Exploit the possiblities
Showing 101 - 125 of 8,186 RSS Feed

Operating System: UNIX

Apple iOS / MacOS NSKeyedArchiver Heap Corruption
Posted May 24, 2017
Authored by Google Security Research, ianbeer

Apple iOS / MacOS suffers from a NSKeyedArchiver heap corruption vulnerability due to a rounding error in TIKeyboardLayout initWithCoder:.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2524
MD5 | f4f95e9fe07f16fd6bb2e6208f80ac9f
Apple iOS / MacOS NSCharacterSet Memory Corruption
Posted May 24, 2017
Authored by Google Security Research, ianbeer

Apple iOS / MacOS suffers from a memory corruption vulnerability due to bad bounds checking in NSCharacterSet coding for NSKeyedUnarchiver.

tags | exploit
systems | unix, apple, ios
advisories | CVE-2017-2522
MD5 | bdda55cda546b5c21d799497330d24d7
Apple iOS / MacOS Netagent Kernel Memory Disclosure
Posted May 24, 2017
Authored by Google Security Research, ianbeer

Apple iOS / MacOS suffers from a kernel memory disclosure vulnerability due to lack of bounds checking in netagent socket option handling.

tags | exploit, kernel
systems | unix, apple, ios
advisories | CVE-2017-2507
MD5 | 45cfcbcc7c332ce751e0f1cb5ebc14cc
Apple iOS / MacOS Domain Socket Kernel Use-After-Free
Posted May 24, 2017
Authored by Google Security Research, ianbeer

Apple iOS / MacOS suffer from a kernel use-after-free vulnerability due to bad locking in unix domain socket file descriptor externalization.

tags | exploit, kernel
systems | unix, apple, ios
advisories | CVE-2017-2501
MD5 | bdf2e91d40e4ff551aba3904d5996640
TestSSL 2.8
Posted May 20, 2017
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: Trust chain check. Various other improvements and updates.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | cdd9e2481d19cfcb8ded787e767aa4cf
Nixauditor CIS Script 1.1
Posted May 19, 2017
Authored by Alfie | Site the-infosec.com

Nixauditor is a script to audit linux and unix distributions based mainly on the CIS standards and universal linux hardening guidelines.

Changes: Audit script enabling user to audit Kernel info, Kernel versions, Specific release information, Current user/group info, Users that have previously logged onto the system, All users and uid/gid info. General CIS Checks (over 100 security checks).
tags | tool
systems | linux, unix
MD5 | 735e54fcda535e1a853e135ded8d89f1
AntiRansom 3.02
Posted May 18, 2017
Authored by YJesus | Site security-projects.com

AntiRansom is a tool capable of detecting and mitigating attacks of Ransomware using honeypots.

Changes: Fixed bug in Windows 10 'Creators' that makes AR crash. This release **** IS ONLY **** for Windows 10 Creators.
tags | tool
systems | unix
MD5 | 7e8e043c0b499fbdaf2b565808f07b62
Mosca Analysis Tool 0.08
Posted May 18, 2017
Authored by coolervoid

Mosca is a tool that checks code for poor security practices akin to using grep against it for static analysis.

Changes: Various updates.
tags | tool, scanner
systems | unix
MD5 | 1c2146ec97020d86e5d699b6d9b3bc80
Stegano 0.8.1
Posted May 17, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: It is now possible to specify the encoding (UTF-8 or UTF-32LE) of the message to hide/reveal through the command line. Various other updates.
tags | tool, encryption, steganography, python
systems | unix
MD5 | 891843e201858230aa98462890551801
Falco 0.6.1
Posted May 16, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Small changes to token bucket used to throttle falco events. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | 5cff672d550bdd68a80566fdd54b00cf
Payload Mask 0.2
Posted May 16, 2017
Authored by coolervoid

Payload Mask is a payload editor that can mutate an initial dataset.

