what you don't know can hurt you
Showing 26 - 50 of 8,823 RSS Feed

Operating System: UNIX

Zeek 3.2.3
Posted Dec 16, 2020
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes a security issue and about a half dozen other bugs.
tags | tool, intrusion detection
systems | unix
MD5 | 3918275e225a850888d121fa738a5d89
American Fuzzy Lop plus plus 3.0c
Posted Dec 15, 2020
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Dozens of updates and improvements.
tags | tool, fuzzer
systems | unix
MD5 | 9e7399c5944f88ee9afc3364c765d2a3
WhatWeb Scanner 0.5.4
Posted Dec 14, 2020
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: Minor release with three new plugins and one plugin update.
tags | tool, web, scanner, javascript
systems | unix
MD5 | 2443a2f3728d5300c51ff8fb66a87344
Sifter 11-R3
Posted Dec 14, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various additions.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 9fabaf7e84833691cebd2959629bc2af
Wireshark Analyzer 3.4.1
Posted Dec 10, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Multiple security bug fixes as well as new and updated features.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2020-26418, CVE-2020-26419, CVE-2020-26420, CVE-2020-26421
MD5 | 62304df45b3c6b7825a09cbb1793906e
OpenSSL Toolkit 1.1.1i
Posted Dec 8, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed NULL pointer deref in the GENERAL_NAME_cmp function. Added support for Apple Silicon M1 Macs with the darwin64-arm64-cc target. A client-side call was changed. In 1.1.1h, an expired trusted (root) certificate was not anymore rejected when validating a certificate path. This check is restored in 1.1.1i.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2020-1971
MD5 | 08987c3cf125202e2b0840035efb392c
Red Hat Security Advisory 2020-5351-01
Posted Dec 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5351-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | d0c0e105a1db23827e75ce7072db41b9
Red Hat Security Advisory 2020-5352-01
Posted Dec 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5352-01 - KornShell is a Unix shell developed by AT&T Bell Laboratories, which is backward-compatible with the Bourne shell and includes many features of the C shell. The most recent version is KSH-93. KornShell complies with the POSIX.2 standard.

tags | advisory, shell
systems | linux, redhat, unix, osx
advisories | CVE-2019-14868
MD5 | 12b6bb5f09185927f265dbab3a4e04a4
Suricata IDPE 6.0.1
Posted Dec 4, 2020
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: A couple features were added and many bugs were addressed.
tags | tool, intrusion detection
systems | unix
MD5 | 39136d5c07203513ff207d70cda334ef
I2P 0.9.48
Posted Dec 2, 2020
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates.
tags | tool
systems | unix
MD5 | 71ad797795c3b30385f4ecd522a5aee2
THC-IPv6 Attack Tool 3.8
Posted Dec 1, 2020
Authored by van Hauser, thc | Site thc.org

THC-IPV6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.

Changes: This release fixes several bugs.
tags | tool, protocol
systems | unix
MD5 | e4defd32df9b9318525772f85cac31ef
SQLMAP - Automatic SQL Injection Tool 1.4.12
Posted Dec 1, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Bug fixes.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 63f11245bc7cdef373e7b5a811aa3c43
Mandos Encrypted File System Unattended Reboot Utility 1.8.13
Posted Dec 1, 2020
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | tool, remote, root
systems | linux, unix
MD5 | 0c7546acc41ef41a8e39453fd58f4cc9
Ubuntu Security Notice USN-4653-1
Posted Dec 1, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4653-1 - It was discovered that access controls for the shim’s API socket did not restrict access to the abstract unix domain socket in some cases. An attacker could use this vulnerability to run containers with elevated privileges.

tags | advisory
systems | linux, unix, ubuntu
advisories | CVE-2020-15257
MD5 | 8ecc1fa869b3211bbb093ef90ef1a0f9
nfstream 6.2.5
Posted Nov 28, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Patch for minimal truncated UDP raw pcap handling.
tags | tool, python
systems | unix
MD5 | 0d6f828e5d67ceee7e7066e81c9b9078
nfstream 6.2.4
Posted Nov 24, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Minor fixes and an nDPI maintenance update.
tags | tool, python
systems | unix
MD5 | 5dfe1632f9f5c7831e6f3aacc8f0817f
Sifter 11-R2
Posted Nov 24, 2020
Authored by s1l3nt78 | Site github.com

Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.

Changes: Various additions and some removals.
tags | tool, remote, local, scanner, vulnerability
systems | unix
MD5 | 6e3d8d179228a0b193db1471b8e14019
TestSSL 3.0.4
Posted Nov 23, 2020
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This version is a quick fix for a regression of detecting SSLv2 ciphers in a basic function. Please upgrade.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 2ba4ba9d50b056ddda260d039a124853
AIEngine 2.0.1
Posted Nov 23, 2020
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Updated compilation for go 1.15. Added functionality for run timers on processing pcap files on python. Updated lua 5.4 components. Many other additions and fixes.
tags | tool
systems | unix
MD5 | 94399a4a2149ee8e8b04e74b43121276
GRAudit Grep Auditing Tool 2.8
Posted Nov 19, 2020
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Updated Electron rules. Updated PHP rules. More scala rules and a scala signature set. Updated C rules. Updated Java rules. Many other updates as well.
tags | tool
systems | unix
MD5 | e38b9c328f5747a4cd4db02bd628a0ef
American Fuzzy Lop plus plus 2.68c
Posted Nov 19, 2020
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Added the GSoC excellent afl++ grammar mutator by Shengtuo. A few QOL changes for Apple and its outdated gmake. Various other updates and improvements.
tags | tool, fuzzer
systems | unix
MD5 | d193b5f93e53d0acb749fcf01faf27f7
Global Socket 1.4.22
Posted Nov 19, 2020
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

tags | tool, tcp
systems | unix
MD5 | 697aff8d6aa465252692af99375ce8f7
erfs 1.4
Posted Nov 19, 2020
Authored by thc, Skyper | Site thc.org

erfs is an easy-to-use, easy-to-setup, hassle-free secure file system with the encrypted data being stored on a remote cloud server without having to trust the server. The client is a bash-script. The cloud server is provided by THC for free (as in free beer!). There is no limit per user, no limit of the number of file systems and no limit of how many locations can access the same file system simultaneously. It supports collaboration and the same filesystem can be accessed from different computers at the same time. The data is securely and seamlessly synchronized. The server has no knowledge of the content. A rogue server operator can not access the data. All key material is created on the user's computer and never stored or transferred to the server.

tags | tool, remote, bash
systems | unix
MD5 | 8760e61d1fb0d63faba1e847ebb48b34
TestSSL 3.0.3
Posted Nov 19, 2020
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Updated certificate stores. BREACH is now medium. Dockerfile improvements. Various other updates and improvements.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | afcbd6001bd3128b99675f5eceab35ce
TCMalloc Inspector Tool
Posted Nov 19, 2020
Authored by Marcin Kozlowski | Site github.com

TCMalloc is an inspection tool that lets you parse and inspect tcmalloc internals, and detect lost memory, meaning memory which is not reachable via any (internal) pointers.

tags | tool
systems | unix
MD5 | 5bfabbb583351d1bd58083c6bba6c75c
Page 2 of 353
Back12345Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close