what you don't know can hurt you
Showing 1 - 25 of 7,497 RSS Feed

Security Tool Files

Falco 0.28.1
Posted May 7, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Major changes include new --support output which includes info about the Falco engine version, new alert output in the unlikely situation it's receiving too many consecutive timeouts without an event, and a new configuration field syscall_event_timeo.
tags | tool, intrusion detection
systems | unix
MD5 | 4d8fd5c5d44ed32c7e7a911d109a636d
jSQL Injection 0.85
Posted May 6, 2021
Authored by ron190 | Site github.com

jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

Changes: Compliance to Java 17. Switched to native HttpClient.
tags | tool, scanner, sql injection
systems | linux, unix
MD5 | d6a21f297789ddb400c5d81f48b8bf81
OpenDNSSEC 2.1.9
Posted May 4, 2021
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Prevented concurrency between C_Login/C_OpenSession and C_FindObject in PKCS#11 operations as some HSMs do not like this and the key may (transiently) not be available. Hardened the signing procedure to still sign zones for which there are unused keys specified in the signconf. These are included by the enforcer because there may be (outdated) signatures for them, but the signer doesn't need this reference anymore in 2.1. However this was left in for backwards compatibility (probably).
tags | tool
systems | unix
MD5 | eb7c966b372ae5c0ab29d20f077fb126
OATH Toolkit 2.6.7
Posted May 3, 2021
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: Update to pam_oath. Updated gnulib files. Some build and documentation fixes.
tags | tool
systems | unix
MD5 | 0a3c0d9e1f8095c88657bfea8ad5d59f
SQLMAP - Automatic SQL Injection Tool 1.5.5
Posted May 3, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 2423575bab9b29b2cb5a2f5b97d36e86
GRAudit Grep Auditing Tool 3.0
Posted Apr 29, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fixed broken Java rule causing massive false positives. Additional PHP fruit rules added.
tags | tool
systems | unix
MD5 | 7c8dfb24277f5b0dfd742652a262a2a1
nfstream 6.3.1
Posted Apr 23, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Updated package requirements.
tags | tool, python
systems | unix
MD5 | 164192cf588a34eafd0b3a16210abc50
Wireshark Analyzer 3.4.5
Posted Apr 22, 2021
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Ten bug fixes have been applied along with a fix for a memory consumption vulnerability.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | ce626304a5a8d993794c5af45c82a594
Zeek 4.0.1
Posted Apr 22, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This is a release that addresses quite a few bugs including a null-pointer dereference vulnerability.
tags | tool, intrusion detection
systems | unix
MD5 | 610c02b5b5ccaea7a1ac377534ab1894
nfstream 6.3.0
Posted Apr 22, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Implemented tunnel_id extraction.
tags | tool, python
systems | unix
MD5 | b3798076bcfbe79af8c3a2679c128a4e
Scapy Packet Manipulation Tool 2.4.5
Posted Apr 20, 2021
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: 354 commits to Core master since last release. There is a new interfaces system, multiple bug fixes, and more.
tags | tool, scanner, python
systems | unix
MD5 | 7bf39994a6f476ecef96ff125ab18fe0
OpenSSH 8.6p1
Posted Apr 19, 2021
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Extensive amount of code clean ups and bug fixes have been applied.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | 805f7048aec6dd752584e570383a6f00
Faraday 3.14.4
Posted Apr 19, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated plugins package, which update the appscan plugin.
tags | tool, rootkit
systems | unix
MD5 | fc74cb6f2f886762d1c8581d79aa5e3a
nfstream 6.2.6
Posted Apr 15, 2021
Authored by Zied Aouini | Site github.com

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

Changes: Added support for pcapng format. Added pypy3.7 support. Improved error handling. nDPI updated and minor fixes.
tags | tool, python
systems | unix
MD5 | d988670353e4ddc6d45e557a2e5c294d
URLCrazy Domain Name Typo Tool 0.7.3
Posted Apr 14, 2021
Authored by Andrew Horton | Site github.com

URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.

Changes: Minor update with some bug fixes and improvements to the README.md.
tags | tool, web
systems | unix
MD5 | 70399a7f2746db5f47153ca373ef738c
Falco 0.28.0
Posted Apr 12, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Breaking changes include a deprecation of Bintray, SKIP_MODULE_LOAD env variable no more disables the driver loading, and the init.d service unit is not shipped anymore in deb/rpm packages in favor of a systemd service file. Various new additions including support for exceptions as rule attributes to provide a compact way to add exceptions to Falco rules.
tags | tool, intrusion detection
systems | unix
MD5 | 301aaacb650c7c8dee6e7b735a568627
GRAudit Grep Auditing Tool 2.9
Posted Apr 9, 2021
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Fix for GRDIR applied. Improved C fruit rules. Improved js fruit rules. Started python fruit rules. Updated documentation. Various other updates as well.
tags | tool
systems | unix
MD5 | 029e31f0ef65d5256fe9262e76b1f1a1
Clam AntiVirus Toolkit 0.103.2
Posted Apr 7, 2021
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.103.2 is a security patch release that addresses privilege escalation, buffer over-read, and denial of service issues.
tags | tool, virus
systems | unix
advisories | CVE-2021-1252, CVE-2021-1386, CVE-2021-1404, CVE-2021-1405
MD5 | 508e6988e2937985e702cc3a2202b6e7
Global Socket 1.4.29
Posted Apr 7, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Debian shenanigans and lint-party clean ups.
tags | tool, tcp
systems | unix
MD5 | d7bc24a986e64dd7f3543b8627533cb3
SQLMAP - Automatic SQL Injection Tool 1.5.4
Posted Apr 2, 2021
Authored by Bernardo Damele | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Minor release with no notes in the changelog.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 44cb9c378cd0433ae18b4bcf97cabedd
Global Socket 1.4.28
Posted Apr 1, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: Minor documentation updates.
tags | tool, tcp
systems | unix
MD5 | 5b953152490d47bb307a174acaf2f6a8
Faraday 3.14.3
Posted Mar 31, 2021
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added last_run to executors and agents. Added ignore info vulns option (from faraday-plugins 1.4.3). Multiple other modifications and additions. Added three new plugins and fixed some old versions of nessus plugins.
tags | tool, rootkit
systems | unix
MD5 | 13c2c92f9d427ac50f74688dd08838ac
Scapy Packet Manipulation Tool 2.4.5rc1
Posted Mar 31, 2021
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Release candidate 1 for 2.4.5. Various updates.
tags | tool, scanner, python
systems | unix
MD5 | e11cb37c83f2b1c1179aa293e1b53b81
OpenSSL Toolkit 1.1.1k
Posted Mar 25, 2021
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. Fixed an issue where an OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2021-3449, CVE-2021-3450
MD5 | c4e7d95f782b08116afa27b30393dd27
American Fuzzy Lop plus plus 3.12c
Posted Mar 24, 2021
Authored by van Hauser, thc, Heiko Eissfeldt, Andrea Fioraldi, Dominik Maier | Site thc.org

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

Changes: Improvements to afl-fuzz, afl-cc, qemu_mode, and unicorn_mode. Added DEFAULT_PERMISSION to config.h for all files created with 0600 setting.
tags | tool, fuzzer
systems | unix
MD5 | c7c227ffd3fdd61440c3f98fd1e5a380
Page 1 of 300
Back12345Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    27 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close