CGI vulnerability scanner which checks for 97 holes.
060417ed4bb3cf29abdafb541acfe7a1a6ac52ace4502735c764a51f054bf7ecHttpscan scans web servers for version and server type. Takes input from a file. Changes for v2.01 some options for diferent ports and logging.
268a19441c98246ffbf87210f0606717f7ffe3a3b95105583f44e79bb6424512lids is an intrusion detection system patch for the Linux kernel; it can protect important files from being changed. When it's in effect, no one (including root) can change the protected files or directories and their sub-directories, and the protected append-only files can only be appended. It can also protect the hard disk's MBR, and can also disallow sniffing while the NIC is in promiscuous mode.
14cc654b7767e4639cc0795dc2ccb827e3b21db6ca359e67d598f7d7fcbbb5a4IE 5.0 cross-frame vulnerabilities are back again. Test page here.
58513adbb0b9d1e19f086121a59e9d5025328e58bcdf654d047fb1f967cd60d9Versioner is a command line tool that traverses directories gathering the file properties described below. Versioner will output its information in a human readable text format as well as a comma seperated version that can be imported directly into MS-Excel or MS-Access. It is useful to anyone who wishes to maintain control over file versions from either a security or compatibility aspect.
921547a24e65adf37ddcb9cc69c44533ff15fab2736157a39bc0478d4fb72ebbnscache is a simple program to browse the Netscape cache directory with a GTK UI. It shows the contents of the browser cache in a three level hierarchy of files: protocols, servers and documents. nscache permits you to files to the cache, remove files or gather various information about specific files.
e32ecbc6abf2d0edb217627890d60702563cb16bc38ffc0bff933310c50e963eWhois2 recursively queries whois servers. This makes it simple to determine the complete information about domain ownership in today's shared registry system.
2c32578183a8feb3b9fed9645278a7aa015b64ef9718cfb767c050a0e9e03ecdmultisort can merge multiple httpd logs from a single website distributed on multiple hosts (through round-robin DNS, for example) into a single date-ordered log. It's useful for preprocessing logs before feeding them to analyzers. It's written in C and is quite fast.
50cc0e84738f1c9b4b587e4d13564c233be20c693fd2154f2e8a293f3d5bc17dLibnet 1.0 has been released. Libnet is an API to help with the construction and handling of network packets. It provides a portable framework for low-level network packet writing and handling (use libnet in conjunction with libpcap and you can write some really cool stuff). Libnet includes packet creation at the IP layer and at the link layer as well as a host of supplementary and complementary functionality.
d8577cc906b13b2566ab7f3b9f6fa11835294ab147acf5abc4d523408c1915daEthereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
1a46ee567aed3ca818fc3361bc48e2c17f9616fb71419a9cb74b1eb22893d728Problem: The encryption algorithm used to save passwords to disk is weak and easily broken. Decryption program here.
1b3afabfd5ff939a69eb0863f8806b0965927000c94e385fd52ea151fcac902fAxent Raptor 6.0 'IP Options DOS'. Tested on Intel/*BSD systems. Exercises the IP options bug reported in Raptor 6.0, this bug is fixed by an Axent official patch available here.
e50c15da4d68cb8bc5970d2a2c0384d6e488c7b916efa9e7038b05fb41efe598etfilter is a framework for arbitrary packet mangling. So far, a new NAT system and packet-filtering system have been built on top of it, as well as compatibility modules for ipfwadm and ipchains. Netfilter is a work-in-progress, but should be fairly robust for non-exotic work.
f4917334f36ca4cc4426e84f2dac7ec17b333061054625c2fd6204ec9b45dc06The WFTPD v2.34,v2.40 Server and earlier a vulnerable to remotely exploitable buffer overflow. This can result in a denial of service and at worst in arbitrary code being executed on the system.
1da511ef5ea23df545a0b22c5a4538820e140e48715c156edb886c816c2c16b1URL Live! 1.0 WebServer for Windows95/98/NT which is released by Pacific Software Publishing, Inc. (http://www.urllive.com/) also has a "../" security problem, any users can download any files on the victim host.
c64939edba329091851ebb821f527ea204471836402e1d30c11570c20750b105Zeus is a high-performance webserver available from Zeus Technologies (www.zeus.co.uk). There's a myriad of problems, that when combined together, could yield a remote root compromise.
65d6f38cd31d99a0d42671ac5798e0b7297ec2bffefafb358fe4c9721a74e92bLibraries needed to compile syslog-ng-1.2.0.
cf62f99181ce6086b6b417cf622da52637e25fcaf5aeffe37d27215acb7ecfbcSyslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
7688e47e094bd096ad063d2888408cd6b23e11fcb32bf36ebb18433f917f4576Ftpcheck version 0.32 scans hosts and networks for FTP and anonymous FTP archives. It was written as a security analysis tool. ftpcheck is very fast. It can effectively scan a class C network for anonymous FTP sites in less than 5 seconds. It does this by starting a new process for each connection. ftpcheck requires perl and libnet (from CPAN).
4db18ee847594c54327e7cbf9a06f2931d9e5950e20b2ba32d3e0d93b52e29c0Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall).
f48d24516c0e62148cbb782e1cb62c1b16b0c0a4f5d49100f27fe7568d015b5aThis patch (for kernel version 2.0.38) is a collection of security-related features for the Linux kernel, all configurable via the new 'Security options' configuration section. In addition to the new features, some versions of the patch contain various security fixes. The number of such fixes changes from version to version, as some are becoming obsolete (such as because of the same problem getting fixed with a new kernel release), while other security issues are discovered.
bac133254280a1004601ee0378499f2384700b2c51e1280c5877c6d220d8550dThis patch (for kernel version 2.2.13) is a collection of security-related features for the Linux kernel, all configurable via the new 'Security options' configuration section. In addition to the new features, some versions of the patch contain various security fixes. The number of such fixes changes from version to version, as some are becoming obsolete (such as because of the same problem getting fixed with a new kernel release), while other security issues are discovered.
950f913dd4c3cb5fc0e1ab946fc132fef8d3e674b058a9d8aef8258d476418c8Techlord's second cracking tutorial. This one will guide you through the cracking process of a small program, and help you under stand all the steps involved in cracking.
e803f72a65f8cc8dcb206d3258ec9d4593fa5d20dc608d7cde6804d8f708540dsuidshow.c is a linux lkm that will log any non-root user doing a setuid(0) or a setreuid(0,0) system call. CyberPsychotic
5089cc902d75283bd99aa843ad384439e5b1b862509c70dfa40b9ccae967e300fwmail is a small secure daemon for inetd that forwards incoming smtp traffic to another sendmail server, acting as a gateway, and optionally anonymizing the senders origin. Version 1.1.
aa50ed680dff4ba963354310ae65f519721901b409409b2ad2f3d944d5b6794b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed