SAINT (Security Administrator's Integrated Network Tool) is an updated version of SATAN, designed to assess the remote security of computer networks. Features include scanning through a firewall, frequently updated security checks, 4 levels of vulnerability severity, and a feature rich HTML interface.
e3a7f3895a9cdcc1d430de74251341188bbafceb58d5d312a94791f149a3fa5b
Remote buffer overflow exploit for Kmail, a mail client for KDE. Tested against kmail v1.0.29 and v1.0.20.
f55166711a0a151507c36c9ae5b1a55081ad5bbd687b9780e99dbcb0964c7668
dumpenv.c is a simple system tool for dumping all processes environmental data, requires root to run.
837b6324dabe2be451fc4279bd41a788062fe26188d356de7ee2e6b1487651ac
Dumpfd.c dumps all process file descriptors to stdin. Based on dumpenv.c.
939194707c511f9499ce67f01c1e9d6b4f813addc5aac44b5612a41d4ed0d8be
Parody on the Hacker Manifesto - It is about the End-User. Why? Well, basically because, as an IT professional, I am sick of watching a "new" virus infect thousands of company's networks simply because an end-user cannot understand "do not open attachments from unknown/untrusted senders". Causing "untold amounts" in damage. Willie Gonzalez
9cbb7e95fb660fe69e7309a0757309681de8a2c6083711c7344b94494015b644
IIS Unicode graphical exploit for Windows.
87d2f5e93a85060a386ba7f3a28d801f8a987c41206788d27cc1c6ab52a64768
ARPInject v0.1 is a windows tool which sends custom ARP reply packets at a specified interval, causing most systems to update their arp tables. Requires Winpcap.
2166949ac1d402a1d7e88bfedb0cf6d3d3d3af05863ec66b19b6779a6c228b62
Patch to the UnrealIRCD v3.1.1 which fixes a bug allowing users to dump the DNS cache, defeating hostname masking.
0e08b97aacda2e44609a1dbf551355b759789472323a04cfdcfa978c6f898374
MySQL brute force password cracker - Uses a dictionary attack against an encrypted mysql password.
d2d6a3f7496ba65f94690c6000b5539d0e0594cd880324e8e20d6d1758ca616f
ISS Security Alert Summary for April 5, 2001 - Volume 6 Number 5. 80 new vulnerabilities were reported this month. This document has links to more information and full advisories on each. Includes: palm-debug-bypass-password, exchange-malformed-url-dos, mailx-bo, sunftp-gain-access, winzip-zipandemail-bo, broker-ftp-delete-files, broker-ftp-list-directories, indexu-gain-access, fastream-ftp-directory-traversal, slimserve-httpd-directory-traversal, wftpd-pro-bo, irc-tkserv-bo, warftp-directory-traversal, ie-telnet-execute-commands, cisco-aironet-web-access, netscape-directory-server-bo, proftpd-postinst-root, proftpd-var-symlink, man2html-remote-dos, linux-eperl-bo, novell-netware-unauthorized-access, sgmltools-symlink, hp-asecure-dos, ascdc-afterstep-bo, iis-webdav-dos, websweeper-http-dos, foldoc-cgi-execute-commands, slrn-wrapping-bo, mutt-imap-format-string, formmail-anonymous-flooding, halflife-config-file-bo, halflife-exec-bo, halflife-map-bo, halflife-map-format-string, ikonboard-cgi-read-files, timed-remote-dos, imap-ipop2d-ipop3d-bo, rwhod-remote-dos, snmpd-argv-bo, mesa-utahglx-symlink, ftpfs-bo, solaris-snmpxdmid-bo, vbulletin-php-elevate-privileges, mdaemon-webservices-dos, ssh-ssheloop-dos, eudora-html-execute-code, aspseek-scgi-bo, hslctf-http-dos, licq-url-execute-commands, superscout-bypass-filtering, dgux-lpsched-bo, rediplus-weak-security, fcheck-open-execute-commands, ntmail-long-url-dos, vim-elevate-privileges, ufs-ext2fs-data-disclosure, microsoft-invalid-digital-certificates, akopia-interchange-gain-access, solaris-perfmon-create-files, win-userdmp-insecure-permission, compaq-wbm-bypass-proxy, mdaemon-imap-command-dos, hp-newgrp-additional-privileges, lan-suite-webprox-dos, weblogic-browse-directories, solaris-tip-bo, sonicwall-ike-shared-keys, anaconda-clipper-directory-traversal, visual-studio-vbtsql-bo, sco-openserver-deliver-bo, sco-openserver-lpadmin-bo, sco-openserver-lpforms-bo, sco-openserver-lpshut-bo, sco-openserver-lpusers-bo, sco-openserver-recon-bo, sco-openserver-sendmail-bo, inframail-post-dos, cisco-vpn-telnet-dos, website-pro-remote-dos, and win-compressed-password-recovery.
60fe83921f94894a09c676373d0623af6b51e719ce9ecd75f68f018ab5f57856
spfx.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack.
eb6a1f79702666eaf24869cb76c304100470bb25f837b1e661e2611ad022f367
Vim 5.7 local exploit - This perl script creates a text file which when edited in vim executes an arbitrary file on the local system as the user running vim.
94ac1222cdab6241822c8841377d2a2604f38df90c7a18c05a1615eec0506075
Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
d8c82e7592aa1917286d7e840a46e246d50efb5cdea58ffa2246f81452aa2783
Liskit is a tool for finding directory traversal bugs in webservers by trying to download a file called "a", placed outside of the webroot. Liskit has found directory traversals in several webservers.
4b4109e442731eeeb25079289561f2866177f15af57182632b273859a94970d6
Ntop is a very useful Unix / Windows network sniffing tool that shows the network usage, similar to what the popular top Unix command does. Has an interactive mode and a web mode for greater functionality and options, shows network traffic sorted according to various criteria, displays traffic statistics, shows IP traffic distribution among the various protocols, analyses IP traffic and sorts it according to the source/destination, displays IP Traffic Subnet matrix (who's talking to who?), reports IP protocol usage sorted by protocol type.
724c78c78ca9d589cf5ea2ebaf4b0e10f5489303a347cefed528ef1e6f5fa173