XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. More than 100 display modes are included in this package.
07677cc91afd5c9a1330c4bb9a532de87ca354cd718e488034d993d0ebab1e6c
A NetBUS client for Linux that works with NetBus 1.60.
1c0a7104070a8d7f3765eb729011162d8ae9794011611ce754607ad32bede09b
Taskigt - A lkm that gives root to a process that read a special file in /proc.
f0eca75af3f14a4ae599be5eebdcfc86aed08224203ac1340f9cdd37f131da6f
Phide - A lkm that hides processes under Linux 2.0. There already exist such thing for Linux 2.2 [like heroin.c or knark] but they're just for Linux 2.2.
715c4e1f504aff3133a4f88a6f5afd23aff686f72d2eaebaa14d0affcf818d55
Snuff is a packet sniffer for Linux 2.0/2.2 that can monitor many streams at once. It can also mail and wipe the log if reached a specified size.
1937019f936a6c0da91d3de824d363a116dc8bcb44b79c5fbf81249555d9b8e1
FreeBSD Security Advisory - Old procfs hole incompletely filled. In 1997 a flaw was discoverd in *BSD procfs code involving /proc/pid/mem interface, leading to a local root compromise. Since then *BSD kernels contained a simple fix which was meant to close this hole. Unfortunately, throughout these three years it was still possible to abuse /proc/pid/mem in a similar, though more complicated fashion, which could lead to local root compromise. FreeBSD security site here.
b90af12a2598b1eb6d3538bab0f0040cfafb86f48bb9aa3eb26ec25737eb91db
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
40a23d3e2bde94319ee12c160a56e1a67b8e69592cc10b92a4660d697a9a0749
sqlbf - MSSQL server brute force tool. This is a tool for auditing the strength of your SQL login passwords. c++ source.
d7b1190ae29de2cf687286b0e0a8b529e95c5db6b35921cb0109ab2a258a4cbe
ZipCracker for linux cracks password protected zip archives with brute force.
e16a838565820ffa2c235cf4a6b2c94e8c3db1a7069b36b8713bc9023ae999bf
Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more.
f5ba5840edd6b693b719052df0221f66334cfd9bea16bfb6117c2c5249b24f60
A modified version of the original qpopper 3.0beta29 exploit by Zhodiac, added network support (no need for netcat) and allowed the user to specify which command to execute.
bcdd1859b2a33b6f0bdced21cd68b20e314cb4ff2fe1dafccab9dfb8f9a3be82
xdestroy.c - Destroys all windows in an X display.
5bce5c0b62ac65885af75f01dfb4a71ae1cd542fb04782c184c9b35f9b2251aa
xinetd is a replacement for inetd, the internet services daemon. Anybody can use it to start servers that don't require privileged ports because xinetd does not require that the services in its configuration file be listed in /etc/services. It can do access control on all services based on the address of the remote host and time of access. Access control works on all services, whether multi-threaded or single-threaded and for both the TCP and UDP protocols.
3677d7e31f9fb05dbe66586c217ae660a513f324a7e0b1afda833de6fe676505
Spank - Denial of service attack. Uses up lots of bandwidth.
c5c5937aab05d65c0563420fb7b006508227f7269f44fe3c7ead813e6cab7c7e
Stasis is a tool to fool atime/mtime timestamp checking. It records the timestamp of files, then periodically finds atime/mtime changes and restores the old timestamps, as if the files were never accessed / changed.
eb63609efc1350e5ecc18faffda1b59339dc10d5a460127fa971feb32673d225
FAQ: Network Intrusion Detection Systems version 0.8.1 - (Updated Jan 17, 2000) This FAQ has lots of excellent info on IDS systems, with a good focus on how they work.
a7d2cec07495ad088bff2514dbfd692cb4e550d18cfaa7bd73b8f19635a6566a
Cerberus Information Security Advisory (CISADV000126) - Internet Information Server 4.0 ships with an ISAPI application webhits.dll that provides hit-highlighting functionality for Index Server. A vulnerability exists in webhits that allows an attacker to break out of the web virtual root file system and gain unathorized access to other files on the same logical disk drive. This vulnerability can also be used to obtain the source of Active Server Pages or any other server side script file which often contain UserIDs and passwords as well as other sensitive information. Vulnerable systems include Microsoft Windows NT 4 running Internet Information Server 4, all service packs. Microsoft FAQ on this issue is here.
49cac6cfcd5dbdffc3c21f57d7db9112fa25f16289c0f6dd92362fc2b81eef32
The Design of GrIDS - A whitepaper on a graph based Intrusion Detection System. GrIDS is a prototype intrusion detection system that was designed to explore the issues involved in doing large scale IDS.
3f3bc5601c8210fe6ff0091402ea6c7c3012870e8d0117b8048f1f3864be3358
CIS vulnerability scanner Version 5.0.0 (formerly NTInfoScan) - Scans systems for remote vulnerabilities. Runs on Windows NT or 2000. Features a GUI, multi-threaded operation, and updates via DLL.
eeffa64245ee0859c441c1eee2eb3a7128c0df263ad45e9e0a406fdf2ce49850
Placing Backdoors Through Firewalls version 1.5 - Hackers often want to retain access to systems they have penetrated even in the face of obstacles such as new firewalls and patched vulnerabilities. To accomplish this the attackers must install a backdoor which does its job is not easily detectable. The kind of backdoor needed depends on the firewall architecture used. As a gimmick and proof-of-concept, a nice backdoor for any kind of intrusion is included.
8ef7f3e0278b056d10da9fd260d41e5f483cc869ba0c8728679ae31bf89e3ad2
Removes ALL major Viewbars from your desktop, and hide/show all (hidden) windows. Reclaims the reserved desktop space taken up by the Viewbars!
15460c651269d5bdbf86ba931a9714101b5b3140994c37a5369602c22b319fb8
Shellcode programming for SCO. All examples are taken from a SCO OpenServer 5.0.4 machine so some of them may not work under another SCO type of Unix (like unixware) although I have tried to make it as portable as possible.
87c08b528d90150e54c5f23a73488490f89852b7c1807a80215a7bcfe1019c7f
Libicmp is intended to provide a simple interface for sending and reciving icmp datagrams. Beyond the obvious diffrence of using ICMP, applications Using this interface would behave much in the same way an UDP application behaves.
caf73b834865d152fbdc4c29280e768d01d742a5dc8baeef50f58a811ba44253
Explanation of the 'spank' attack - a new breed stream/raped. Stream/Raped mearly flooded the host with ack's (or no flags) and came from random ips with random sequence numbers and/or ack numbers. The difference now is that this not only does the previous stuff, but also directly attacks from and to multicast addresses as well.
25a37bfece0acbe778ee130601ca1fda0d9188d98eebaee75e1352130f531bbb
Solaris Solstice Internet Mail IMAP4 Server x86 exploit.
adcc570a64ad515dee55499942b44fc76607894ebc9c473d4d7a8654c863de59