nmap-web v1.3 is a quick-n-dirty Web interface to nmap. It's some simple Perl/CGI script(s) you install on your web server which allows you to submit nmap commands (and receive the responses) through a web interface.
8918bb87e8f342903d9bd37862343f0a882a573253e9d8d4c55f8a00cde77959
CRYPTO-GRAM April 15, 2000. In this issue: AES News, The French Banking Card Hack, Counterpane -- Featured Research, Counterpane Internet Security News, The Doghouse: Cyber Security Information Act, Microsoft Active Setup "Backdoor", The Uniform Computer Information Transactions Act (UCITA), and Comments from Readers.
1ecdc6ce3a58a7f087fe74065e4831f41987d3282b128d31159013cf3cd45bde
RDS Toolkit is another addon for msadc.pl. It is similar to spawncmd.pl which spawns a remote command on a NT machine using RDS, but the RDS Toolkit works in Windows and Unix based systems.
307ed12db58ad983855684468dc1d67a67049ba817f86ee6abf19b080fe3a3e2
Local users can steal credit card numbers and personal information from a Netsurfer e-commerace site due to bad default permissions.
f7aaba8feeb913af82aa2a92c8b00a6263f4d54f7ba387f6ac420c1bc1405245
Hacker Society Whitepaper - Rarely does the media explain the ethics, codes, rules and regulations that govern this mysterious society. A society that exists known solely amongst underground. A professional approach has not been taken in analysing this mysterious sub culture.
dbacee3926937a533ee25302fecd9fbfea1362d4a252efe1bd4f18f73324348c
Aps is a small tool for analyzing network traffic. It prints out a great deal of information about the relevant protocols including TCP, UDP, and ICMP. It allows you to filter IP addresses, hardware addresses, ports, and specific protocols.
d965183bb3b5fc919580e993bf26c738ed7ba2e8bc9feb814d88e52346a0c18b
Microsoft Security Bulletin (MS00-025) (third update - Apr. 17) - A procedure is available to eliminate a security vulnerability in dvwssr.dll that allows a malicious user to cause a web server to crash, or run arbitrary code on the server. Microsoft FAQ on this issue available here.
51eccbb62f1f4a4303077be37e2b435d1a4bd6a3689f74466136aee5f11d49e6
libol-0.2.16 is needed for syslog-ng 1.4.3.
0d7578ba6b1bcdf52e7fdeae34eb30667bc90079454c67ca61e1f232be28a953
Spoink.c is a local linux DoS - just executes the program about a million times per second and sends a box to its knees in a minute or so. Tested on Linux 2.3.14.
5011fa45e495179d421d422bcc2b0a81518e9341dbea660061fa074a97b0f810
Arping is an arp level ping utility which broadcasts a who-has ARP packet on the network and prints answers. Very useful when you are trying to pick an unused IP for a net that you don't yet have routing to.
de610ee2b3767605931457bbea0d2ee6653a36051149528c5fd1f5f3948d94b7
Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
1d2e1cbdf7943747b457bf7a377e01997ea29c4bc82ed221bb39702d32f09660
Buffer Syringe is a tool for checking servers/daemons (e.g. ftp) for buffer overflow(s) on given parameter(s) (a stress tool if you may). It has a flexible configuration file where you input the parameters needed to run the program and it logs sessions to textfile for easy viewing and printing.
c7ff5172d3445f73a0b48d9318e79d07c834063ef8c60144c87e358ad3ec1a3e
Jport version 1.1 is now here. After a bit more development and some outside user input we have created Jport v.1.1. New Features Include: Choice of Number of Threads, Linear Approach to Improve Speed, Progress Bar, and a README file.
1febe6aef2a2e3baf1cc9079b9fe896215ed7b2156fc92e5dd913d0ba877611e
PERL script to grab a list of new files from r00tabega.com. It then gives the user the ability to pick and download any of the files, all without having to load up a browser. ragnarox is planning to also make a front-end for X and MS-WIN.
fe354f1906c1d44d05333dc1504dff7472b8cfe1ff0677b9daf68ccfd55e30b7
The Linux kernel includes a powerful, filesystem independant mechanism for mapping logical files onto the sectors they occupy on disk, which can be subverted (with bmap and friends) to perform a variety of functions interesting to the computer forensics community and the computer security community.
eb01009d394b8a9b8f3bd133aa67cdd81a226d6493aaa68132a53f3a43cc3218
Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based.
d0a15a1f3c257d78c636f144ce925e1931af3f15c3faa7c6701b9991444bf823
This variation of forkbomb will still affect linux machines with process / user limits in effect. These processes are unkillable as of 2.2.5 and possibly 2.2.14.
59168f1a69c2900fee653f6ab51672490a3d9410ff3829d850545d7a897eb1cd
LDasm (Linux Disassembler) is a Perl/Tk-based GUI for objdump/binutils that tries to imitate the look and feel of W32Dasm. It searchs for cross-references (e.g. strings), converts the code from GAS to a MASM-like style, and much more. Screen shot here.
bbef44f9229c408db7d090d90cd6c2d1649415d147aa4e6df0f43fc4f774174e
WarFtpd dos attack - The buffer overflow seems to occur because the bound check of the command of MKD/CWD is imperfect. War FTPd 1.70-1 does fix this problem, but it contains other vulnerabilities.
75f5fa10bdcb027b11108ada9ad43286eb50f3575be3fbcb51715841603aff32
NewDSN.exe/CTGuestB.idc/Details.idc remote NT exploit.
5781b09b479321548029c27b1117422b84680901e7eaae1102c1cf80eb4de30e
Netscape PublishingXpert 2.* file-reading/dir-listing vuln in PSCOErrPage.htm - On SunOS 5.5.1 and 5.6 (possibly others), Netscape PublishingXpert 2.* can read any file on the system. Many large e-commerace sites are vulnerable to this. Exploit details included.
f72d0de10aa960305471a7ffdf18974bf303879fb5b50370cc298b687d33dd75
The PHP firewall generator is a simple PHP script that generates a firewall script for ipchains-based firewalls. The aim is to support an easily configurable rule set similar to those supported by commercial firewall systems.
858d23efcbeeee8dddbb426cbaf8a8bb04752a84d9127f0020329df1fbdf991d
The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.
224d27687e30c04e3e40b5fdb3f15dcfb208f4175b2da5b22e47345337a591df
Pgp4pine is a script that automatically encrypts and decrypts mail under Pine using PGP. The user is not separated from things that PGP does. The program is compatible with PGP versions 2.6.3, 5.0, 6.5.1 and GNUPG 1.0, has support for an aliases file and signature-rotating programs, and can remember your passphrase for a session if you need.
ce9afacc1590b7df9c5696436c69ed150f6b084c58e23f3d7afd0dde18961796
an introductory guide to phreaking in the uk, one of hybrid's earlier files, for darkcyde and 9x, specifically aimed at uk dudes.
d0fe4706aaa5dd12e2bf945787f311ab29f1b44e20556423ececddb6395a9ec7