Twenty Year Anniversary
Showing 1 - 25 of 6,977 RSS Feed

Security Tool Files

OpenSSH 7.9p1
Posted Oct 19, 2018
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Now requires OpenSSL 1.1.x series 1.1.0g or greater. Various other updates.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | c6af50b7a474d04726a5aa747a5dce8f
Wireshark Analyzer 2.6.4
Posted Oct 12, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple crash vulnerabilities fixed. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
advisories | CVE-2018-18225, CVE-2018-18226, CVE-2018-18227
MD5 | 8aa7b8c8ce0b6ce4256a081493819d6f
SD-WAN Harvester 0.99
Posted Oct 11, 2018
Authored by SCADA Strangelove | Site github.com

SD-WAN Harvester is a tool that was created to automatically enumerate and fingerprint SD-WAN nodes on the Internet. It uses Shodan search engine for discovering, NMAP NSE scripts for fingerprinting, and masscan to implement some specific checks.

tags | tool, scanner
systems | unix
MD5 | 75dc2b2d79cfb235fa7088aeca36f57c
Tinc Virtual Private Network Daemon 1.0.35
Posted Oct 8, 2018
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Prevented oracle attacks. Prevented a MITM from forcing a NULL cipher for UDP. Various other fixes.
tags | tool, encryption
systems | unix
advisories | CVE-2018-16737, CVE-2018-16738, CVE-2018-16758
MD5 | c44f3eaf6264319953d0cff56f2e98d4
I2P 0.9.37
Posted Oct 8, 2018
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates.
tags | tool
systems | unix
MD5 | d5accb0910257b2104967a6c7ee6a29c
Clam AntiVirus Toolkit 0.100.2
Posted Oct 5, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various updates. See changelog.
tags | tool, virus
systems | unix
MD5 | 253dd79dd57da759567e42543a569c5c
Ceaser Cypher Single Byte Payload Encryption
Posted Oct 5, 2018
Authored by Jonathan Loveless

This program takes a payload and does a single offset on the payload (ceaser cypher encryption) and allows you to take the payload and decrypt and execute it in memory to bypass signature detection of currently detectable payloads.

tags | tool, shellcode
MD5 | c2e2103453482744e4d3fa4363c45945
Intel ME Manufacturing Mode Detection Tools
Posted Oct 4, 2018
Authored by Dmitry Sklyarov, Maxim Goryachy, Mark Ermolov | Site ptsecurity.com

Intel ME has a Manufacturing Mode designed to be used exclusively by motherboard manufacturers. This mode provides some additional opportunities that an attacker can take advantage of. When Manufacturing Mode is enabled, Intel ME allows execution of the command which makes the ME region writable via the SPI controller built into the motherboard. The ability to run code and send commands to Intel ME on the attacked system allows the attacker to rewrite the Intel ME firmware onto another version. So the attacker is able to deploy the firmware which is vulnerable to INTEL-SA-00086 and execute arbitrary code on Intel ME even if the system is patched. This archive contains Python 2.7 scripts for checking the state of the Intel ME Manufacturing Mode.

tags | tool, arbitrary, scanner, python
systems | unix
advisories | CVE-2018-4251
MD5 | 1a9b68acfbdb192e5529077542c33486
SQLMAP - Automatic SQL Injection Tool 1.2.10
Posted Oct 3, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 55e5aa88807d9ea720edd95792a335a6
Aircrack-ng Wireless Network Tools 1.4
Posted Oct 1, 2018
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: Added PMKID cracking. Serious speed up and memory usage decrease when loading large files (multiple Gb) using AVL trees. Added hwloc (Hardware Locality) to improve performance. Tons of other additions, fixes, and improvements.
tags | tool, wireless
systems | unix
MD5 | 24e22f6f6eca1e7dc0d203e5719d3e8d
UFONet 1.1
Posted Sep 26, 2018
Authored by psy | Site ufonet.03c8.net

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc.

Changes: Various updates. New release called Quantum Hydra.
tags | tool, web, denial of service, spoof
MD5 | 04a0b3439384a0d51cce72ba4a2cae82
Samhain File Integrity Checker 4.3.1
Posted Sep 25, 2018
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 9c6beb7ff7149ee80de850c8cc585859
Faraday 3.1.1
Posted Sep 25, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Multiple bug fixes.
tags | tool, rootkit
systems | unix
MD5 | 9464935134ca4ab8f9d45d95678a6aa4
Lynis Auditing Tool 2.6.9
Posted Sep 25, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Man page has been updated. Command 'lynis show options' provides up-to-date list. Various other updates.
tags | tool, scanner
systems | unix
MD5 | bb3e61005fba356ec6a5412922663e9e
Faraday 3.1
Posted Sep 20, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed get exploits API. New searcher feature. Continuous scan updated for Nessus 7. Various other updates and improvements.
tags | tool, rootkit
systems | unix
MD5 | 0e8af1db72b4cf23b8c11e2c7769fc1d
Falco 0.12.1
Posted Sep 13, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed a regression in the libcurl configure script.
tags | tool, intrusion detection
systems | unix
MD5 | adce7b6ab8554e22fc38cdd621691056
VBScan Vulnerability Scanner 0.1.8
Posted Sep 13, 2018
Authored by Mohammad Reza Espargham | Site owasp.org

VBScan is a black box vBulletin vulnerability scanner written in perl.

Changes: Updated vulnerabilities database. Various other updates and enhancements.
tags | tool, scanner, perl
systems | unix
MD5 | 130a1a1372cc4614c4dea54ac6d2493b
DAVOSET 1.3.6
Posted Sep 13, 2018
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: In new version there was added support of for an SSRF vulnerability in Splunk Enterprise. Also there were added new services into lists of zombies and removal of non-working services from the lists of zombies.
tags | tool, denial of service
MD5 | 0ce69ca1208b54310d855c3ca2ef7709
OpenSSL Toolkit 1.1.1
Posted Sep 11, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Added a new ClientHello callback. Added SM2 base algorithm support. Various other updates.
tags | tool, encryption, protocol
systems | unix
MD5 | 7079eb017429e0ffb9efb42bf80ccb21
TOR Virtual Network Tunneling Tool 0.3.4.8
Posted Sep 11, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: The Tor 0.3.4 series includes improvements for running Tor in low-power and embedded environments, which should help performance in general.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 84497a248f49ed42c344612501bae934
Samhain File Integrity Checker 4.3.0
Posted Sep 10, 2018
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added support for /etc/subuid, /etc/subgid maps. Fixed compiler warning on Ubuntu 18.04.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 54591d3bbe3ff0ea837d88310d6bb74a
TestSSL 2.9.5-7
Posted Sep 7, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 62c5148ca576b0ec7229775b1ec69720
SQLMAP - Automatic SQL Injection Tool 1.2.9
Posted Sep 5, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 001dd095cf0009c79d3e957e256abc10
Blue Team Training Toolkit (BT3) 2.8
Posted Sep 5, 2018
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: SSL_TRUST option has been included in Maligno. Bug fixes and minor adjustments.
tags | tool, python
systems | unix
MD5 | 59ec404f377eafd4cfcca6d3b2ea9241
TestSSL 2.9.5
Posted Sep 5, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | da5717d95120b32fc3d0a5fe80454f59
Page 1 of 280
Back12345Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close