Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
d16678275276e57e0216828d1a0ff611Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
ba5f065122e2745f996d5c5644d6eca8Photon is a relatively fast crawler designed for automating OSINT (Open Source Intelligence) with a simple interface and tons of customization options. It is written in Python. Photon essentially acts as a web crawler which is able to extract URLs with parameters, also able to fuzz them, secret AUTH keys, and a lot more.
70db0aab74cde1b568f6a9d177b18281Red Hat Security Advisory 2021-4782-01 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include a privilege escalation vulnerability.
651c4bdb52f066e8bdc61fef27afbafcWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
d8aa90ed29c4136e076627b527083e0cHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
da67193872c00093a95dc5a0a9583563PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
7d06527c96a3ffc5446d643fdd2870c8Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
907514ab422700621a2e91196360125fSuricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
6ef0583bbd771e80eae7d928d7735f02sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
53a126404f92d407fdb8048255fb05f9Red Hat Security Advisory 2021-4393-03 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems.
e5fadaf5ff19fc6d089d1f27031ae2cfRed Hat Security Advisory 2021-4368-04 - OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Issues addressed include an information leakage vulnerability.
5eae4d505ced124ba3e1ca002ebc9bfaFaraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
722c8f241b6d1f5846adb421bba0a405Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
49b9bb94d5b2cafc761f8fbe660d3bfaGraudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
e7a0ee30bb39abd292ddae5f8dd68608Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
e65cbb78aece2c135f635970e555506aZeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
6e293fe8631db190609b584b03f76f3aFaraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
276bd895aad71791d5ca180d1f558af5AntiRansom is a tool capable of detecting and mitigating attacks of Ransomware using honeypots.
9ef18fe80d54c90de2731c112800836bnfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
e92e20f07781344d88f801539070c84fWireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
b97e9d97fc8d77f514d5b92a2cf045f1Phrack Magazine Issue 70 - Articles include Phrack Prophile on xerub, Attacking JavaScript Engines, .NET Instrumentation via MSIL bytecode injection, a VM escape QEMU case study, and much more.
abec118a40d83ac9f0974d89dbebfeefThis tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
4aae2d2c823523c3d9ec371c22cceab8testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
b94e3bdfef5386a727c14ec7d3c8ae63PyRDP is a Python Remote Desktop Protocol (RDP) Monster-in-the-Middle (MITM) tool and library.
06c0d9021f660b1493c9e09fb8e332da
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed