Glibc heap protection patch for Glibc v2.3.2 - Uses the canary method to detect and block heap overflows. Note that this will not stop attacks against the GOT or PLT. An analysis of the performance and detection capabilities of this patch is available here.
3da8e273df467c4ae9bfa63a05dd6ebd62c4ac7a7647b01c8ced31d2479bda97
Impacket is a collection of Python classes for working with network protocols. Impacket is mostly focused on providing low-level programmatic access to the packets, however some protocols (for instance NMB and SMB) are implemented in a higher level as a foundation for other protocols. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. Impacket is most useful when used together with a packet capture utility or package such as Pcapy, an object oriented Python extension for capturing network packets.
16806ae256dee67a6544795e84608cd43e3b4ab1a51b93acbac7833e0da87816
DNS Auditor is a tool which checks for DNS security. Looks for DNS cache poisoning (using additional RR), DNS ID Spoofing, and more. More information in a related paper is available here.
832c63102968839f32aa3a17a7cc29f67bb699940862db19e43e1130efd01dc4
NMRC covert channel using ISN to transmit data from one computer to another.
06c1b1d9f225af451885111b1f3bed5073b07ded469338b643220fbc2ad9c6ad
Hopfake logs traceroute attempts and can also add some extra fake hops. Works well with TCP/UDP and ICMP-ECHO based traceroutes.
240d10356442704cb6a76489439bf4cccb4452ed4ca304baddfcacd35e7c9ddf
Cctt, or "Covert Channel Tunneling Tool", is a tool that presents several exploitation techniques allowing the creation of arbitrary data transfer channels in the data streams (TCP, UDP, and HTTP) authorized by a network access control system.
6f7b41438fd9d341aa44164449ba16733e9cda53c37752b7ee30b054cfef0253
Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
e919bd37f15dce9b792a32f5385ff70b84c09f6fdc10ce4f15e0b6d7aedad71e
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
b4c7ae8769c612b482a70be7b1495c99466bb71de7d68352b7ed0d353ea95920
Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
3001047568c857efbd33c86231094ba5d90d5523e4bb6f8c456c4e8c7fc9153c
Hopfake logs traceroute attempts and can also add some extra fake hops. Works well with TCP/UDP and ICMP-ECHO based traceroutes.
b7aa9f457b2b8ba1ad890694441d7b14893278ca71afce10cc4f30d961eb3b01
OAT v1.3.0 is a set of tools which can be used to audit Oracle databases running on the Microsoft Windows platform. The Tools are Java based and were tested on both Windows and Linux. They should hopefully also run on any other Java platform.
f74397f5dff0d95279b307a2fc6334c3acae4a79d5a794fddf202a2e0033b02a
Paketto Keiretsu v1.10 implements many of the techniques described in recent here.
13498ef49b79f95d1cbf4ebf15edde6b5cfdb5a67557b8060715b30fcab27b73
Lsrscan scans remote hosts to determine if the will reverse source routed connections, and hence are vulnerable to spoofing attacks.
e473245de3168fc20e84469cfeb7c04222d6d37c5527679ee5d4b2532580828b
VNC Game implements a man in the middle attack which bypasses VNC's challenge/response authentication which keeps the password from being sniffed. Written for a security audit.
8f06f7aaf8e4a8adbc8c9291f22b9e98bf2898faf4a55825be8e888530e8eb56
Paketto Keiretsu v1.0 implements many of the techniques described in recent here.
d299bf6abe03d918e37df1c295802a96440e450cb66dda894e980338dbd31941
IP Sentinel is a tool that prevents unauthorized usage of IP addresses within an ethernet broadcast domain by answering ARP requests. After receiving faked replies, requesting parties store the MAC in their ARP tables and will send future packets to this invalid MAC, rendering the IP unreachable. Features chroot non-root operation.
b67c39bb7de96fc952d31f59c297e67e7956dbc59a1570dbc6a2b1dbc65b2ad7
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
0e19a4e720dde7ffecd44a4c768523adb201e18f887931bea2b955fd064a3168
RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code in order to find potentially dangerous function calls. The output generated by RATS can be used as a good starting point for performing manual security audits. Readme available here.
ec9fac2765b655c03cede8c5920de3226581f1e626be314bce95f4d0ac9aadd9
Arp-sk is an ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning and MAC spoofing. It gives complete control of link and network level data. See arp-sk.org for further information.
b7f60d991af47dd4d8ab5d1b66a5ad577cea56280802a585b722deea083f3855
RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code in order to find potentially dangerous function calls. The output generated by RATS can be used as a good starting point for performing manual security audits.
33eab6ae6618322c56f8fca866f0b60be85a586e1807a08fdc02a51ddf1e10e9
scponly is an alternative shell for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is a wrapper around the ssh suite of applications.
46e06b1e5699a6fe6b18b1bc76a7660dd12860dc7d6a50248438aba5ca91f3bd
Arp-sk is an ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning and MAC spoofing. It gives complete control of link and network level data. See arp-sk.org for further information.
bd0b28f03cfe68cc4a98700d4f1ed47e8ecac6cc16fd17b73a9ebbd997ba11e6
lsrtunnel spoofs connections to a remote host by pretending to be the middle host in a source routed path. The remote host must return source routed connections for this spoofing to work.
f93e7c951f6c48c76504b0e670c181ace1f06b89a1ec655e200edfae795a5a3b
lsrscan is a scanner to determine whether remote hosts will return source routed connections, or forward source routed packets to a remote host.
0cb60ffa7d1adf18ad526999957b9cfc557cbba3f64b1911e181a2ee86baac7f
An ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. or MAC spoofing. It gives complete control of link and network level data. See arp-sk.org for further information.
5d0b332367a90caf3fdbbd10bc583e159b5399294d57cc4ec581e5a93b325ef6