This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
727f73aabdf0b6d72593d180e804f541fb36f1f40739e673759e1b056b8b6d05
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
cae5777dcb6296d1502d4682bf0ebcb872305f2760d1ed39d4a053add24c2ca7
Remote denial of service exploit that can be used against systems running Apache Tomcat (versions prior to 4.1.10) combined with IIS.
043c0addeb744916f1adaf2509fab1aa991eccdb5964f7da4bfc631b11bcf742
Gentoo Linux security advisory - A vulnerability found in certain nss_ldap configuration can result in a remote exploitable buffer overflow condition. This affects nss_ldap packages prior to version 199.
a2cdd71b5e0d272c696cfd16a1cd84c49133ce730b039733785789668ede43a3
Fake AP 0.3.1 generates counterfeit 802.11b beacon frames with random ESSID, BSSID (MAC), and channel assignments. Wardriving tools like Kismet or NetStumbler will see thousands of Access Points pop up on their screens. Fake AP can be used on its own, as part of a wireless honeypot, or form a component of an 802.11b security architecture. Runs on Linux and requires a Prism2/2.5/3 based 802.11b card and the HostAP drivers.
08fc31368a3ed1ee0ede7517ae1f603899e24e3e7347c007f62483011a1526d0
This is an exploit for AnalogX Proxy 4.10 configurations running on Windows 2000 Pro (SP2). The exploit binds a shell to port 8008 TCP.
582fa891ee5a370435743a3a0e5deb03ce954647910647760adaee22d12feaf3
KDE Security Advisory - A directory traversal found in the kpf file sharing utility can be used to remotely disclose local files from systems running this software. The vulnerability is caused by a feature that was added to KDE 3.0.1. The KDE developers fixed this issue in the kdenetwork-3.0.4 package, which is available here
28daa7c16d85c1f69adb4f59d92872fa50b7f3a3e20dd127100e08766297b067
KDE Security Advisory - A buffer overflow reported by iDEFENSE to exist in gv also affects Kghostview. Abuse of this vulnerability can be done trough a specially crafted .ps file and may lead to arbitrary code execution. This affects all Kghostview versions released between KDE 1.1 and KDE 3.0.3a. The KDE developers fixed the vulnerability in the kdegraphics-3.0.4 package, which is available here.
969c73ad52801821a3db29e61dd2734a11764b7c84f517d695c246b2bf8f4cce
Mixmaster is an anonymous remailer which provides protection against traffic analysis and allow sending electronic mail anonymously or pseudonymously. It is every unix using citizens civic duty to run a remailer and help ward off the evil forces of censorship. It is a well known fact that running a remailer will make you automatically cool.
23a532bc84fba9de9cbcab4059b39631ecf80adeabb8e73a24bb1e91eef1039e
IPTables log analyzer displays Linux 2.4 iptables logs (rejected, accepted, masqueraded packets...) in a nice HTML page. This page shall be easy to read and understand to reduce the manual analysis time. This page contains statistics on packets and links to more detailed information on a given host, port, domain and so on. Screenshot available here.
a5d08e672ac6499ce70ab6da12b65623867d8216be400b33af3e3843502c33c6
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
2d15c7b3b757f83f0d791ef2e19b3418195dee4efcae5dd0157e2db4b9d5c318
Arb-Scan is a remote banner scanner, written in Bash and Perl. It currently supports ftpd, sshd, smtpd, domain, finger, httpd, pop2, pop3 and imapd banner checks. It features IP file reading and logging.
671202d06bfb194726ef27136c42677d520e6434654ff46a1daee729973654e1
Rapid 7 Advisory R7-0006 - Oracle 8i/9i Listener SERVICE_CURLOAD Denial of Service. Oracle 8i (8.1.x), Oracle 9i Release 1 (9.0.x), and Oracle 9i Release 2 (9.2.x) can be crashed via the SERVICE_CURLOAD command. Fix available here.
c3f7eb6deb3d0642c420524eaf6a2d34915d5bfd56f39c76f63c3b9b6b262ccb
Mod_ssl off-by-one bug exploitation toolkit for OpenBSD. Creates a malicious .htaccess file which replaces the apache server process with an included HTTP server.
a346c7fbb1e47b293c3ddfa1d114907bec57437d480d6713700617dd05998c97
Remote exploit for the Eudora v5.x boundary buffer overflow. Works against Eudora v5.1 and 5.1.1 and is independent of Windows version.