Changes: Various updates.
tags | tool
systems | unix
MD5 | 4c486a7c8a5ddaa85bf3285200b14335
TOR Virtual Network Tunneling Tool 0.3.0.7
Posted May 16, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.0.7 fixes a medium-severity security bug in earlier versions of Tor 0.3.0.x, where an attacker could cause a Tor relay process to exit. Relays running earlier versions of Tor 0.3.0.x should upgrade; clients are not affected.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | fee12ede9172905ba3258db871b6c499
Quest Privilege Manager pmmasterd Buffer Overflow
Posted May 13, 2017
Authored by m0t | Site metasploit.com

This Metasploit modules exploits a buffer overflow in the Quest Privilege Manager, a software used to integrate Active Directory with Linux and Unix systems. The vulnerability exists in the pmmasterd daemon, and can only triggered when the host has been configured as a policy server ( Privilege Manager for Unix or Quest Sudo Plugin). A buffer overflow condition exists when handling requests of type ACT_ALERT_EVENT, where the size of a memcpy can be controlled by the attacker. This Metasploit module only works against version < 6.0.0-27. Versions up to 6.0.0-50 are also vulnerable, but not supported by this module (a stack cookie bypass is required). NOTE: To use this module it is required to be able to bind a privileged port ( <=1024 ) as the server refuses connections coming from unprivileged ports, which in most situations means that root privileges are required.

tags | exploit, overflow, root
systems | linux, unix
advisories | CVE-2017-6553
MD5 | 0ede05fcd2a59a5c6c7a66dd5cb09ddb
Stegano 0.8
Posted May 8, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Improved checks. Various other updates.
tags | tool, encryption, steganography, python
systems | unix
MD5 | beb7dc3eeeb3355209841da9382180a4
Stegano 0.7.1
Posted May 5, 2017
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Improved generators for the lsb-set module. Improved tests for generators. Improved type hints.
tags | tool, encryption, steganography, python
systems | unix
MD5 | b5a834b30983c3cf7d0ccb6f2bcc4c48
I2P 0.9.30
Posted May 5, 2017
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
MD5 | 9240edcde532f64b4dbdcd0f04e22cc4
Hydra Network Logon Cracker 8.5
Posted May 4, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: New command line option. Changed the format of the restore file to detect cross platform copies. Various bug fixes.
tags | tool, web, imap
systems | cisco, unix
MD5 | 20e097ff7ee11f1c02a9fd2e626a2f97
Lynis Auditing Tool 2.5.0
Posted May 4, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Multiple updates including but not limited to use of ROOTDIR variable instead of fixed paths, removal of unused code and comments, and more. Various tests added.
tags | tool, scanner
systems | unix
MD5 | 4e7599f42d54905b8fd2e9252f4d5289
fimap Inclusion Scanner
Posted May 1, 2017
Authored by Iman Karim | Site tha-imax.de

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in web applications.

tags | tool, remote, web, local, scanner, python, file inclusion
systems | unix
MD5 | c521918aff624c30203b6f8679f04c80
TOR Virtual Network Tunneling Tool 0.3.0.6
Posted Apr 27, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.0.6 is the first stable release of the Tor 0.3.0 series. With the 0.3.0 series, clients and relays now use Ed25519 keys to authenticate their link connections to relays, rather than the old RSA1024 keys that they used before. (Circuit crypto has been Curve25519-authenticated since 0.2.4.8-alpha.) This series also includes numerous other small features and bugfixes, along with more groundwork for the upcoming hidden-services revamp.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | d5db24b73d737632618350b5f36d5342
Uberscan Brute Forcing Tool
Posted Apr 26, 2017
Authored by Batch McNulty

Uberscan is an IP scanner and brute forcing tool all in one. Written in perl.

tags | tool, scanner, perl
systems | unix
MD5 | c2206c84617814483c4882184580d507
Thycotic Secret Server Data Decrypter
Posted Apr 21, 2017
Site security-assessment.com

This is a powershell script that decrypts the data stored within a Thycotic Secret Server.

tags | tool
systems | unix
MD5 | c3ef218b8c5e5cfd1fbf7bc4ca2fe3d6
Packet Fence 7.0.0
Posted Apr 20, 2017
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Added provisioning support for SentinelOne. Added MariaDB Galera cluster support. All services are now handled by systemd. Various other updates and improvements.
tags | tool, remote
systems | unix
MD5 | de39bf9e6741b6e2f5a5fdeadfe99e93
Blue Team Training Toolkit (BT3) 2.2
Posted Apr 17, 2017
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: This release focuses on usability. New commands have been implemented, and error messages related to API operations are now more descriptive.
tags | tool, python
systems | unix
MD5 | 25b5c99f377d029bc54e7c2f708d20b1
360-FAAR Firewall Analysis Audit And Repair 0.6.2
Posted Apr 17, 2017
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release fixes the bug in the cisco asa drop log parser that missed %ASA-6-106100. Various other updates.
tags | tool, perl
systems | unix
MD5 | b89c2831979ada2d1e3b0440139a40b5
Page 5 of 328
Back34567Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close