL (using OpenSSL libraries), retrieves the plugins, configures a scan for a single target host, and saves the results in HTML format. As a result, even users with limited security knowledge can scan their machines. Scan results are stored in a central place.
6400c7092e5cc54c09c01972526ccf5e1a807f06e4641ef617ad72361037d606
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
0fbec3e733e1fc14dfcdf8a49ef16a0c61acc54ff3598cf387a4e86c3d7cc995
NessusWC provides a simple HTTP Web interface to the Nessus Security Scanner. It connects to local or remote Nessus version 2 daemons via SSL (using OpenSSL libraries), retrieves the plugins, configures a scan for a single target host, and saves the results in HTML format. As a result, even users with limited security knowledge can scan their machines. Scan results are stored in a central place.
876204631ce2a9e265fc47906f66160223d19cf9c9f199f53f55654a13ef5143
Nessus version 2.2.3 is a free, up-to-date, and full featured remote vulnerability scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available This is the automated *nix installer.
d78a335599794d0a8aa0f10f1acd60c107d024383f25d7b085e35f1b66861d3a
Simple perl script that can be used to track overflows.
3c33b0271ed9873b4665cbb7fffa87bb72a6068113d3c2f6b033f9a97ee58919
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
39ed6684d66ada9efa09fb0b6d338e67cfc788dc8edd7db5067de783a51fbd03
Simple perl script that can be used to track overflows.
8e0e9ec7916d675fec7225824346945763cb053af127a78bfecd094a93b211ae
Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated twice a month to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins, open shares, and much more.
0b27b5243dfb473f0036462d1ea5598ca847a16cdc51a37c1fb73b3dff8831d4
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.
bc3163c8b5ceaa27a0a38daac6146987dba202b556b8fe7a7e3fe136f528d9eb
Nessus v2.0.9 is a free, up-to-date, and full featured remote vulnerability scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available This is the automated *nix installer.
87ebe48fc8a8bcdcafd46a091fb214e8cf97949ea47eea38fa49e9b5f6506455
Nessus v2.0.10a is a free, up-to-date, and full featured remote vulnerability scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available This is the automated *nix installer.
87ebe48fc8a8bcdcafd46a091fb214e8cf97949ea47eea38fa49e9b5f6506455
Nessus version 2.0.11 is a free, up-to-date, and full featured remote vulnerability scanner for Linux, BSD, Solaris and other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over a thousand remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available This is the automated *nix installer.
87ebe48fc8a8bcdcafd46a091fb214e8cf97949ea47eea38fa49e9b5f6506455