Enforcer is a Linux security module designed to help improve integrity by providing a subset of Tripwire-like functionality with a LKM. It runs continuously and as each protected file is opened its SHA1 is calculated and compared to a previously stored value. The Enforcer can integrate with TCPA hardware to provide a secure boot when booted with a TCPA enabled boot loader.
bbd2015e518721f899c0b5986b3b476ce5516d4bd926e089ae588f3a3f9213b7
REC is a portable reverse engineering decompiler which reads an executable file and attempts to produce a C-like representation of the code and data used to build it. It can decompile 386, 68k, PowerPC, and MIPS R3000 programs and recognizes the following file formats: ELF (System V Rel. 4, e.g. Linux, Solaris, etc.), COFF (System V Rel. 3.x, e.g. SCO), PE (Win32 .EXE and .DLL for Microsoft Windows 95 and NT), AOUT (BSD derivatives, e.g. SunOS 4.x), Playstation PS-X (MIPS target only), and raw binary data (via .cmd files).
3f8f4c802b33352fe0114bbf7758d4f5510b3e435824539cf8b5a73eb0162a87
Wistumbler2 is a network stumbler for WaveLAN/IEEE wireless networking. Supports GTK2 and console modes. Includes speaker beeps similar to windows stumbler.
b91062aa528a1167ac7b1bafb83ac0e952deefdcb416157fbe971729f988fea3
Netdude is the NETwork DUmp data Displayer and Editor for tcpdump tracefiles. It is a GUI-based tool that allows you to make detailed changes to packets in tcpdump tracefiles. It can set the value of every field in IP, TCP, and UDP packet headers, copy, move, and delete packets in the tracefile, and fragment and reassemble IP packets. Netdude addresses the need for a tool that allows developers of networking code to easily create specific traffic patterns in order to test features of their software. Tested on Linux and FreeBSD.
7f1085df99de995a11a9e0f62fb5a9f8991d37ed5a51e51308d402b98383e6db
Login Anomaly Detection System (LADS) detects anomalies in logins and logouts and can perform various actions in response.
d2dd213fb0ebc64e75f230b31d4d8fe6d649ad13d69b52918f87ea09f78c7710
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
29bd843065eb80f97412ba332da5f2b486df98084b60b42a6a3c0686998ac39e
Stream Analyzer is a console application which analyses binary streams and calculates useful statistical information from the observed data which features mathematical, pattern, and bit analysis. It has been designed as a "Swiss-army-knife" for initial steps in reverse engineering and cryptographic analysis.
8e94b31d3df053835db88145966cd411826430ec29870f1c0031387ccbc9745c
How to find Cart32 Sites with google.com.
6d2dafb695fac4ed8c9dec44e7d126334f0eedd89347451338dae80c99c157a3
tcptrack is a packet sniffer which passively watches for connections on a specified network interface, tracking their states and listing them in a manner similar to the top command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage. Screenshot available here.
158a701b19d994f75611be11e9a0049a504d66d5bb8d877f9deafb57410bd5d1
Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads and runs on both branches of Apache.
d71a01b4444fe6b454b0fbb39a0c4695069b9bbca5c5c562a32c611606d18eb2
Maelstrom local exploit that gives gid for user games making use of the overflow found in the -server switch. Tested against /usr/bin/Maelstrom on Red Hat 9.0
d35fbfa93b97946227f3f1032375023f8f6aba52ebed8a946e94bfbe4648d811