what you don't know can hurt you
Showing 1 - 25 of 8,991 RSS Feed

Operating System: UNIX

Wapiti Web Application Vulnerability Scanner 3.0.8
Posted Nov 30, 2021
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: The CLI now prevents users from using -a without specifying --ayth-type (and vice versa). The Crawler has upgraded HTTP related dependencies (httpx, httpcore, httpx-socks).
tags | tool, web, scanner, vulnerability
systems | unix
MD5 | d16678275276e57e0216828d1a0ff611
Stegano 0.10.1
Posted Nov 30, 2021
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Stegano now uses OpenCV Python 4.5.4 and Numpy 1.21.4.
tags | tool, encryption, steganography, python
systems | unix
MD5 | ba5f065122e2745f996d5c5644d6eca8
Photon OSINT Crawler 1.3.2
Posted Nov 30, 2021
Authored by s0md3v | Site github.com

Photon is a relatively fast crawler designed for automating OSINT (Open Source Intelligence) with a simple interface and tons of customization options. It is written in Python. Photon essentially acts as a web crawler which is able to extract URLs with parameters, also able to fuzz them, secret AUTH keys, and a lot more.

Changes: Added support for SOCKS proxies and rotating proxies.
tags | tool, web, scanner, python
systems | unix
MD5 | 70db0aab74cde1b568f6a9d177b18281
Red Hat Security Advisory 2021-4782-01
Posted Nov 24, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4782-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a privilege escalation vulnerability.

tags | advisory, protocol
systems | linux, redhat, unix
advisories | CVE-2021-41617
MD5 | 651c4bdb52f066e8bdc61fef27afbafc
Wireshark Analyzer 3.6.0
Posted Nov 23, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Very large update with changes to the display filter syntax, packaging, many new protocols added, and more.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | d8aa90ed29c4136e076627b527083e0c
Hashcat Advanced Password Recovery 6.2.5 Source Code
Posted Nov 22, 2021
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: 5 hash modes added, 6 bugs fixed, and over a dozen additional modifications.
tags | tool, cracker
systems | unix
MD5 | da67193872c00093a95dc5a0a9583563
Packet Fence 11.1.0
Posted Nov 19, 2021
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: PacketFence v11 now fully supports multi-factor authentication for its captive portal, CLI and VPN. Advanced integration with Akamai MFA is now included as well as generic support for any TOTP solutions. A few new features and over two dozen enhancements and bug fixes.
tags | tool, remote
systems | unix
MD5 | 7d06527c96a3ffc5446d643fdd2870c8
Wireshark Analyzer 3.4.10
Posted Nov 18, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Large amount of bug fixes including 8 CVEs.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2021-39920, CVE-2021-39921, CVE-2021-39922, CVE-2021-39924, CVE-2021-39925, CVE-2021-39926, CVE-2021-39928, CVE-2021-39929
MD5 | 907514ab422700621a2e91196360125f
Suricata IDPE 6.0.4
Posted Nov 18, 2021
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: A couple security issues, a few dozen bugs, one feature, an optimization, and a task were addressed.
tags | tool, intrusion detection
systems | unix
MD5 | 6ef0583bbd771e80eae7d928d7735f02
SQLMAP - Automatic SQL Injection Tool 1.5.11
Posted Nov 17, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 53a126404f92d407fdb8048255fb05f9
Red Hat Security Advisory 2021-4393-03
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4393-03 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems.

tags | advisory
systems | linux, redhat, unix
advisories | CVE-2020-10001
MD5 | e5fadaf5ff19fc6d089d1f27031ae2cf
Red Hat Security Advisory 2021-4368-04
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4368-04 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include an information leakage vulnerability.

