exploit the possibilities
Showing 1 - 25 of 7,574 RSS Feed

Security Tool Files

Zeek 4.0.4
Posted Sep 23, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release addresses six bugs and two security issues.
tags | tool, intrusion detection
systems | unix
MD5 | df39f4f49a69086b3a2a2abbf807e6a3
Proxmark 4.14434
Posted Sep 20, 2021
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware.

Changes: This version brings full support of MIFARE DESfire and bug fixes.
tags | tool
systems | unix
MD5 | 12400a8a53d1cdc84e7a73c382f8c45b
litefuzz 1.0
Posted Sep 20, 2021
Authored by Jeremy Brown | Site github.com

litefuzz is a multi-platform fuzzer for poking at userland binaries and servers.

tags | tool, fuzzer
systems | unix
MD5 | e20e90558f9c0c1dc16ef9f40dcbe095
GNU Privacy Guard 2.2.31
Posted Sep 16, 2021
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: Over a dozen bug fixes.
tags | tool, encryption
MD5 | 1a12d114f82731860352435a12ccd458
OpenDNSSEC 2.1.10
Posted Sep 14, 2021
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Fixed exit code signer daemon to not always report failure. Fixed immediate resalting after migration from 1.4. Resolved conflict when deleting keys from HSM whilst also performing step in key roll process. Added warning on ods-kaspcheck for NSEC iteration count that is deemed too high. Provided RedHat/CentOS spec file in contrib directory.
tags | tool
systems | unix
MD5 | eac4c28b7ed318b6ae5b6107b76206d8
Packet Fence 11.0.0
Posted Sep 7, 2021
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Red Hat Enterprise Linux 8 and Debian 11 support added. Microsoft Azure AD authentication and authorization support added. Google Workspace integration for LDAP and Chromebooks added. Automation of upgrades from 10.3 and above added. Forwarding support for audit logs stored in database added. Over a dozen enhancements and bug fixes.
tags | tool, remote
systems | unix
MD5 | 9b8a0276b56230bf7153d63530ec4d08
Samhain File Integrity Checker 4.4.6
Posted Sep 5, 2021
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed Debian 10 compile problem in dnmalloc (mallinfo2). Fixed compile problem on Ubuntu 20 with make deb. Fixed make deb issue when compiling as client. Fixed issue with inotify.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 51bcc1f204db174f738f487be05a0507
Clam AntiVirus Toolkit 0.104.0
Posted Sep 3, 2021
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Added comprehensive build instructions for using CMake to the new INSTALL.md file. The Autotools and the Visual Studio build systems have been removed. The built-in LLVM for the bytecode runtime has been removed. There are now official ClamAV images on Docker Hub. Various other updates.
tags | tool, virus
systems | unix
MD5 | 3f4789c09f5a35e9ea580edd5c3e54b6
SQLMAP - Automatic SQL Injection Tool 1.5.9
Posted Sep 3, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 32819398c46317bb918049666fad4e8f
nfstream 6.3.4
Posted Sep 3, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Fixed transport_size value. Fixed requirements on MacOS and PyPy. Updated dependencies (libgcrypt). Maintenance update of nDPI.
tags | tool, python
systems | unix
MD5 | 59fbc20a3ab905464995c99e36ba40e2
Hashcat Advanced Password Recovery 6.2.4 Source Code
Posted Aug 31, 2021
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: 9 hash modes added, 6 features added, and 13 bugs fixed.
tags | tool, cracker
systems | unix
MD5 | afa750eba597503f502d410a5a7a0c9f
Hashcat Advanced Password Recovery 6.2.4 Binary Release
Posted Aug 31, 2021
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: 9 hash modes added, 6 features added, and 13 bugs fixed.
tags | tool, cracker
MD5 | e0077c3178cc4c4c207408f032ab7202
Dr Checker 4 Linux
Posted Aug 31, 2021
Authored by Marcin Kozlowski | Site github.com

This is an LLVM based tool to audit Linux kernel module security using both pointer and taint analyses that are flow-sensitive, context-sensitive, and fieldsensitive on kernel drivers. It is port of Dr. Checker.

tags | tool, kernel
systems | linux, unix
MD5 | 1207ca19604c60c69efd0cbad94d69ce
GNU Privacy Guard 2.2.30
Posted Aug 31, 2021
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

Changes: Over a dozen bug fixes added.
tags | tool, encryption
MD5 | 17252454ec2db3aeaeb983b55a037041
Flawfinder 2.0.19
Posted Aug 31, 2021
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: Added a fix to send error messages to stderr instead of stdout.
tags | tool
systems | unix
MD5 | 38e649accecae8a145d74f1e3e4574c8
Wireshark Analyzer 3.4.8
Posted Aug 26, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Bug fixes for issues related to the dissector for Bluetooth Cycling Power Measurement and CoAP as well as a few other issues. Updated protocol support for BT ATT, BT LE LL, CoAP, DLM3, GSM SIM, iLBC, and RakNet.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 13aea3ee0edbc8f875971eccf2d11b20
I2P 1.5.0
Posted Aug 25, 2021
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates.
tags | tool
systems | unix
MD5 | a86104909daeff669ab34217f12c7594
OpenSSL Toolkit 1.1.1l
Posted Aug 24, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed an SM2 Decryption Buffer Overflow. Fixed various read buffer overruns processing ASN.1 strings.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-3711, CVE-2021-3712
MD5 | ac0d4387f3ba0ad741b0580dd45f6ff3
GRR 3.4.5.1
Posted Aug 23, 2021
Authored by Andreas Moser, Mikhail Bushkov, Ben Galehouse, Milosz Lakomy | Site github.com

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.

Changes: Mid-quarter release for Q3 2021. TSK, libfsntfs and YARA libraries are now run in a separate, unprivileged process for sandboxing in the GRR client. Fleetspeak, the next generation communication framework, is now enabled by default. Added a new MSI installer for Windows clients. New flow for named pipe collection on Windows for ListNamedPipes.
tags | tool, remote, web, forensics
systems | unix
MD5 | f8f841881ab05b82df4548fa99efb188
Faraday 3.17.1
Posted Aug 23, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed a bug when starting the server and creates a pool for reporting that breaks.
tags | tool, rootkit
systems | unix
MD5 | ed49f764072bc078220474c85cbbf28f
OpenSSH 8.7p1
Posted Aug 20, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Fixed a race in pselect replacement code. Improved github test driver script. Various minor bug fixes.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | f545230799f131aecca04da56e61990a
TOR Virtual Network Tunneling Tool 0.4.6.7
Posted Aug 17, 2021
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This version fixes several bugs from earlier versions of Tor, including one that could lead to a denial-of-service attack. Everyone running an earlier version, whether as a client, a relay, or an onion service, should upgrade to Tor 0.3.5.16, 0.4.5.10, or 0.4.6.7.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2021-38385
MD5 | ff80309cfaa0719b197fdaf83f9d5443
Faraday 3.17.0
Posted Aug 11, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added --data parameter to faraday-manage settings. Modifications include process report files in a separate process and making bulk_create requests asynchronous.
tags | tool, rootkit
systems | unix
MD5 | ed9053a282a5d30c36aeaa75ec5a5b84
Nmap Port Scanner 7.92
Posted Aug 9, 2021
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Upgraded Npcap for Windows usage which now allows nmap to work on the Windows ARM architecture. New Nmap option --unique will prevent Nmap from scanning the same IP address twice. Various updates to NSE and many bugs were addressed in this release.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | 0e9d4d6513ae6c79af9d9e7ea02fa05b
SQLMAP - Automatic SQL Injection Tool 1.5.8
Posted Aug 2, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 6cac13f4e9cef5996f15944cf4d0b0a0
Page 1 of 303
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close