Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data. It is able to embed data in BMP, WAV, and AU files.
ff9bc688ec3eb84593723ea25071447f207bcfaa94f53a248ca0096d9e2cc5a5
Unichk is a tool for Linux which checks for 224 Unicode vulnerabilities in Microsoft IIS.
45a6db642a8a66e95d9334c8d29873ecda259a67fbb203d5302c66e083806f7e
XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock.
192956ca270a2f8c2e8ec9dd1e03f9d58c6f91af172ce7f1d84503763627bf3d
IPFC is a framework to manage and monitor multiple types of security modules across a network. Security modules can be as diverse as packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, and other general devices (from servers to embedded devices). Features log collection for different security "agents", dynamic log correlation possibilities, and easy extensibility due to the generic database and XML message formats used.
63511bda8c6fd2d6f712c45572657cc8891a2f5cdada97fec9266aa464af65a9
Sendmail is a very popular unix Mail Transfer Agent, a program that moves mail from one machine to another.
05e168c4f3fc3b39b64c3ad2bf82a3d76d04a9a87c706d333d6dccd60cf02c43
The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.
596f6a8ddf49abee65e5e834da0f3170010fb8dc7587e4994e99615d518d4528
IP Filter is a TCPIP packet filter which works well in a firewall environment. It can either be run as a loadable kernel module (recommended) or incorporated into your kernel. Scripts are provided to install and patch system files as required. IP Filter also includes several cool features, including transparent proxying via packet forwarding, allowing for round-robin forwarding to achieve load-balanced proxy.
4cdd248efebd50f41df78053aa260aa3da830dfc5eb3a802747c331a56b21913
SGI Security Advisory 20020102-02-I - A vulnerability related to the way the IRIX unified name service daemon (nsd) manages its cache files has been reported which allows remote users to fill the disk. The nsd daemon is installed by default on all 6.5.x versions of IRIX, and this vulnerability exists in all versions of IRIX 6.5.4m/f through 6.5.11m/f. The problem has been fixed in IRIX 6.5.12m/f.
44d2dcae3a1ebef95b52d69bf3a53fea80ae607bc6bbf4571c42ecb9a5b47610
Local root exploit for sudo + postfix. Exploits sudo prior to sudo-1.6.4.1. Tested on debian powerpc unstable.
56c4a7509e2a9ce7833c6d4cb82396da0284a904354b620cfe74d1de0f8ee533
Myndscream is a SYN flooder.
80700bcca1fb983ba2ff733e252130393272d4e3574d8346bce31ea2c1d614fb
Troier is a package of trojaned linux commands. Includes du, locate, netstat, ps, pstree, top, w, and who.
36639e9cd73d3706b82e255356a62bb0d1004cbb508747d25be9960364a72ada
Reversing the ELF - Stepping with GDB during PLT uses and .GOT fixup. This is a GDB tutorial about runtime process fixup using the Procedure Linkage Table section (.plt) and the Global Offset Table section (.got) by the dynamic linker ld-linux.so. ASM knowledge will be helpful. More info on ELF here.
d827aaba5feb045e90dea774ade60c84ce956eb244b90457391bfb60f6d84432
FreeBSD Security Advisory FreeBSD-SA-02:06 - The sudo port prior to sudo-1.6.4.1 contains a local root vulnerability. If a user who has not been authorized by the system administrator (listed in the 'sudoers' file) attempts to use sudo, sudo will send an email alert. When it does so, it invokes the system mailer with superuser privileges, and with most of the user's environment intact.
95d8394d5117d9a6f3521370ab41a96912996869f60e721be66457c59168ec22
ScreamingCobra is an application for remote vulnerability discovery in ANY UNKNOWN web applications such as CGIs and PHP pages. Simply put, it attempts to find vulnerabilities in all web applications on a host without knowing anything about the applications. Modern CGI scanners scan a host for CGIs with known vulnerabilities. ScreamingCobra is able to 'find' the actual vulnerabilities in ANY CGI, whether it has been discovered before or not.