tags | advisory, protocol
systems | linux, redhat, unix
advisories | CVE-2020-14145
MD5 | 5eae4d505ced124ba3e1ca002ebc9bfa
Faraday 3.18.1
Posted Nov 5, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed a CVE issue.
tags | tool, rootkit
systems | unix
MD5 | 722c8f241b6d1f5846adb421bba0a405
Clam AntiVirus Toolkit 0.104.1
Posted Nov 3, 2021
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.104.1 is a critical patch release. Fixes added to FreshClam and ClamDScan. Overhauled the scan recursion / nested archive extraction logic and added new limits on embedded file-type recognition performed during the raw scan of each file. Fixed an issue with the FMap module that failed to read from some nested files. Fixed an issue where failing to load some rules from a Yara file containing multiple rules may cause a crash. Fixed assorted compiler warnings. Fixed assorted Coverity static code analysis issues. Many other fixes and improvements.
tags | tool, virus
systems | unix
MD5 | 49b9bb94d5b2cafc761f8fbe660d3bfa
GRAudit Grep Auditing Tool 3.2
Posted Oct 29, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed a compatibility bug in misc/serializephp.sh. Updated PHP rules. Updated Java rules. Updated fruit rules. Updated secret rules. Updated default. Updated android rules. Updated dotnet rules. Changed misc/gitlog.sh to an interactive format. Added *.map to files that are ignored unless -A is used. Fixed line endings in some rule files. Altered some error handling slightly.
tags | tool
systems | unix
MD5 | e7a0ee30bb39abd292ddae5f8dd68608
TOR Virtual Network Tunneling Tool 0.4.6.8
Posted Oct 28, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This version fixes several bugs from earlier versions of Tor. One highlight is a fix on how they track DNS timeouts to report general relay overload.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | e65cbb78aece2c135f635970e555506a
Zeek 4.1.1
Posted Oct 27, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Two security issues and four bugs have been addressed.
tags | tool, intrusion detection
systems | unix
MD5 | 6e293fe8631db190609b584b03f76f3a
Faraday 3.18.0
Posted Oct 22, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Removed attachments in vulns filter endpoint. Added open and confirmed vulns in workspace stats. Added user id to session API endpoint. Added cve to vulnerability model. Changed funcs to views. Fixed report import. Added last_run_agent_date field to workspace endpoint. Fixed cve parsing in vulnerability create and bulk create. Fixed order_by in filters api. Fixed 500 status code with invalid executor arguments.
tags | tool, rootkit
systems | unix
MD5 | 276bd895aad71791d5ca180d1f558af5
AntiRansom 5
Posted Oct 21, 2021
Authored by YJesus | Site security-projects.com

AntiRansom is a tool capable of detecting and mitigating attacks of Ransomware using honeypots.

Changes: New release.
tags | tool
systems | unix
MD5 | 9ef18fe80d54c90de2731c112800836b
nfstream 6.3.5
Posted Oct 8, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Improved IPv6 handling. nDPI maintenance update. Fixed macOS multiprocessing context. Fixed macOS dependencies handling (NumPy and pandas). Improved README (ToC and related publications).
tags | tool, python
systems | unix
MD5 | e92e20f07781344d88f801539070c84f
Wireshark Analyzer 3.4.9
Posted Oct 7, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: 12 bug fixes. Updated protocol support for AMQP, Aruba IAP, BGP, BT-DHT, CoAP, DCERPC SPOOLSS, Diameter, EPL, GSM A-bis OML, GSM A-I/F COMMON, GSM SIM, IEEE 1905.1a, IEEE 802.15.4, IMAP, InfiniBand, ISIS LSP, ISObus VT, JPEG, MP2T, NORDIC_BLE, QUIC, RTCP, SDP, SMB, TWAMP-Control, USB HID, and VSS Monitoring. New and updated capture file support for CAM Inspector, Ixia IxVeriWave, pcapng, and USBDump.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | b97e9d97fc8d77f514d5b92a2cf045f1
Phrack Magazine Issue 70
Posted Oct 5, 2021
Authored by phrack | Site phrack.org

Phrack Magazine Issue 70 - Articles include Phrack Prophile on xerub, Attacking JavaScript Engines, .NET Instrumentation via MSIL bytecode injection, a VM escape QEMU case study, and much more.

tags | javascript, magazine
systems | unix
MD5 | abec118a40d83ac9f0974d89dbebfeef
Bing.com Hostname / IP Enumerator 1.0.5
Posted Oct 4, 2021
Authored by Andrew Horton | Site morningstarsecurity.com

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.

Changes: Minor release. Changed User-Agent to wget/1.20. Fixed an error where it finds no results.
tags | tool, scanner, bash
systems | linux, unix
MD5 | 4aae2d2c823523c3d9ec371c22cceab8
TestSSL 3.0.6
Posted Oct 4, 2021
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Codespell introduction and implementation for GHA CI. Documentation update to reflect renaming standard ciphers to cipher categories. Now ignores usage of ~/.digrc where possible. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | b94e3bdfef5386a727c14ec7d3c8ae63
PyRDP RDP Man-In-The-Middle Tool
Posted Oct 4, 2021
Authored by Francis Labelle, Emilio Gonzalez, Alexandre Beaulieu, Olivier Bilodeau | Site github.com

PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library.

tags | tool, remote, protocol, python
systems | unix
MD5 | 06c0d9021f660b1493c9e09fb8e332da
Page 1 of 360
Back12345Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    1 Files
  • 29
    Nov 29th
    11 Files
  • 30
    Nov 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close