90633dbef55dd736ab63d71a19ed60653fd9362cdb28994ff53c4c53cd5917ab
SPIKE proxy is a web application analysis tool which uses the SPIKE API to help reverse engineer new and unknown network protocols. Provides security analysis features for Web applications, a multi-threaded design, man in the middle SSL proxying, form rewriting, SQL injection detection, handles Connection: keep-alive properly (it is possible to log in to Hotmail with it), and rewrites User-Agent to pretend to be running IE. Requires pyOpenSSL pre 0.5 from the SPIKE Web page. Several working examples are included. Screenshot available here.
7e60aa2ee5f63e45aef6983e693d49307392415159e2911380a829d8738ba7df
Windows Help Buffer Overflow proof of concept remote exploit in Visual Basic 6. Starts a cmd.exe shell on Microsoft Windows XP Kernel Version 5.1.2600.0. Includes source.
88652c46f902e3a45513ed5b3621c9a85303a6fc3186232bbef5b01d5a4f5559
Linux Traceroute v1.4a5 and below local root exploit which takes advantage of a malloc chunk vulnerability. Uses gdb to find offsets.
2b8d9dac84e0f7dd993e19acd912184417a595f94fb1481ffc67eaa6c492e43e
SNORTRAN: An Optimizing Compiler for Snort Rules White Paper. Snortran is an optimizing compiler for intrusion detection rules popularized by an open-source Snort IDS. While Snort and Snort-like rules are usually thought of as a list of independent patterns to be tested in a sequential order, we demonstrate that common compilation techniques are directly applicable to Snort rule sets and are able to produce high-performance matching engines. SNORTRAN combines several compilation techniques, including cost-optimized decision trees, pattern matching precompilation, and string set clustering. Although all these techniques have been used before in other domain-specific languages, we believe their synthesis in SNORTRAN is original and unique.
79565a4a31e7863d80bd74da1b3844a33f94cd89b699d40cbe776f5b712cb9d5
ICMP-Chat is an encrypted console chat program that uses ICMP packets. ICMP-Chat uses enigma (crypt) for encryption. It is a peer-to-peer chat program that enables you to hide your chat or to chat through many firewalls.
f7d58d7d0091f083fb97d412c6673ca85a83744c123f900ee30eb207636551e9
Open Source Digital Forensics Tools: The Legal Argument - This paper addresses digital forensic analysis tools and their use in a legal setting. To enter scientific evidence into a United States court, a tool must be reliable and relevant. The reliability of evidence is tested by applying "Daubert" guidelines. To date, there have been few legal challenges to digital evidence, but as the field matures this will likely change. This paper examines the Daubert guidelines and shows that open source tools may more clearly and comprehensively meet the guidelines than closed source tools.
1dea4d20683fc6e458972fda2847864b0e3cc1d23d2688366a4a7f52018805f9
Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 920 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.
137fb63a1878c777037c43c00d4c8257fbca749f58c5ef5c1c5701b0cf114b98
The Solaris 2.6, 7, and 8 /bin/login TTYPROMPT remote exploit compiled with Cygwin for Windows. Tested against SunOS 5.5, 5.5.1, 5.6, 5.7, 5.8 Sparc and SunOS 5.6, 5.7, 5.8 x86.
aa6b179ece825f6a33fea415b76244d8566d05ba0d2235f548323fc532522bbd
Spastic is a TCP SYN flooder for Windows 2000/XP which packets with random source ip.
e9a3efe503a99899cc3e309ca8602155a7b54f18b5827bb2f169038c7efea0ea
The Legion 2000 Banner Scanner picks up banners for ssh, ftp, telnetd, wingates and more.
f0c4fce87e59a139f6bcd2167bd1fc39e797801ae92e98dd2d137fcfd3b60b80