Buffer Overflows, A Peek Under The Hood volume 1.0.
9eaf05f8362d22a0b73eaaf7d58cdaa5d6a3c3636a1c75ed9b16d5f05e22995e
Whitepaper discussing the hardening of Windows NT.
c3dfdf7d4262a082864c40fbf2504b64c0e76d0094696de67110b38577ff0649
Mozilla Firefox versions 1.5.0.6 and below FTP request remote denial of service exploit.
29158aabba36243f80608348099a937a43674e96180a7f541c9d4fe20cce4c7d
Ay System CMS versions 2.6 and below remote file inclusion exploit that makes use of main.php.
04fa6a3f1ba3cbfae46eb756ea4a7dfd0c34273c579e7f01f1597890162318f0
AlberT-EasySite versions 1.0a5 and below remote file inclusion exploit.
d811136f90f8b4cbe52c8c0b824f86f8458ae21e3fb0bccd01e39a399acedde2
iziContents versions RC6 and below GLOBALS[] remote command execution exploit.
da9ecf7a594f63af2a654ce2aa0123bae9cad4a81f56b6ef95fddafc641bfff9
CMS Frogss versions 0.4 and below remote SQL injection exploit.
8f056c3f53e60459a9f8aee27d1de152b6906374d39751a909899b908e68e362
proManager versions 0.73 and below remote SQL injection exploit that makes use of note.php.
4ca76fcbb5c8a99109d9898e626f0b71af92235dce282eb6015fd615c4cae6af
MDaemon Pre Authentication (USER) heap overflow exploit.
4f7b94833ece72e52aeb28060f38d879ff856d35732f73e066575bfd5ed1d323
WFTPD server version 3.23 (SIZE) remote buffer overflow exploit.
7914ac75638a3567f909d4690b5f4cdaefdeaf62139121344bbc3778b0a2c588
Easy File Sharing ftp server version 2.0 remote proof of concept exploit.
600f9e36332033b9a64f2b63f27cdda2ed523db9b876baee3ee689a3652e8f64
Solaris 10 sysinfo(2) local kernel memory disclosure exploit.
5940985dbd705d25f0e8e2e9a0793925f1088d66be78e5ded502f4a3dc5c930b
Solaris 8/9 /usr/ucb/ps local information leak exploit.
b5f9e867779f3d6340fa1360745ea8ba7345564303423f3b0d65862cca1e54aa
Microsoft Windows CanonicalizePathName() remote overflow exploit that takes advantage of the flaw listed in MSO6-040.
158a3dd8d371a340f74afd8702d94c69580ff12d0f850c787ee6fc18023b54b5
Cyrus IMAPD version 2.3.2 remote buffer overflow exploit.
e97d089ebdd394dfc51151fb89917883a89c603cb0b2544a42d70a648c490ee6
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
2a3899771c00f051d7727359f8ee6eda5029e7d144804e29f8c6743bb5558211
SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.
bc9be41388b926fe04e12354bcbe48d7fff95e0e6da992ec78240b1edb8c7966
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
174a1756727e8a70ce5608c6f412ecc89544c67b602215c1252df8e4a3c34d10
Bob the Butcher is a distributed password cracker. It is built around a client/server system. Cracking speed scales linearly with the number of connected clients. It is designed for efficient cracking resource usage. It will handle many password files at once, aggregating passwords as much as possible.
8e5b5cd9dbc6d44ba2d7227a9394e95e0aec3658a717dc238f6a8330049dc772
Mandriva Linux Security Advisory MDKSA-2006-144 - A vulnerability was discovered in the sscanf function of PHP that could allow attackers in certain circumstances to execute arbitrary code via argument swapping which incremented an index past the end of an array and triggered a buffer over-read.
27b45dcd8372f72fea0d4fd25b88bce88512c8471099e265a30d6562d961168e
PHProjekt version 0.6.1 suffers from a remote file inclusion vulnerability.
ce21e85ac141c2bc22beae6eb981bc00e0ac5228e572a6fa014d651243657013
Internet Explorer crashes due to a mishandling of multiple COM objects.
086cfa2e6e24d12573c614c495c75d26362cbb05e9956afc4f1da67d7f8ebf9f
VeriTECH suffers from a remote file inclusion flaw.
5de400036a47cacb9eb342d17f01cbc5939ab34d84a21742a0b1782a868d5542
Plume CMS versions 1.0.6 and below suffer form a remote file inclusion vulnerability.
fa2ad74956ac15e96fd97fc5e285e96b3782bfdf2eaccd142c6d5c1cf86a05a5
CIHwBT is a Bluetooth Security Framework for Windows Mobile 2005. Currently it only support some bluetooth exploits and tools like BlueSnarf, BlueJack, and some denial of service attacks. It is intended to work with any pocketpc with the Microsoft Bluetooth Stack.
76cd8d019d70f7df9b65a66529fee1dfb7bba5e547b285939b7c838a3902fead