Mixmaster is an anonymous remailer which provides protection against traffic analysis and allow sending electronic mail anonymously or pseudonymously. It is every unix using citizens civic duty to run a remailer and help ward off the evil forces of censorship. It is a well known fact that running a remailer will make you automatically cool.
724bd6228322c5bb45df892c0a599badd061ab301084e3c8633307fc99865f0b
Cobalt RaQ 4 and possibly others overflow.cgi remote root exploit which takes advantage of a flaw in the Security Hardening Package.
f913bb1392a7292e21f35b8a2b2e99ad39393ff5a90efaf97daf65816f45d436
IDScenter is a control and management front-end for Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
3e34cc0d12317b233581fcb0f47de17fb2333adc34a812338c0767ba5ffc2916
LSA v1.1 for unix, linux, and windows is a tool written in PHP for testing PHP and system security settings, virtual hosts, and local accounts. You can write own plugins for LSA.
feb0d191c50922e7a9a0b76ba3a7383caaf36975d91f3e8d50a64a70e0b2779e
Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 920 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.
c5f72886ac756dd1c7cc41addfad86459d102cc879a2a069911aebaad8bc10a8
Denial of service exploit for SSH servers and clients from several vendors containing vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more. Includes binary files which can be sent to ssh servers or clients via netcat.
6b89b3721c386cfd26123193715b84e647d2b13cbc7c5337faa63bea2c1ae80e
Rapid 7 Security Advisory - SSH servers and clients from several vendors contain vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more.
4e0095d93035f5f570e62c687c4ba8324db7f74b95ef0d6aad64c3c1651a3e9c
Trojan /bin/login.
08a2db6a5fd39499b85f17438742623ff3cc30354aa3f5a797831cc0f0b5cfc9
Sniffdet is an implementation of a set of tests for remote sniffers detection in TCP/IP network environments which is composed of a flexible and easy to use library and a console application to run the tests. Major features include several tests for sniffer detection, configfile support, output plugins, dropping of root privileges, and documentation.
d1a39149fd6df19b4cf2c4cbd3dd5de613041518332127b53f686baa71aafa01
MAC Changer is a utility for viewing/manipulating the MAC addresses of network interfaces which can set specific, random, vendor-based (with a 6000+ vendor list) and device-type-based MACs.
33260108e09bc83a2caecac008f2bfb7c786d7cafc660656cf49482f2f096854
SMTP map uses fingerprinting to scan for the version of SMTP server software which is running on a machine.
fcf9afa36d3a1e2accd4efd30a8b63a168d372cfdcc4557b443f9f0b780b503b
Dnshijacker v1.3 is a libnet/libpcap based DNS sniffer/spoofer. A versatile tool, it supports tcpdump-style filters that allow you to specifically target victims. DNS answers are forged based on entries in a 'fabrication table' or by simply forging one answer to all requests. DNS Hijacker is an excellent tool for blocking and removing advertisements at the network level. The package comes with a default rule file for blocking about 780 known ad servers, as well as instructions on how to incorporate with RRDTool for ad blocking statistics generation. Archived prank: here. Future versions will be ported to use Libnet 1.1.0.
4040cb211860bec4dd43af09e157da25ebd20189d35884c11639d281ef7cd16a
Floppyfw is a router and firewall on one floppy disk. It uses Linux basic firewall capabilities, and has a simple packaging system. It is ideal for masquerading and securing networks on ADSL and cable lines, using static IP, DHCP, and PPPoE. Installation involves editing of only one file on the floppy.
c9d84925342881f9d180cb00e5e0f9e349a16a4960a038a2120ce5d0e89e78c5
Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. In addition to filtering requests, it also can create Web application audit logs. Understands regular expressions and POST payloads.
4d45450773939db6dca6056dad88a34d0932f9d82ee354d101155e92083157de
SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a RIP, RIPng, BGP, TCP, UDP, ICMP, or raw IPv4/IPv6 packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.
f39a533fe455e12decaca426dbdb8a1381e15957767d6bc9405c6418553104bf
Tcpreplay v1.3 - Tcpreplay is a set of tools aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.
a1b60f3a733858855133529bde413965f2d6db81ee81f256f5eeda38a92f98c9
Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion and includes a web interface.
04828ac21f6f4cc514215852af2b4354eaab8b0bc7ec2ac84b9b387bb91daf6f
Process Monitor v0.23 for Linux is a small kernel module that allows you to watch all programs executed on the system. It is useful for generating full listings of programs (and their supplied arguments) run by potentially dangerous users on a system.
925ec438e183031f4d96030d9759a85aefd0c33c7d5dd0ef3b2c6cce26c34756
Zyxbrut.c is a brute force program written for the ZyXel router telnet service.
09a2e8873fc29128a79a933087fd6b993b20bc25a6fb311b7d0228b7d714db16
Obstruct.tgz is a denial of service attack against IRC servers. Warning: Code was found on a compromised machine, use caution. Opens a IRC server port on the target +machine and sends SERVER You_were_owned_by_obstruct.c 1 data and then loops again and floods the server. Floods all of the open sockets on the server until it can no longer accept connections. Floods the IRC Operator server notices so that the IRC operator cannot view legit traffic.
438e11ef32a07129806dc28198dbf61dfaa6361de812ac75e0d0fec11e649929
EEye Security Advisory - During a review of the PNG image format implemented in Microsoft Windows, pngfilt.dll, serious vulnerabilities were discovered related to the interpretation of PNG image data. The more serious bug is a heap overflow which can be exploited to execute code when the malicious PNG image is viewed. IE 5.01-6.0 is vulnerable, along with the IE web control for Outlook, Access 2000, Backoffice, Microsoft Visual Studio .NET 2002, Office 2000, Office XP pro, Project 2002 Professional, Publisher 98, SNA Server 4.0, SQL Server 7.0, Visio 2002, Visual Basic .NET Standard 2002, Visual C, Visual C++ .NET Standard 2002, Visual FoxPro 7.0, Visual Studio 6.0, Windows 2000, Windows 95, Windows 98, NT, and XP. Microsoft advisory is ms02-066.
f11b994b879980c3165d71f5cef07811d6d5feb5f65c16286a58a35a2b0cacf3
The MySQL database versions <= 3.23.53a and <= 4.0.5a contains local and remote vulnerabilities allowing remote attackers to bypass the MySQL password check and execute arbitrary code with the privileges of the user running mysqld. An arbitrary size heap overflow within the mysql client library and another vulnerability which allows '\0' to be written to any memory address allow DOS attacks against or arbitrary code execution within anything linked against libmysqlclient.
b385bbffd26b7aac37dec468afd6558f47557fa4ccb25456b032f8f0f3e77828
A heap overflow has been found in Fetchmail v6.1.3 and below which allows remote attackers to execute code with the privileges of the user running fetchmail on Linux. It is a denial of service vulnerability on BSD. Fixed in v6.2.0.
00367f13a6c9121041c44e2a0b3582239a66f54aeae1714fc5cf1dc427242f38
Web Hack Control Center is an administrative tool that scans web servers for known vulnerabilities. Scans HTTP and HTTPS (SSL) servers, and it's exploits database contains over 1500 vulnerabilities. WHCC can be used as your primary browser or be launched from Internet Explorer.
4ed49210b62bc99ca619b59ab8b64bf528871e8dc7d905737ece72d9bbcdd912
SuSE 8.1's "gfxmenu" which is configured into GRUB by default on many machines allows the user to pass in additional kernel boot parameters without entering the password, allowing users who can locally reboot the machine to easily spawn a root shell.
8835b98c7e6cc1122e66d91619047a0fcc3b5ad373a989202c6f9b7dbbe592f8