1c61510c3cb228a1abff6c5da28c95a0d953967242a0947ff6e7255b9603f309
Cm-ssh is the Teso SSH remote exploit. Includes targets for SSH-1.5-1.2.27, SSH-1.99-OpenSSH_2.2.0p1, SSH-1.5-1.2.26, and SSH-1.5-1.2.31. Binary form only. Brute forces the stack.
36d483d3aefeedd928c940806cf788f6b477890f44e775db5cc7b2ecd2fa7557
LKH is a very powerful and documented kernel function hooking library running on Linux 2.4/x86 . The code has been explained and the API described in Phrack #58 : Linux x86 kernel function hooking emulation. It Supports functions with or without frame pointer, you can enable, disable the hook, access in rw mode the original function parameters, set as permanent or singleshot hijacking, and be discrete or aggressive.
e3efb0bc08482cc47cdb890c9383289d52b76dacfd5498437b9f05b73fc02d15
"Remote Access Session" is a security tool to analyze the integrity of systems. The program tries to gain access to a system using the most advanced techniques of remote intrusion. It can either work in normal mode (which is fast) or hard mode (which is more intensive). There is a big difference between "Remote Access Session" and other remote security audit tools as "Nessus" or "Internet Scanner" - If "Remote Access Session" finds a remote vulnerability that gives a user account or root, it will try to exploit it and it will return a shell. In my honest opinion, this is the only way to discard false positives of remote vulnerabilities, and the only way to demonstrate that the danger is real to upper management. "Remote Access Session" is not a hacker tool. It has been designed for system administrators and security engineers, and does not attempt any kind of stealth.
2cdbc9aa9177b20c2915656098d38b15148d2b34b3fa4e552468f2a90b1d6412
Aesop is a TCP-proxy which supports many advanced and powerful features. It's designed to be secure, fast and reliable. Aesop makes use of strong cryptography (RC4) for all its data-transmission up to the end-link. Another powerful feature of Aesop is that Aesop proxies can be transparently stacked into a secure chain. Aesop is implemented using multiplexing and is therefor fast and lightweight.
506bf2fa186327dec76049ba0d5a8cf7dadc72d8d2ac02a3f29f8a31729d0276
CGIAudit is a black-box debugging tool which automatically audits CGI entities with only an interface specification, the HTML form. Attack types that a CGI script or program become subject to are configurable, as well as server replies that denote a possible penetration success. Other features include a built-in spider, proxy support, and hexadecimal encoding of requests.
d126c77221362b232d8c30d9ff3b6318d53fa438bbc6f491cf482f578d240a23
FreeBSD Security Advisory FreeBSD-SA-02:05 - The pine port, versions previous to pine-4.40, handles URLs in messages insecurely. PINE allows users to launch a web browser to visit a URL embedded in a message. Due to a programming error, PINE does not properly escape meta-characters in the URL before passing it to the command shell as an argument to the web browser.
bd35deff33ef609e251b486734b4b234a56114ded09699be08f3d6b9fa3ad22e
The Boozt! banner management software for Linux v0.9.8alpha remote exploit. Included shellcode creates a suid httpd shell in /tmp. Fix available here.
76e9febe02a80ee5b9f529526ed2bcc8ef743cd4768f9e070b7ca96214e48fe4
How Nmap scans work - This MS word document has information on how some of the different nmap scan types work.
22b9a4cfef68364a9b2ddaa65ca1711e247271b9ab7e8b22d390d178b4512d08
Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Secure Programming HOWTO here.
a5fea5ba068d2b6b32f3f2fba83ef2c4fef29d12194faa7400b55466d2a9d656
Darkside is a rootkit for unix which hides processes and their children, hides files, manipulates uid's, and modifies the tcp/ip stack to hide connections.
eb276d600410c8a211cbf397f2b173e3e4002a0aa9941df781e69f1c181d746b
IRPAS is a suite of routing protocol attack tools which sends custom routing protocol packets from the unix command line. It is very useful for searching for new routing protocol vulnerabilities. Included is a tool for sending Cisco Discovery Protocol (CDP) messages, one for injecting IGRP routes, and a scanner for IGRP autonomous systems. Documentation available here.
6fd6dd1b5ca7eb5e3d6f2d12608a58741756eb2b080c577a322a31af1150b1ce