Winfingerprint v0.4.0 - Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controller), BDC (Backup Domain Controller), NT member server, NT Workstation, SQLServer, Novell Netware Server, Windows for Workgroups, Windows 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, Enumerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes. Runs on Windows NT and 2000.
cbe16d6221e053409d04ba5f9d8cff4128c6413e64b44b33732d58ccca008171
Procwatch is a perl script which watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.
68dfad72427ae0eddb228265f96ba7689c3ec4efa78ad0f285c13614b8594c69
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
fa1ad43fadf54a769b2370a50d8d29243ac7c710c4d53a67279b3fca599d425a
Srape is a perl script which sends tcp with no flags set and causes the victim to reply with rst packets. Seems to be more effective than a syn attack and harder to filter.
e4f492aef69f00b77840d631ac6aa16b968e23e37b3dfc9b6d38bcf76c82d57e