Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.
be2ad72a5f7e58bec5e293f07cddf1c771191addf410c6a726252e11b9718624Mixmaster is an anonymous remailer which provides protection against traffic analysis and allow sending electronic mail anonymously or pseudonymously. It is every unix using citizens civic duty to run a remailer and help ward off the evil forces of censorship. It is a well known fact that running a remailer will make you automatically cool.
dc4fcffb0cd3a0dc6875bece51bd58b8bf3fdf930b6ed0f2dbe26db56a581e53Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
94727682cc12dced9d7ffa50e8436c87b0d5e89def9f32c37727cfcad072daefWifiScanner is an analyzer and detector of 802.11b stations and access points which can listen alternatively on all the 14 channels, write packet information in real time, search access points and associated client stations, and can generate a graphic of the architecture using GraphViz. All network traffic may be saved in the libpcap format for post analysis. It works under Linux with a PrismII card and with the linux-wlan driver.
f269f212c20055db7cca7e48e8928cd7e2c5a799c2b39a04d9ce52edbab9c15dLocal proof of concept for non-setuid binary /bin/sfxload which overflows the $HOME environment variable. Tested on Red Hat 7.0 and 7.2. Other setuid programs may call this binary, leading to privilege escalation.
fba83a1d7358cb4bbde5773a64e9b9700c008093044e9eb8b18d983f0b18adb3The Linux-kernel security patch for kernel v2.4.20 includes security improvements that implement random PIDs, random port numbers for IPv4, NAT, and IPv6, and enhanced random numbers for networking. Patch for kernel 2.4.19 is also available.
6f102e4e2251dea6bab82965b32acee2a2adf66b4f4402ecb74b9243577c3a89Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233!
81509d637b18008571d20a69abeb7186061b19f044b882b42974720a61efebdfCups-1.1.17 and below remote denial of service exploit. Tested against Red Hat Linux 7.0 and 7.3.
06b5099910189dc6cc9b50a2ea27515f24becd3bf3b677bd9981ee2dec92f31bWmap v1.3 is a cgi scanner that attempts to be smarter than most. To increase the chance of finding useful stuff, wmap has a file containing interesting Directories (dirs.db) and other file containing common cgi dirs (dircgis.db) to search for. If a directory is found is added to the test. This include all the directories that are found in the html tags. For each directory found, not only scans for vulnerable CGI's (cgis.db) it scan for interesting files (ex. passwords.tmp) included in the file (file.db) and does an http PUT scan.
ac3b777a7381abf8276557c6f9dd8e715134d18322a8f3c05dc95e3bee0f5fe2Putty v0.52 and below remote exploit which is a fake ssh server to exploit connecting putty clients. Downloads and executes an attacker supplied URL. Tested on linux and Cygwin against putty 0.52 running on WinXP and Win2000.
ea55431a7edf4385d9cf0057092c53eb171bc0bbe707f33ad5a241852b5dadbeCST is a java based web scanner that scans using a database of scripts (user editable). The sample databases included contains +1600 possibly vulnerable scripts/dirs. You can scan with or without a proxy server. The scanner has 11 different Anti-IDS tactics and sends fake "X-Forwarded-For:", "Referer:" and "User-Agent:" headers to hide your scan even more. You can also specify a wait time between 2 script fetches. The scanner uses HEAD requests instead of GET for faster scanning, and has support for scanning virtual hosts. You can also specify another port to scan instead of the standard port 80. The scanner outputs the scripts/dirs that return a 200, 403 or 401 HTTP code and outputs the webserver software. A full and comprehensive manual is included.
ed1ed005823058fb585949b6d3946ff5897c5e5582d334a7717c3cc986dc9e71
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed