Network Promiscuous Ethernet Detector, rewriten with Libnet/libpcap so it works on FreeBSD, OpenBSD, and linux, possibly more. neped scans your subnet and detects promiscuous boxes that might be running sniffers or similar applications, using hacked ARPs (non broadcast), only listened by promiscuous ethernets.
13ae8d3a11fae60402ab6957375f70e36f63594d0a78cf2adabdb15ea22ae9fb
Based on my neped-libnet source, just figures out what boxens in your lan run IP stack and are in the same subnet with you.
8c962758543cf1efe692d94441b24554c815e04aa8d5b7945d7c03c243946076
Named version scanner. Due to several vulneriabilities found in BIND daemon, it's always good to know what bind versions you're running.
6252b690ef013e0a1bf5131aa89038e46fd5d8e9d1b6f0f2ae9ee3555a666327
Unix backdoor which pretends to be a http daemon.
e8731998c6f8964470198eb94c4df8a820262e7bcd5c9ed5a0ceb724d820911a
Simplified Restricted Shell 0.1.3. Major purpose of this shell is to maintain 'not permitted explictly then not allowed' policy on machines which provide shell access to users, which can not be trusted, while trying to keep KISS rule. Of course you should carefully check up and configure applications, which you allow your users to run, otherwise it still would be trivial to break your policy with badly configured pine or lynx for example. Some day this will be a full-fledged user tracking system.
1a0fdbb6fcfad3e948679681898566a7394e700dce9b2bc9d7f59344b50373d8
The foundation for a "Windows Deception Toolkit". This package contains "fake" telnet and sendmail daemons, coded in Perl, runs on Windows. Cool concept!
d3262e107ed4706fceb6e66c9775bc4de711f7f5dc9dc3f8c3d2187b3168b567
spoof v0.0 - TCP packet spoofing library (alpha code).
cffdee9f2d9b75adb92e4880fa931b79a40faa9550934b7dd48879a3b1ffb63c
Latest release of Spoof Library project by Fyodor, now supports IP/UDP/TCP spoofing.
f1f3a29f0eda2905cd25c35c70a998a26677e6a2da4067ce802c8a0ebf7894a5
Sample code showing how to send spoofed packets (for Linux with BSd compatibility in mind).
7917c689b314392cb9c51b77c88b7dbddeed3317767968937b4153045b14196b
Sample for very simple sniffer.
5951569d7ab4b235187bc84c736d66f36e8a38fa17c233a73a494b2367111a2e
tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
ad0b5e7ee76f32e2ad88276614a890cb9441868777a8322de5b393470b1553db
tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
d8633fcc961c50c646ba7305143bf8b85c46537c26afe456d128400057e414b2
tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
4ffef77ab750facde3910498ec5f5b26fd5e44b4ed5706c9cda335bdd7432a53
tcplogd v0.1.4 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners. This release includes fixes for the port range bugs.
c8b3fb1a34bd183731c2d836feb98fe0589149ad5dab820cd348d09a9f629a5b
tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
0e87ddad17dce2c11d4d4f36b887a4f0f538cd9d16384f72be1fdf4ffbb905a5
tcplogd is a stealth-scan detector (TCP only). Configurable. 15k.
1f78c517c43b7eae1516169e9b91e9cc651d3ebdda76ee75b03b728623c522d0
tcplogd v0.1.5pre1 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners. "trusted hosts" feature added in this release.
ea3d14ba7a0e27884f879c8cdaa7b0070ee626c0958e791d238317eb1cc69ac3
tcplogd v0.1 is a stealth-scan detecting daemon that is designed to detect most nmap sX/sN/sS scans, queso and other network scanners.
57359d2fc1122e5a8476763b4d7f5a7f7b3b416214128deb3494e9c7466f7439
tcplogd v0.0 is a stealth-scan detector (TCP only). Configurable. 15k.
22df34b1eae735ce7267bc9ccc90aa95708b1e7c32e51d10ef52cfe5d707bd3b
icmpmon will show you all ICMP packets reaching your box, which could be useful in detecting attacks/portscans sometimes.
022ca57c1cf8a1c087388030afe727b83e14995bc7264c8b9f75ccdbaa969603
Snippet of code that will tell you whether remote device is a cisco router or not using cisco's indent port (1999).
803b1efba5379b868ba3f6a532adc90d032d52c4ee522f4cf8e64972693fed89
Squid_connect : shows the way to exploit squid proxy servers to hide your identity.
2589aa41d8a4428674f0806ed208d60d8e1a826d519dc45a73d5438ad354f94b
Retrives netbios name from remote Windog (as described in Hobbit'sdocument cifs.txt).
9515a0eac392da0e50348f61ecbed9379abac534c5d58f10f1df17a1f65495ff
Sample daemon, which hooks on the UDP ports, listens and records all incomming packets. (could play ping/pong with them as well).
71e3388678985937115e6aaa064151ee448bc7abe69b7905578d2a4df1e85adf
Retrieves netbios name from remote Windog (as described in Hobbit's document cifs.txt). Several bugfixes in this release, including timeouts.
3b04370a8747b81989de7c2310d18411dc665a4f919b2838b27b00a23040f00c