what you don't know can hurt you
Showing 1 - 25 of 8,938 RSS Feed

Operating System: UNIX

SQLMAP - Automatic SQL Injection Tool 1.5.8
Posted Aug 2, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 6cac13f4e9cef5996f15944cf4d0b0a0
Logwatch 7.5.6
Posted Jul 23, 2021
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
MD5 | 413e40e744c876861249df830a672970
Lynis Auditing Tool 3.0.6
Posted Jul 22, 2021
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: OS detection added for Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS. Added a check for outdated translation files. 9 additional changes.
tags | tool, scanner
systems | unix
MD5 | 23cc369984d564e4a8232473b1ace137
American Fuzzy Lop plus plus 3.14c
Posted Jul 19, 2021
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of changes applied across afl-fuzz, frida_mode, afl-cc, and other functionality.
tags | tool, fuzzer
systems | unix
MD5 | b59357f4afa849fef2cd652c4b0fcaae
Hashcat Advanced Password Recovery 6.2.3 Source Code
Posted Jul 19, 2021
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: 8 hash modes added, 4 features added, and 9 bugs fixed.
tags | tool, cracker
systems | unix
MD5 | 5686240de311baec1e80aff2007eefe9
Wireshark Analyzer 3.4.7
Posted Jul 15, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: A DNP dissector crash was fixed. A reporting issue in the TCP dissector has been fixed. Updated protocol support for STERIX, BT LE LL, DCE RPC, DNP, GTPv2, IEEE 802.11 Radio, LDAP, NAN, NORDIC_BLE, NR RRC, OSPF, pcapng, PNIO, RSL, S101, Snort config, and TCP.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2021-22235
MD5 | 4954b93a4ea4936f2bed5718e44040c5
UFONet 1.7
Posted Jul 14, 2021
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Bugfixes. Added Deploy, SHIP.TV, and Nodes. Modified and updated the Web GUI. Updated documentation, FAQ, and website.
tags | tool, web, denial of service, spoof
systems | unix
MD5 | e0c779fbf429085d555102ea90c5813f
Global Socket 1.4.33
Posted Jul 13, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: OpenWRT related update and merged pull request #50 from hackerschoice/fixie.
tags | tool, tcp
systems | unix
MD5 | 4375e4daa510a89157d89aea0d28708e
Ubuntu Security Notice USN-5008-2
Posted Jul 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5008-2 - USN-5008-1 fixed a vulnerability in avahi. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, unix, ubuntu
advisories | CVE-2021-3468
MD5 | e1c4e764357e853688e9af68baaed741
Ubuntu Security Notice USN-5008-1
Posted Jul 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5008-1 - Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. It was discovered that Avahi incorrectly handled certain hostnames. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, unix, ubuntu
advisories | CVE-2021-3468, CVE-2021-3502
MD5 | 5db45203baefabb1f31e4332da1e0620
Zeek 4.0.3
Posted Jul 7, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Updates added to skip input framework entries with missing but non-optional fields, address a segfault in input framework when reading unset fields, deprecate stepping-stone analyzer events, and more.
tags | tool, intrusion detection
systems | unix
MD5 | 39ec3bcfbe7f179ae042ad2cf424248d
Stegano 0.9.9
Posted Jul 5, 2021
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: stegano now uses Pillow 8.3.0.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 2a196837037c00a130fee783fa5fdca8
SQLMAP - Automatic SQL Injection Tool 1.5.7
Posted Jul 5, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 5948e945a26a4bbfac27ff1b3c111d05
Faraday 3.16.1
Posted Jul 5, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Modified faraday-manage settings. Added a fix to update the minimum version of click dependency.
tags | tool, rootkit
systems | unix
MD5 | 53f71eae8310b3ec430c3a19e72c9ebf
Suricata IDPE 6.0.3
Posted Jul 2, 2021
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Five security fixes, two features, and over a couple dozen bugs have been addressed.
tags | tool, intrusion detection
systems | unix
MD5 | a8879aa127efd5c1bec51a99f3614fdc
nfstream 6.3.3
Posted Jul 2, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: nDPI Performance improvements.
tags | tool, python
systems | unix
MD5 | 8b9512fd508fd78067d5d234cf0e08f1
Lynis Auditing Tool 3.0.5
Posted Jul 2, 2021
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux. Added a check for the MemoryOverwriteRequest bit to protect against cold-boot attacks. A half dozen changes have also been made.
tags | tool, scanner
systems | unix
MD5 | 4da327e2ff8f809891659a0b62145194
TOR Virtual Network Tunneling Tool 0.4.6.6
Posted Jul 1, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: Tor 0.4.6.6 makes several small fixes on 0.4.6.5, including one that allows Tor to build correctly on older versions of GCC.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 7cc00f21c6da776da98d6b92de89e23e
Falco 0.29.1
Posted Jul 1, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 3 minor rule changes.
tags | tool, intrusion detection
systems | unix
MD5 | c815acae6550b3c0ebbf85ffaeea1a07
Samhain File Integrity Checker 4.4.5
Posted Jul 1, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed a memory leak introduced in 4.4.4.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 67ae752dc862c44a941be84fa5513fca
Global Socket 1.4.32
Posted Jun 30, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Protocol upgrade to 1.3 that breaks backwards compatibility. New Key Derivation Method and fixed gs secret length. Added verbosity switches. Auto-reconnect for server added when DNS fails and keeps re-trying until success. Downgraded automake requirements to 2.69. deploy.sh support for Raspberry PI 4b+ (armv7l) added. Debian HURD support added. Various other updates.
tags | tool, tcp
systems | unix
MD5 | 1ac0911273bf892c3d9e6daed8ac183b
Faraday 3.16.0
Posted Jun 30, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Two breaking changes where API V2 is discontinued and the minimum version of python is changed to 3.7. 3 additions, 2 modifications, and 5 bug fixes.
tags | tool, rootkit
systems | unix
MD5 | 7a0af972daebfeaa6f4a131e02f2f29b
Proxmark 4.13441
Posted Jun 29, 2021
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.

Changes: This version brings major improvements to client interface. Added functionality like emrtd, cipurse, st25a, etc.
tags | tool
systems | unix
MD5 | b5922ffee719f55f1f27998a0e1a0ca1
Flawfinder 2.0.18
Posted Jun 25, 2021
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: Fixed SARIF output. SARIF output is new to flawfinder, and there was a subtle error in its generation that causes GitHub to reject the SARIF file.
tags | tool
systems | unix
MD5 | fb2ba5bac1bd8d97fab9ec8847321be6
Falco 0.29.0
Posted Jun 22, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 5 rule changes and about a dozen non-user facing changes.
tags | tool, intrusion detection
systems | unix
MD5 | 938c2ed46ff2f83ca2be4dea36141532
Page 1 of 358
Back12345Next

File Archive:

August 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    1 Files
  • 2
    Aug 2nd
    7 Files
  • 3
    Aug 3rd
    5 Files
  • 4
    Aug 4th
    7 Files
  • 5
    Aug 5th
    7 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close