Network Promiscuous Ethernet Detector, rewriten with Libnet/libpcap so it works on FreeBSD, OpenBSD, and linux, possibly more. neped scans your subnet and detects promiscuous boxes that might be running sniffers or similar applications, using hacked ARPs (non broadcast), only listened by promiscuous ethernets.
13ae8d3a11fae60402ab6957375f70e36f63594d0a78cf2adabdb15ea22ae9fbBased on my neped-libnet source, just figures out what boxens in your lan run IP stack and are in the same subnet with you.
8c962758543cf1efe692d94441b24554c815e04aa8d5b7945d7c03c243946076Named version scanner. Due to several vulneriabilities found in BIND daemon, it's always good to know what bind versions you're running.
6252b690ef013e0a1bf5131aa89038e46fd5d8e9d1b6f0f2ae9ee3555a666327Unix backdoor which pretends to be a http daemon.
e8731998c6f8964470198eb94c4df8a820262e7bcd5c9ed5a0ceb724d820911aSimplified Restricted Shell 0.1.3. Major purpose of this shell is to maintain 'not permitted explictly then not allowed' policy on machines which provide shell access to users, which can not be trusted, while trying to keep KISS rule. Of course you should carefully check up and configure applications, which you allow your users to run, otherwise it still would be trivial to break your policy with badly configured pine or lynx for example. Some day this will be a full-fledged user tracking system.
1a0fdbb6fcfad3e948679681898566a7394e700dce9b2bc9d7f59344b50373d8The foundation for a "Windows Deception Toolkit". This package contains "fake" telnet and sendmail daemons, coded in Perl, runs on Windows. Cool concept!
d3262e107ed4706fceb6e66c9775bc4de711f7f5dc9dc3f8c3d2187b3168b567spoof v0.0 - TCP packet spoofing library (alpha code).
cffdee9f2d9b75adb92e4880fa931b79a40faa9550934b7dd48879a3b1ffb63cLatest release of Spoof Library project by Fyodor, now supports IP/UDP/TCP spoofing.
f1f3a29f0eda2905cd25c35c70a998a26677e6a2da4067ce802c8a0ebf7894a5Sample code showing how to send spoofed packets (for Linux with BSd compatibility in mind).
7917c689b314392cb9c51b77c88b7dbddeed3317767968937b4153045b14196bSample for very simple sniffer.
5951569d7ab4b235187bc84c736d66f36e8a38fa17c233a73a494b2367111a2etcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
ad0b5e7ee76f32e2ad88276614a890cb9441868777a8322de5b393470b1553dbtcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
d8633fcc961c50c646ba7305143bf8b85c46537c26afe456d128400057e414b2tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
4ffef77ab750facde3910498ec5f5b26fd5e44b4ed5706c9cda335bdd7432a53tcplogd v0.1.4 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners. This release includes fixes for the port range bugs.
c8b3fb1a34bd183731c2d836feb98fe0589149ad5dab820cd348d09a9f629a5btcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
0e87ddad17dce2c11d4d4f36b887a4f0f538cd9d16384f72be1fdf4ffbb905a5tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
1f78c517c43b7eae1516169e9b91e9cc651d3ebdda76ee75b03b728623c522d0tcplogd v0.1.5pre1 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners. "trusted hosts" feature added in this release.
ea3d14ba7a0e27884f879c8cdaa7b0070ee626c0958e791d238317eb1cc69ac3tcplogd v0.1 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners.
57359d2fc1122e5a8476763b4d7f5a7f7b3b416214128deb3494e9c7466f7439tcplogd v0.0 is a stealth-scan detector (TCP only). Configurable. 15k.
22df34b1eae735ce7267bc9ccc90aa95708b1e7c32e51d10ef52cfe5d707bd3bicmpmon will show you all ICMP packets reaching your box, which could be useful in detecting attacks/portscans sometimes.
022ca57c1cf8a1c087388030afe727b83e14995bc7264c8b9f75ccdbaa969603Snippet of code that will tell you whether remote device is a cisco router or not using cisco's indent port (1999).
803b1efba5379b868ba3f6a532adc90d032d52c4ee522f4cf8e64972693fed89Squid_connect : shows the way to exploit squid proxy servers to hide your identity.
2589aa41d8a4428674f0806ed208d60d8e1a826d519dc45a73d5438ad354f94bRetrives netbios name from remote Windog (as described in Hobbit'sdocument cifs.txt).
9515a0eac392da0e50348f61ecbed9379abac534c5d58f10f1df17a1f65495ffSample daemon, which hooks on the UDP ports, listens and records all incomming packets. (could play ping/pong with them as well).
71e3388678985937115e6aaa064151ee448bc7abe69b7905578d2a4df1e85adfRetrieves netbios name from remote Windog (as described in Hobbit's document cifs.txt). Several bugfixes in this release, including timeouts.
3b04370a8747b81989de7c2310d18411dc665a4f919b2838b27b00a23040f00c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed