Boss Everyware gives a clear picture of how a Windows computer is being used. It secretly logs program names, window titles, visited URLs, user names, and keystrokes. With its Report Manager, Boss Everyware provides a powerful tool for the analysis of logged data. Can monitor one or many computers.
f0ac9d112f8a9e1e12a78511e23856c8e0b7483587f6711c637768ca91dae303
Malice v.5.2 scans for over 238 cgi vulnerabilities and uses anti-IDS tactics as discussed in RFP's famous whitepaper. Written in perl. Checks for known bugs and interesting directories.
8ccabde6d935c50454cdfa8e08465b2c79b64c11e8c2c0ab9f579093a0a8ca3b
Assitch is a remote packetfilter analyzer, that detects in and OUT rules by doing ACK scanning. (It's useless against state-full filters.) Assitch is 3 years old, but still useful for debugging filter rules.
66592b879e744c047d64cb18485d1014112959a8455bd5b9242187637f566877
Biew is Binary vIEWer with built-in editor for binary, hexadecimal and disassembler modes. It contains a PentiumIII/K7Athlon/Cyrix-M2 disassembler, full preview of MZ, NE, PE, LE, LX, DOS.SYS, NLM, arch, ELF, a.out, coff32, PharLap, and rdoff executable formats, a code guider, a text viewer with russian codepages support, and many other features.
0c61690e636e16954dfdb9eec1001653d7bb8232dcaf176c26d976db285fa3f7
fwlogwatch analyzes the ipchains packet filter logfiles and generates text and HTML summaries. Features realtime anomaly response capability and has an interactive report generator.
345ca2a677ec0578e2e285fda7c70b7ad93815ac5775fb7cd501f323b8d518aa
Tripwire is a very popular file integrity checker which saves checksums of selected files in a database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email / pager reporting. Databases and reports are cryptographically signed.
f48cf36fb22415dacf82f45381a8dabf6c5d2c8a446ac7c1010b333311b33a49
pakemon has been developed to share IDS components based on the open source model. Current version of pakemon monitors all traffic on a network, search given data patterns in the traffic and output session logs and summary logs of matched traffic.
29af805ca67b3bcea17adb328ce0e0ab54999d43cde58111dc827ecddb84fa74
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
7de04f501ebf11244c7e8312fc9c0f1cf50c113ad52b6459cb121943a4fa9905
Gzip for Windows! gzip is gnu zip. This is the self extracting archive.
da97196a1da79cd843e96639721a49993464e3304fd4bf6b44508b53043758b5
GNU zip (gzip) for Windows!
d4643ac853dfc090f48c55802a6525913ce0f3ba36d7363633a108eed5dc0483
This is GNU tar, ported to Windows.
4f952a3f55088df7975f66708aa8aa6ef2c09ee33f3012ae9367d23e67d971e7
Mailing List & News Version 1.7 remote exploit - takes advantage of insecure mail handling to spawn a shell on tcp port 60179.
3a148d33c2f43170a5459c274e9265844c395aa32ff20393b2138faa0365ddd6
Listmail v112 remote exploit which spawns a shell on tcp port 60179. Takes advantage of an insecure open call.
a2ac27c937b546ef9d313562c45140abe85c463a173244433131cd8154e5689a
FormNow CGI script v1.0 remote exploit - Takes advantage of an insecure sendmail call to bind a shell to tcp port 60179.
42bf2ffcf31c7fb94d3cd685478259c9560724e80bf63d3d45532dea4c785e1e
News Update 1.1 advisory / remote exploit which allows changing the passwords for the cgi program without knowing the former password, allowing malicious users to modify your news-page.
8ebdb22642d1fa6286496e52ac9000e2dacc42f9352cbae20dec72dc68ce24bc
Older version of the host command contains a remotely exploitable buffer overflow. The host command is used to perform the AXFR request to obtain the zone transfer information, and can be caused to execute arbitrary code when connecting to a fake DNS server, a netcat process listening on port 53.
39951d3f589829a119033d3606128b1ac7e7273f64901d487f9e72eb6efa1de7
aix2passwd converts the AIX shadow passwd (located in /etc/security/passwd) into a regular crackable passwd file, which can be cracked with any password auditing tool.
9d80b662e5db3010c29386a3f63cdb0de68f428134449a4a02ba2dac7bd9407d
SuSE Security Advisory - A vulnerability has been found in the ncurses library, which is used by many text based applications. Insufficient boundary checking leads to a buffer overflow if a user supplies a specially drafted terminfo database file. If an ncurses-linked binary is installed setuid root, it is possible for a local attacker to exploit this hole and gain local root access. SuSE recommends patching this vulnerability by removing the SUID bits from xaos, screen, and cda.
ac12b02288d39d5602539adb46a4349398da66ae75f08fcfd4f548ea2d04d609
The Half-life Dedicated Server for Linux contains remotely exploitable buffer overflow vulnerabilities. Includes remote buffer overflow exploit hl-rcon.c which has been tested against v3.1.0.x for Linux x86.
4e21668332d5a5c5d6b07f99eee2df8e776267a63c81e42ab56b09b08e270f90
This program exploits a flaw in the share level password authentication of MS windows 95/98/ME in its CIFS protocol to find the password of a given share on one of these machines, as discussed in ms00-072. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".
96e29bad718463491122f8f7ad5158fa52c389629d4c02a73b7d0bb812c5f9c8
Unicodexecute2 is a simple perl script to execute commands on vulnerable IIS servers w/ Unicode, as described in this article.
5b2cf0d0ae0a8d6764aa36ceead14fd067a55867c82158f7611f7b7fe312bc2c
net-acct logs network traffic. It provides a daemon (nacctd) that logs all traffic passing through the machine it runs on, and the level of detail of output is configurable.
070910cfa7ec695a5f484944a28cc21d046a722bd518b7e6417b534fba5f1fbe
SysWatch is a perl / cgi script that allows you to view current system information, disk utilization, resource utilization all in your web browser.
cc28d6f7ceb389374a6875ed6db1cbe730a4a9b1aef223691b6d79cc8596ac56
MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.10 / 8.11 and will alter or delete various parts of a MIME message according to a flexible configuration file.
aa09583049c2dc09d442ad91672b0f11e4ddc10b62246bf491f93d2adefe03a8
Godmessage worm is a worm based on Godmessage IV. Untested dangerous code. Archive password is set to p4ssw0rd. Use at your own risk.
3346db355c6be01b0aaa5c128b82b86b8f3b56605b03829b4ee95fc9fa06d88a