Exploit the possiblities
Showing 1 - 25 of 6,782 RSS Feed

Security Tool Files

Haveged 1.9.2
Posted Nov 17, 2017
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Added cross compile fixes contributed by Robert Schwebel. Limited watermark max to less than pool size to avoid 100% cpu condition. Added service.suse init script.
tags | tool
systems | linux, unix
MD5 | fb1d8b3dcbb9d06b30eccd8aa500fd31
Flawfinder 2.0.5
Posted Nov 17, 2017
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: Added detection of crypt_r function. Added detection of errant equal, mismatch, and is_permutation. Updated CWE, risk, and discussion for C++14 STL functions. Fixed hit count reporting. Updated www.dwheeler.com URLs to use https.
tags | tool
systems | unix
MD5 | e7b9a9c35661007fe5a9cb6aea8c865f
I2P 0.9.32
Posted Nov 14, 2017
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: This release contains a number of fixes in the router console and associated webapps (addressbook, i2psnark, and susimail). Various updates and bug fixes.
tags | tool
systems | unix
MD5 | d11d9f9cc9927dddc9d2089a1aaaeb80
PTP-RAT Screen Share Proof Of Concept
Posted Nov 9, 2017
Authored by Alan Monie | Site github.com

PTP-RAT is a proof of concept that allows data theft via screen-share protocols. Each screen flash starts with a header. This contains a magic string, "PTP-RAT-CHUNK" followed by a sequence number. When the receiver is activated, it starts taking screenshots at twice the transmission frequency (the Nyquist rate). When it detects a valid header, it decodes the pixel colour information and waits on the next flash. As soon as a valid header is not detected, it reconstructs all the flashes and saves the result to a file. To transfer a file, you run an instance of the Rat locally on your hacktop, and set that up as a receiver. Another instance is run on the remote server and this acts as a sender. You simply click on send file, and select a file to send. The mouse pointer disappears and the screen begins to flash as the file is transmitted via the pixel colour values. At the end of the transfer, a file-save dialog appears on the receiver, and the file is saved.

tags | tool, remote, protocol, rootkit, proof of concept
MD5 | a9f22c83ef28df19417af14c266ee39a
Faraday 2.7
Posted Nov 8, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added "Last modified" and "Created" in Hosts view. Multiple bug fixes and various new plugins.
tags | tool, rootkit
systems | unix
MD5 | 74cb5646482f035342c238e40d1dd977
Hashcat Advanced Password Recovery 4.0.1 Source Code
Posted Nov 7, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Fixed a memory leak while parsing a wordlist. Fixed compile of kernels on AMD systems on windows due to invalid detection of ROCm. Various other fixes.
tags | tool, cracker
systems | unix
MD5 | e6b3f6623d3edaf15a573641ffcd1645
Hashcat Advanced Password Recovery 4.1.0 Binary Release
Posted Nov 7, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Fixed a memory leak while parsing a wordlist. Fixed compile of kernels on AMD systems on windows due to invalid detection of ROCm. Various other fixes.
tags | tool, cracker
MD5 | 0abd25079306015c70ef20dd3f621e05
Linux Soft Exploit Suggester 0.6
Posted Nov 6, 2017
Authored by Belane | Site github.com

linux-soft-exploit-suggester finds exploits for all vulnerable software in a system helping with the privilege escalation. It focuses on software packages instead of Kernel vulnerabilities.

tags | tool, kernel, vulnerability
systems | linux, unix
MD5 | b248537a3fb85ecece3d4a20f333b5d7
IPSet List 3.7
Posted Nov 5, 2017
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Changes: Various updates.
tags | tool, firewall, bash
systems | linux, unix
MD5 | 35e7964621a48d4529793f96061074fd
Tinc Virtual Private Network Daemon 1.0.33
Posted Nov 5, 2017
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Allows compilation from a build directory. Source code clean ups. Various bug fixes.
tags | tool, encryption
systems | unix
MD5 | f9080dc5f8b1c135da43b9533f69a0bb
OpenSSL Toolkit 1.0.2m
Posted Nov 4, 2017
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: bn_sqrx8x_internal carry bug on x86_64 was addressed. A malformed X.509 IPAddressFamily out-of-bounds read was addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2017-3735, CVE-2017-3736
MD5 | 10e9e37f492094b9ef296f68f24a7666
Samhain File Integrity Checker 4.2.3
Posted Nov 1, 2017
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 437fb656747dd312044f16e09c35c6aa
MIMEDefang Email Scanner 2.83
Posted Nov 1, 2017
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Minor tweaks to the sample filter. Updates to mimedefang-multiplexor. Various other updates.
tags | tool
systems | windows, unix
MD5 | 77b2f2178727dc600a9c1cf075b0ecd8
Lynis Auditing Tool 2.5.7
Posted Oct 30, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Update of Portuguese translation. Added --silent as alias for --quiet. Reduced screen output when running non-privileged. IsRunning function now allows full name process match.
tags | tool, scanner
systems | unix
MD5 | 0e970e8849a2e655246709fff0123525
Lynis Auditing Tool 2.5.6
Posted Oct 27, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added additional keywords for banners. DirectAdmin extensions. Enhancements to process detection. Spanish translation extended. