Syscall Tracker is a powerful tool for Linux 2.2 and 2.4 which allows you to write rules to track system calls. Currently only logging the invocation is supported, but in the future, you will be able to fail the system call (i.e. force it to return some error code), or suspend the process executing it. Allows you find out info that is hard to find, for instance to determine which process touched a certain file.
285a707cd25909f1e0882fb55f785dc10285b821c910327d64feea4091004ac5
Knocker is a simple and easy-to-use TCP security port scanner written in C. It is able to analyze hosts and the network services which are running on them. Knocker it is available for Linux and Unix platforms. Both a console version and a GTK+ version are available.
2db8aae36f6a9dcdb90c260df0e113add22932a1bde2bcd311ceafdde4df09cb
The Anomy mail sanitizer is a filter designed to block email-based attacks such as trojans and viruses. It reads an RFC822 or MIME message and removes or renames attachments, truncate unusually long MIME header fields and sanitizes HTML by disabling Javascript and Java. It uses a single-pass pure Perl MIME parser, which can make it both more efficient and more precise than other similar programs and has built-in support for third-party virus scanners.
bf2a5e302454c5dee5adcfb683fdd11d6d40f054cf17d5741ce71fe4d145508a
Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
715d178b2057f3d69a78c3fe750e6eaf936143c7fa2965ce00393c50f0dec8ad
AOL Instant Messenger remote buffer overflow exploit. Affects AOL AIM for Windows stable v4.7.2480 and beta v4.8.2616. Over 100,000,000 users affected. Included shellcode shuts down the AIM client.
8720c24ba34092c4259dac1c30012a1a280c1dcffb617e2d23c9a40f5dd53caa
Nemesy v1.3 is a denial of service attack tool which generates random packets with spoofed IP addresses. Run on Windows 2000/XP/NT.
14d7b2868bc32217c62111d8bd12984c88447855888952e2bade63fca046ae2a
Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
45425b31c5653367a2be481e0a94b8c8246a0daa793a65aa948c6610cf1e0058
Mutt is a small but very powerful text-based mail client for Unix. This version is a remotely exploitable security bug fix.
8fb1001a9b5beaa3edcd57cfecebdd30c916ff1862841ddcc8779da31ecce396
Ngrep is a powerful network sniffing tool which strives to provide most of GNU grep's common features, applying them to all network traffic. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
e2206363a4ed14796f5e0fec36ff601014deea0f137d05764f3fff2beb811390
ngrep-lib is a packet filtering library based on ngrep which provides an easy interface. Instead of having to worry about pcap options, syntax, processing of IP packets, etc. you can just initialize and run, letting callback functions handle the rest.
dd21ffc63ca2f524d3c392da02f228d3ec1ee1edf400472364ff32e2bda092a3
twlc logo
4bda0b4a3fc3c22022e033d7c302b65ce2a5d00d65841e0f1e0ebe6756af3a5d
The TWLC packet sniffer for Windows 2000 / NT / XP is an advanced packet sniffer. Features filtering rules, dns lookups, interface selection, and more.
602ef49617e7b67fdd6c18e6ad21edadc19a2ca95683eff61c2cf75e65f0bc72
Zml.cgi contains remote vulnerabilities which allow any file on the webserver to be read. Exploit URL included. Tested against Redhat w/ Apache.
6d40c76de451527396ba0f48085fe01aab2b6d9b276d6f9f09050504dc27383e
Netscript is a portable and lightweight tcp socket scripting tool. It is intended to allow anyone to script situations based on a word-to-word ruleset response system. Includes wildcard support, character replacement, random replacement, argument inclusion, server timeout, initial send, display altering, multiple character dump formats, telnet protocol support, logging, program to socket dumping, executable ruleset support and reverse binding among other things.
edf0b8bc95b90258a45286fbaed4493dcce1e54f04943f7e2c6d5056bc37137a
GuardDog is a firewall configuration utility for KDE on Linux. GuardDog is aimed at two groups of users - novice to intermediate users who are not experts in TCP/IP networking and security, and those users who don't want the hassle of dealing with cryptic shell scripts and ipchains parameters. Features an easy to use goal oriented GUI and the ability to generate ipchains scripts as output. Screenshot here.
4ef09db5eed1bb37ed11d1e01fd4f1b35d25f89580e6101ed896e00b582742fc
Stegdetect is an automated tool for detecting steganographic content in images which is capable of detecting several different steganographic methods to embed hidden information in JPEG images. Currently, the detectable schemes are jsteg, jphide, and outguess 01.3b.
0a55fba890f0509123d35253f1df3ab4af719702fe332f5e646d2e9b128895fd
The Linux Port/Socket Pseudo ACLs project is a patch to the Linux kernel which allows the admin to delegate privileges for some protected network resources to non-root users. The ACLs are generally used to run untrusted or insecure applications as an unprivileged process, thereby lessening the impact of some undiscovered denial of service or root compromise. The ACLs can cover protected ports, raw sockets, and packet sockets.
f3044650b989aa1622fafd25fa767ae735ae483fc9ca789e7def51b67bbbaae1
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
c0eae19ccc0a2b8b04316c1ea5b8ea4f5243dd6899ac6ae192dc9fb0388a2388
Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code. Windows binaries available here.
28df35d2fcb7c0d974d426adc071127afe562dd44ccd3feb96d50673456d30ec
IPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.
c13071ff7153f3859da08e4f0c7479173478886220eda4d5d0f31df2b4e9651a
Serial Line Sniffer is a serial port logging utility. It listens to the specified serial port and logs all data going through this port in both directions.
fbd93cddc7a46f5a137e6f2b2e10e846be16556845747fcdfa2e1cdc57a8b96b
Netmap makes a graphical representation of the surrounding network. It uses traceroute to make a list of all routers and their interconnections, then generates a .dot file. You need the Dotty program to view the graphical representation of you network.
06327965bd586a8c243999ee748dba425bd1da6a37e8b6af11476a6563cbfbdc
Remote Nmap is a python client/server package which allows many authorized clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all their scans come from a dedicated machine.
0025af5b43af78cd772e89701dcc75ae882dc11256c4d2ea1247778fbdb78df3
fwmon is a firewall monitor for Linux which integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and does not need to run as root.
d72ce9dc87a9d020e195d8cdb29ec33eed8e1ab84b41b16786b5af94f63c7afe
The sniffer project is designed to be an extremely powerful, configurable, and versatile tool for monitoring network traffic. Uses a ncurses interface.. It can be used as a plain sniffer, as a tool for accounting, dynamic firewall updates, and many more things. It features scripting support and an event-driven architecture.
78a9467c7a3edcf604d2a7e1a0854b9e348eb86705f43e4686cf2ac001ec2b8d