Twenty Year Anniversary
Showing 1 - 25 of 8,375 RSS Feed

Operating System: UNIX

Falco 0.13.0
Posted Dec 13, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added support for K8s Audit Events. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | b49ca8563faafe59b02e19f9a75e20d4
Faraday 3.4
Posted Dec 11, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added fbruteforce services fplugin. Attachments can be added to a vulnerability through the API. Various other additions and updates.
tags | tool, rootkit
systems | unix
MD5 | 11e7cca6a9b57a2287937d7c1a5729f6
SQLMAP - Automatic SQL Injection Tool 1.2.12
Posted Dec 7, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 431249d7af567a0c9086f93e62aa44fa
Packet Fence 8.2.1
Posted Dec 6, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Allows for SMS PIN codes to be reused. Various bug fixes.
tags | tool, remote
systems | unix
MD5 | 1e14bb1c2b571fa0e1907a89e0032ace
Hashcat Advanced Password Recovery 5.1.0 Source Code
Posted Dec 4, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Added new options and hash modes. Various other fixes and improvements.
tags | tool, cracker
systems | unix
MD5 | 59542bf01a07362a90de069ca562ab49
Clam AntiVirus Toolkit 0.101.0
Posted Dec 4, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.101.0 is a feature release with an assortment of improvements that they authors have cooked up over the past 6 months.
tags | tool, virus
systems | unix
MD5 | 47c36d13ac814b9e29ed6f5fc1691373
TestSSL 3.0rc3
Posted Dec 1, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Added SSLv2 ciphers. TLS 1.3 improvements. Updated client simulation data. Various other updates and fixes.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 7549425af2bde7960a2068d7ce341eea
Bro Network Security Monitor 2.6
Posted Nov 30, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Added missing ICMP router advertisement counterpart. Removed unnecessary Bloom filter empty check. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | d228bd66a3fa969a8515a25445f484d1
Wireshark Analyzer 2.6.5
Posted Nov 29, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: The Windows installers now ship with Qt 5.9.7. Previously they shipped with Qt 5.9.5. Multiple vulnerabilities addressed.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
MD5 | e25257d5969705f2a18cae627ed42d80
Debian Security Advisory 4345-1
Posted Nov 28, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4345-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, vulnerability
systems | linux, unix, debian
advisories | CVE-2018-14629, CVE-2018-16841, CVE-2018-16851
MD5 | f3606a59eb6ee66c892dcf8acffd50a7
Faraday 3.3
Posted Nov 25, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added workspace disable feature. Added mac vendor to host and services. Fixed typos and add sorting in workspace name. Many other improvements and fixes.
tags | tool, rootkit
systems | unix
MD5 | b66cc1e577c12f52ce78578a54104673
OpenSSL Toolkit 1.1.1a
Posted Nov 21, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a timing vulnerability in DSA signature generation and another in ECDSA signature generation. Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). Various other updates.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0734, CVE-2018-0735
MD5 | 963deb2272d6be7d4c2458afd2517b73
Apkatshu 1.0
Posted Nov 15, 2018
Authored by Abdeljalil Nouiri

Apkatshu is a tool for for extracting urls, emails, ip addresses, and interesting data from APK files. The user can choose either JADX or APKTOOL for de-compilation.

tags | tool
systems | unix
MD5 | 1c100a31d20c7b83d67fcf53f41b1009
Packet Fence 8.2.0
Posted Nov 9, 2018
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Added support for clusters with servers located in multiple layer 3 networks. Permitted incoming Eduroam TLRS RADIUS requests. Added Mojo web authentication support. Added SMTP test function in Alerting. Various other additions and updates.
tags | tool, remote
systems | unix
MD5 | 0d77048b4d1f82bd42c7f8df9b218c52
Web-Based Firewall Logging Tool 1.1.1
Posted Nov 9, 2018
Authored by Bob Hockney | Site webfwlog.sourceforge.net

Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.

Changes: Added support for checksum fields for database logs for tcp, udp and icmpv6. Multiple bug fixes. Various other updates.
tags | tool, web, firewall
systems | linux, windows, unix, xp
MD5 | 55e3ae30dafdd547a875306bfe18f79a
Suricata IDPE 4.1.0
Posted Nov 6, 2018
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bugs have been addressed.
tags | tool, intrusion detection
systems | unix
MD5 | ef5fe0ea7ec7b94829897dfc0999857f
Stegano 0.8.6
Posted Nov 6, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Fixed a potential security issue related to CVE-2018-18074.
tags | tool, encryption, steganography, python
systems | unix
advisories | CVE-2018-18074
MD5 | e35d90beedc1aa42060c455467799ab7
SQLMAP - Automatic SQL Injection Tool 1.2.11
Posted Nov 5, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 5fdd5bb9be166686620512abe0f11658
TOR Virtual Network Tunneling Tool 0.3.4.9
Posted Nov 5, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.4.9 is the second stable release in its series. It backports numerous fixes, including a fix for a bandwidth management bug that was causing memory exhaustion on relays. Anyone running an earlier version of Tor 0.3.4.9 should upgrade.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 8a303c7c2491cd27b1646f6efdc4a5d0
Morris Worm sendmail Debug Mode Shell Escape
Posted Nov 5, 2018
Authored by wvu, Robert Tappan Morris, Cliff Stoll | Site metasploit.com

This Metasploit module exploits sendmail's well-known historical debug mode to escape to a shell and execute commands in the SMTP RCPT TO command. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. Currently only cmd/unix/reverse and cmd/unix/generic are supported.

tags | exploit, worm, shell
systems | unix
MD5 | 916044331d126eab8e387612884dc927
Hashcat Advanced Password Recovery 5.0.0 Source Code
Posted Oct 29, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Added many new options and hash modes. Various other fixes and improvements.
tags | tool, cracker
systems | unix
MD5 | b38542cbf4a242759859f6f215adb359
Lynis Auditing Tool 2.7.0
Posted Oct 26, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added detection of TOMOYO binary, OpenSSH server versions. Changed several warning labels on screen. Various other updates.
tags | tool, scanner
systems | unix
MD5 | ac0ae8086e31f263f2da0c5c553686ba
Faraday 3.2
Posted Oct 23, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added logical operator AND to status report search. Restkit dependency removed. Improvement on manage.py change-password. Added feature to show only unconfirmed vulns. Added ssl information to manage.py status-check. Updated wpscan plugin to support latest version. Allowed workspace names starting with numbers.
tags | tool, rootkit
systems | unix
MD5 | bead7cdf3cee4c80785604d35f1dbbcc
Ansvif 1.11a
Posted Oct 23, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This is an initial Android pre-release.
tags | tool, fuzzer
systems | unix
MD5 | 510eb1ca8408cfd8bd44114a6eab915c
OpenSSH 7.9p1
Posted Oct 19, 2018
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Now requires OpenSSL 1.1.x series 1.1.0g or greater. Various other updates.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | c6af50b7a474d04726a5aa747a5dce8f
Page 1 of 335
Back12345Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close