pcds is a Perl script written to monitor processes on a system and report changes.
5f198c35bda7d05c078a7a683a87be3ceb477bc374af209b621c46a0a2c6e406
Env_audit is a program that ferrets out everything it can about the environment. It looks for process IDs, UID, GID, signal masks, umask, priority, leaked file descriptors, and environmental variables. It comes with test configurations for anacron, Apache, atd, crond, GDB, inittab, logrotate, PHP, pppd, procmail, rsh, rxvt, Sendmail, SSH, stunnel, sudo, xinetd, and xterm.
2ded505c9776412372ae67832707fe5e29399cee84b389c485c1bfc340a0fe2c
Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It features support for multiple interfaces, TCP/UDP/ICMP control, masquerading, synflood control, spoofing control, port forwarding from specific interfaces, VPNs, ToS, denying hosts by IP or MAC address, ZorbIPTraffic, Spyware list IP, Pre/Post scripts, log options, and more. The firewall is able to launch custom iptables rules, and the configuration of the firewall is assisted by an optional, interactive, curses-based Perl script.
7cebbf7fd1aa9923bb8d2fa34d7818752a7195080fb0c036e19ab4e96350b332
Whitepaper detailing how to successfully patch the linux kernel in order to allow ptracing /sbin/init, and subsequently inject a connect-back shellcode into the target process. Patch code included.
8f53ec04bcff41e9accc09e517f1377b092c491fe8ae8d1ad5bb913474b9c162
Exploit code that makes use of the showHelp() vulnerability found in Microsoft Explorer versions 5.x-6.0. This file must be renamed with a .html extension to work.
df1ca6fa1d9d5d0313b50e8210ed14c64f175b0dd2ee7b9c9100c8e99159e329
A flaw exists in Microsoft Internet Explorer 5.x-6.0 that allows a remote attacker to execute a file using chm in showHelp().
74dacbfe84a67a971cd82b2d9a84831f67dbb9786abc754990bc01ccd23a36b1
Gallery versions 1.3.3 and below suffer from a cross-site scripting vulnerability in its searching functionality.
3b40870b0304d5f379e4c14f009bb9a9df94a16511285d52a426f305dbde5f76
php-ping improperly filters user inputs, allowing for a malicious remote attacker to execute arbitrary commands as the webserver uid.
eb4c1e1ec0ead88df0513af866db209a8221dfe268483b81a69311c05b77cf3a
Alt-N Technologies MDaemon Mail Server versions 6.52 to 6.85 suffer from a remote buffer overflow in its raw message handler. Sending more than 153 bytes in the From field to FROM2Raw.exe creates a raw file, that when processed by mdaemon, will cause a stack buffer overflow.
4daf75c0f5e15aad52aebd515291656487a499b4fb5e7b31fe3229b19871d00a
The Landesk Management Suite versions 8.0 and below suffer from a buffer overflow in their SetClientAddress function inside of YAUTO.DLL.
5a625063a7cfb000b398dba689f5dbde9099a3be80474bd16b2c97f3b3361e10
The QuikStore Shopping Cart suffers from directory traversal vulnerabilities that allow a remote attacker to gain access to files outside of the webroot and also discloses installation path information on error pages.
1909b9205f8e858593bf6fbdf9e7a9ba9e814a40508c1059dd391f12655794d9
Opera versions 7.22 and below allow for a remote site to overwrite local files during temporary file creation due to a lack of sanitizing filenames.
60c29d87a6f9de9b85286c7f945db2574fa8ee1f7e1c33632321555b1477c9ea
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
0bb7a8d015a1f2cc56d65197e31374fa0fec10870324898559b13a6b6923f7c4
Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.
191f6a9725e1d3015a41cc4c7207d9959ff3d140fa59f49644b3ec059fa1d540
mysecrep version 0.8 generates an audit-report from the syslog messages from snort, pcds and samhain, thus covering a whole range of security-tools, packed in 1 report. The report written is to disk and send via email. Written in Perl.
0df458bec8eacdea74ecd5c7d843a9bce89a4fe855d42ea37e933e4ea92037f3
Bilbo is a wrapper for nmap which makes it easier to scan lots of machines or networks.
d69982957f0f54d4ceae216094b518432c1528519f150e2a4d95575a51cece53
43-byte linux x86 shellcode which does the following: setuid(0);chown("/tmp/n2n",0,0);chmod("/tmp/n2n", 04755);exit();
c9cfe186139032a40d3f9ddb38c191be71b284f24d4febdc1da027d250896d17
Gspoof is a GTK+ program written in C which makes easy and accurate the building and the sending of TCP packets with or without a data payload. It's possible to modify TCP/IP fields or the Ethernet header.
65f12bf8ca23d3fa6af0cedda4fb6c28c955a909e1787bd5dda14404a0280019
Xlcrack is a small tool to recover lost and forgotten passwords from XLS files. Works on most Un*x systems, but it needs libgsf, most commonly installed along with Gnumeric. Some newer XLS files are not suitable for password recovery using this software.
ae2fbbc185ad866a37135c142e56280d3648ddc60eb4dc5ff19437556b2f7c54
Vampiric Shellcode - Url Download + Execute for Win32. Vampiric shellcode links to system DLL's so create shellcode that works on many different service packs, more information here.
201361e794813ba49cea12713cc3fdc15fb0b13f46867a91505a6cd6886b717d
IMSPd v1.7 and below remote root buffer overflow exploit which takes advantage of a bug in abook_dbname(). Tested against IMSPd 1.7 and 1.6a3 under RedHat 8.0. Fix available here.
dc0aa6e93e9bb6463287bd22ecb1839942ead074a40a8c08959583111f75ac38
CGI hacking tutorial which explains how to find many vulnerable systems using google and contains an awful lot of URL's.
8f5bd59a5a7375fa7149f34226f9495228de9311afd316ccfc4005837cc4449b
Exp_unix2tcp.c is a local exploit for unix2tcp below v0.8.0 which gives root access if unix2tcp is setuid, which it is usually not. Tested on Redhat Linux 9.
090081e4d5414fd808dae2631f05e4e974bba1a9cb222618b3b73d8dbae56e84
Reducing human factor mistakes.
99ea04714acb22ad5f76d9890154aea28225a30990fa7a573ab431a1c1e1961c
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.
5ee9d66059fc15346bb7105eacba1628035dc38a3712759132700c61a273e02a