StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
a0d290b17442053787c6652f23397b32b04e3066b225c9bafc040f367dd857d5InaddyScanner is a port scanner that uses pthreads, and can scan 500 ports in 10 seconds in a good connection (112 kbp/s). Using the MIT-pthreads library and GTK, it includes a friendly interface with advanced stuff for scanning.
c870983583afa8034f6debaa6a2612d8e13e5c4706740d64880006cee9264176Logs2Intrusions v1.0 parses IIS or Apache web server logfiles then create possible intrusions report.
3f40f66b2115df1396b1b9a360d57330fab28da0db21fcf67fe7e9a5375dd39dIRPAS is a suite of routing protocol attack tools which sends custom routing protocol packets from the unix command line. It is very useful for searching for new routing protocol vulnerabilities. Included is a tool for sending Cisco Discovery Protocol (CDP) messages, one for injecting IGRP routes, and a scanner for IGRP autonomous systems. Documentation available here.
137b8a73f18383a037c5e6af51cfe6d29c72f38628bd5ce38f1864cf91a8e559Stealth HTTP Security Scanner 1.0 build 29 - Checks for 5677 CGI vulnerabilities. Run on Win32 and Linux under Wine. Free.
dfd5a362ab45ee605e5c6e601ae5eba7ed6f320e00d9ca8c260e2a5fa4e44f92Advanced NT Security Explorer (ANTExp) is an application for Microsoft Windows NT, Windows 2000 and Windows XP system administrators for finding holes in system security. It analyses user password hashes, and tries to recover plain-text passwords. If it's possible to recover the password in a reasonable time, the password should be considered to be insecure. ANTExp is very fast - tries about 900,000 passwords per second on a Pentium-III/450 CPU. Tested on Windows 95, Windows 98, Windows ME, Windows NT 4.0, Windows 2000, Windows XP.
cda4559e128daee59d7f154bb5d74f9cedc7a06826e88dd0bdfda3843e65f6eeFirewall Tester v0.1 consists of two simple perl scripts, the client part (ftest.pl) and the listening "daemon" (ftestd.pl). The client injects custom packets with a signature in the data part while the daemon listens for such marked packets. Requires Net::RawIP, Net:PcapUtils, and Net::Packet.
b2d084cb97e57d877312862c2a15d12a330a9e005401c04c1c23373f57edf56fKppp (/usr/local/kde/bin/kppp) v1.1.2 and below local exploit. Tested against x86 and Sparc Linux.
6955c7c52f2070a0081b8194b5b560371868aee5f2f1508b33fcd2c8d10a32f7Malice v7.0 beta is a perl CGI scanner with an updated CGI list. Includes many anti-IDS functions, IIS checks, and more.
791d4a441af1936dedc5bf7495a5f3603d46c1f0dfd905bf0a8f15a4a1633efeLcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex.
9dd0e763d15fb5c35153497f64e90bb52fb6123f375bad38d56b063969f8f6a5PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.
a68325fcd762dc2dba836045b8ce188f9637f11f7a9f0f0944080e9947be6a59Monitoring Networks Using ntop - How to monitor networks using the security tool ntop. Includes information on how to use it as a lightweight IDS.
8fab586e80d7808fa072e8c914fb00ef79573c88cc88de648f64595124e333e7Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type.
e707c5bc5e52fb6021280ce2cf3edb41d7da18ce67bff64736256dcf75b4a35aNgrep is a powerful network sniffing tool which strives to provide most of GNU grep's common features, applying them to all network traffic. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
fd9beee51894b3a6dca2d7e5a344111ae18c2d6670773cba789e27e91b65dbf4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed