exploit the possibilities
Showing 1 - 25 of 7,243 RSS Feed

Security Tool Files

SQLMAP - Automatic SQL Injection Tool 1.4.4
Posted Apr 3, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | baa24818b694a958fff75a5b3300f825
OpenSSL Toolkit 1.1.1f
Posted Mar 31, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Reverted the change of EOF detection while reading in libssl to avoid regressions in applications depending on the current way of reporting the EOF. Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1 when primes for RSA keys are computed.
tags | tool, encryption, protocol
systems | unix
MD5 | 3f486f2f4435ef14b81814dbbc7b48bb
Recon Informer
Posted Mar 30, 2020
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Recon-Informer is a basic real-time anti-reconnaissance detection tool for offensive security systems, useful for penetration testers. It runs on Windows/Linux and leverages scapy.

tags | tool
systems | linux, windows, unix
MD5 | cb8d3c18e04a60fd39e205fae7a0cd88
nullscan 1.0.0
Posted Mar 26, 2020
Authored by noptrix | Site nullsecurity.net

nullscan is a modular framework designed to chain and automate security tests. It parses target definitions from the command line and runs corresponding modules and their nullscan-tools afterwards. It can also take hosts and start nmap first in order to perform a basic portscan and run the modules afterwards. Also, nullscan can parse a given nmap logfile for open tcp and udp ports and again run the modules afterwards. All results will be logged in specified directories with a clean structure and an HTML report can subsequently be generated.

tags | tool, udp, scanner, tcp
systems | unix
MD5 | b19299719763dbf57f595ecbd3a3e226
Mandos Encrypted File System Unattended Reboot Utility 1.8.10
Posted Mar 23, 2020
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | tool, remote, root
systems | linux, unix
MD5 | d530501607f84920f454cb4d6db68a46
Hyperion Runtime Encrypter 2.3
Posted Mar 21, 2020
Authored by belial | Site nullsecurity.net

Hyperion is a runtime encrypter for 32-bit and 64-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter".

Changes: Hyperion now rejects unsupported .NET executables, preserves the GUI/Commandline PE flag, has a lower AV detection because static stuff was removed, and 64 bit output file size was reduced by 4 kilo bytes.
tags | tool, encryption
MD5 | e60e50626ad2ec2f0808e05d713acf34
GNU Privacy Guard 2.2.20
Posted Mar 21, 2020
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Update added to protect the error counter against overflow. Various other bug fixes.
tags | tool, encryption
MD5 | 4ff88920cf52b35db0dedaee87bdbbb1
TOR Virtual Network Tunneling Tool 0.4.2.7
Posted Mar 19, 2020
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the third stable release in the 0.4.2.x series. It backports numerous fixes from later releases, including a fix for TROVE-2020- 002, a major denial-of-service vulnerability that affected all released Tor instances since 0.2.1.5-alpha. Various other issues were also addressed.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2020-10592, CVE-2020-10593
MD5 | a4b338b9f7444f4f89259c9736ff74c8
Falco 0.21.0
Posted Mar 18, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A major change was announced where the SYSDIG_BPF_PROBE environment variable is now just FALCO_BPF_PROBE. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | a4c62f75ad8620b01617334523a731d1
OpenSSL Toolkit 1.1.1e
Posted Mar 18, 2020
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: It now properly detects EOF while reading in libssl. Fixed SSL_get_servername() behaviour. Various other updates and bug fixes.
tags | tool, encryption, protocol
systems | unix
MD5 | baeff2a64d2f3d7e0a69b677c9977b57
Lulzbuster 1.3.2
Posted Mar 17, 2020
Authored by noptrix | Site nullsecurity.net

Lulzbuster is a very fast and smart web directory and file enumeration tool written in C.

Changes: Removed forgotten escape sequence char when logging to file. Removed unneeded code. Skips found directories and files with a zero byte size.
tags | tool, web, scanner
systems | unix
MD5 | c1207a272ef104d0d1a18ed921f6aa17
AIEngine 1.9.2
Posted Mar 15, 2020
Authored by Luis Campo Giralte | Site bitbucket.org

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

Changes: Shows anomalies by using an extra parameter on the binary. Exposes the TCP flags on the python Flows. Fixed issue with pcre that impact performance. Various other updates.
tags | tool
systems | unix
MD5 | 9d59a3c13f882dba71e05ffeda508854
Zeek 3.1.1
Posted Mar 10, 2020
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: This release fixes a potential high CPU load due to race in Broker data stores, a memory exhaustion issue, an incorrect symlink, and an improvement to allow some external plugins to compile.
tags | tool, intrusion detection
systems | unix
MD5 | 913d0f01da1c505a0d2e4845a1257a33
Richsploit RichFaces Exploitation Toolkit
Posted Mar 9, 2020
Authored by redtimmysec

This tool can be used to exploit vulnerable versions of RichFaces. It has payloads for 4 vulnerabilities that have been identified, which can lead to remote code execution via java deserialization and EL injection.

tags | exploit, tool, java, remote, vulnerability, code execution
advisories | CVE-2013-2165, CVE-2015-0279, CVE-2018-14667
MD5 | dbe44bcd30e854ad24e9361d53b24ebb
SQLMAP - Automatic SQL Injection Tool 1.4.3
Posted Mar 5, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 441532375d2cf56bdce09438da062dfd
Golden Frieza
Posted Mar 3, 2020
Authored by redtimmysec

Imagine finding yourself in a "hostile" environment, one where you cannot run exploits, tools, and applications without worrying about prying eyes spying on you, be they a legitimate system administrator, a colleague sharing an access with you or a software solution that scans the machine you are logged in to for malicious files. Your binary should live in encrypted form in the filesystem so that no static analysis would be possible even if identified and copied somewhere else. It should be only decrypted on the fly in memory when executed, so preventing dynamic analysis too, unless the decryption key is known. To experiment with such an idea Red Timmy Sec have created the "golden frieza" project.

tags | tool
systems | unix
MD5 | 366f23cd679fa95715eb2ce109400d3f
nfstream 3.2.2
Posted Mar 1, 2020
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added to_pandas method. Fixed previous broken package.
tags | tool, python
systems | unix
MD5 | ef013afe7906f7827a95673adff3a17b
SerialTweaker 1.1
Posted Feb 28, 2020
Authored by Stefan Broeder, redtimmysec

SerialTweaker is a tool that can be used to load a serialized object, change its contents, and reserialize it to a new serialized object with modified fields inside.

tags | tool
systems | unix
MD5 | d914f07f0f241842bdd179051467fe46
Wireshark Analyzer 3.2.2
Posted Feb 28, 2020
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple vulnerabilities and bug fixes in dissectors have been addressed.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | e468b78e1176e0212b13ef809f59dcbb
Zeek 3.1.0
Posted Feb 28, 2020
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Added a new supervisor framework that enables Zeek to operate clusters. Various other additions and changes in functionality.
tags | tool, intrusion detection
systems | unix
MD5 | c570719350c921b2c7becfe0e4ee9922
Samhain File Integrity Checker 4.4.1
Posted Feb 27, 2020
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed compatibility problem with older (version 2.0.x) GnuPG.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 000cc50f337b9153c743fedc3c178d54
I2P 0.9.45
Posted Feb 27, 2020
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various bug fixes.
tags | tool
systems | unix
MD5 | 4b03d210881221c0ea06cd9e4caf0f35
WhatWeb Scanner 0.5.1
Posted Feb 25, 2020
Authored by Andrew Horton (urbanadventurer) | Site morningstarsecurity.com

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more. WhatWeb supports an aggression level to control the trade off between speed and reliability.

Changes: This is a minor release with bug fixes, one new plugin, and a couple of plugin updates.
tags | tool, web, scanner, javascript
systems | unix
MD5 | a437d13dbfe9caccc1b4c39a57350c05
Falco 0.20.0
Posted Feb 25, 2020
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A memory leak was addressed along with two bugs and seven rule changes.
tags | tool, intrusion detection
systems | unix
MD5 | aac8c0c88cbc84655d618620435c1694
Wapiti Web Application Vulnerability Scanner 3.0.3
Posted Feb 24, 2020
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Work was performed to reduce false positives in XSS detections.
tags | tool, web, scanner, vulnerability
systems | unix
MD5 | 39673c6f9593119051077731df2fa2da
Page 1 of 290
Back12345Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close