sqlsus is a MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure / contents, inject a SQL query, download files from the web server, upload and control a backdoor, and much more.
3ac31ec61fc3009c88c24749920a68b2abfeec486f2dfcc6a9678ed802e7e157Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
47ec0734e5807709802da023edf6ec49be71018d5f9ccec8e1b2a6553baaa0fcWhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand. Written in Ruby for Linux. Flexible plugin architecture with over 60 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.
7dd4420c9c4270ff82b2508a50149b6c683487083b7e706949972666a8657295This tool enumerates hostnames and URLs from Google. It features antibot avoidance, search within a country, custom search appliance, output either hostnames or URLs, and custom search depth. Written in Bash for Linux.
aeaa5ee7e1288ae22a7fb24145c07239602f4b84fa6f4237e6090bab65dd8be2This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
42c7c26f81e81970bb24710b0f5fa543bad39b49979aadca7945e248f12aba7cSambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will search everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses SMB to list the shares and their contents.
ea26f18aa88817ae9a6c600d317c4f4f743ee8507b769a6b2d9c56902cafd888ppscan is yet another portscanner. However, it can scan an entire Class C subnet for a range of ports not only using tcp-syn/tcp-connect but also by tunneling through HTTP proxies (either HTTP GET or HTTP CONNECT), or using FTP servers which allow arbitrary connections via PORT bounce method. It is multi-threaded, so it can blaze through connection attempts.
662c1cf506bf0d8bb74216f8ea2f0047e7c33238eb1860284b5d9c9fbb2ccc27htrosbif is a tool that actively probes an HTTP server. It prods the Web server in all sorts of old, new, basic, fancy, spec-compliant, and spec-breaking ways. It tries to characterize both the well-spoken educated responses and the seriously deviant babble it receives in return. Signatures contain no user data, only header names and HTTP-level quirks. As a useful side effect, this might detect reverse proxies, HTTP load balancers, intrusion prevention systems, and Web application firewalls.
9f2e98af019d3b5445bede40d649c0dc8245787e77eeaa688ee2285e7c7efeb0MapSweeper version 1.0 ping sweeping script.
78c58f4e6a6537b3dfef8851eccfd453b7b677c8f62d6b7760cde32ccbb49583Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
dc734ad1f8bdce30d7604c3eb4176dbaf92cf0e5c54d3ea12ec6cd3128e402acuwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.
f5889f915e9116c5d6e219bc6ac51f19112545db98937dc7898dbe14386f4937ACE (Automated Corporate Enumerator) is a simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface. In the same way that the "corporate directory" feature of VoIP hardphones enables users to easily dial by name via their VoIP handsets, ACE was developed as a research idea born from "VoIP Hopper" to automate VoIP attacks that can be targeted against names in an enterprise Directory. The concept is that in the future, attacks will be carried out against users based on their name, rather than targeting VoIP traffic against random RTP audio streams or IP addresses. ACE works by using DHCP, TFTP, and HTTP in order to download the VoIP corporate directory. It then outputs the directory to a text file, which can be used as input to other VoIP assessment tools. ACE is a standalone utility, but its functions are integrated into UCSniff.
d5b4c5ef2b4537b8f6cb4ab98d0bfd6f34392477aafb0f492fd833f4f55aca49Scannedonly is a samba VFS module that ensures that only files that have been scanned for viruses are visible and accessible to the end user. Scannedonly was developed because of scalability problems with samba-vscan. Scannedonly comes in two parts: a Samba VFS module and (one or more) daemons. The daemon scans files and marks them when they are known to be clean. The samba module simply filters out files that aren't marked clean.
9842b07d7ecd6d2ebf5d42b180dc29e13e74b4b56dd66cf96d7cdb6a0a156b70Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
36250f88b0f0698ce2d7b3675799c4f33449f1a9b5fd3d21cb6ba7a07a716149Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
7350552cefc567f7eb5f9f877f55aca96d41599543c7f10bbf9cf512d99d19e4fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
b4fcde370773c710927230c0d84100a4aaa2060eb497cf896a97d752b2856e87MySqloit is a SQL Injection takeover tool focused on LAMP (Linux, Apache, MySQL, PHP) and WAMP (Windows, Apache, MySQL, PHP) platforms. It has the ability to upload and execute Metasploit shellcodes through the MySQL SQL Injection vulnerabilities.
97e06597309a5714f14fba6fa3ea6ae49105d79129f7455ebc3be206b0cab04aHyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
24e96c74ab7f179042a146f12914546dc1c7a7d95b6ffe4238ef38490d616034This is a quick and simple TCP port scanning utility written in PHP.
c0fbd6b658908af4cb4a3272dc3c7b366d57256efceaaa57640c208b9bea5c0cThis is a quick and simple TCP port scanning utility.
ca2361f0996c2deb8b4e5664c3723449c147a40f24187fda1f254d15ad72b61eHyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
2389a66440d5635d196fccc4471fe836efc0c4f571071145d2159d57cd276797Hyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
250217ea75c2bc9d734031a5fdbcd9407e3c3c910c95de1378b359368cb5f07fHyenae is a highly flexible and platform independent network packet generator. It allows you to reproduce low level Ethernet attack scenarios (such as MITM, DoS, and DDoS) to reveal potential security vulnerabilities of your network. Besides smart wildcard-based address randomization, a highly customizable packet generation control, and an interactive attack assistant, Hyenae comes with a clusterable remote daemon for setting up distributed attack networks.
c56bfbe97e29a46bf1cb1b30c024b38b31ee81e5be5d165417e22712be8c9fafuwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.
13057a6d9a4ce6617d07316cf3ac864b76984cb10985c54168293dbc49851d8aNullSearchAccess is a scanner that attempts default logins for various services like ftp, pop3, imap, mysql, and more.
a10a9044c809fd3349b9ec60b05ed552425f65705f4c73c9f835870f23fb0bbd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed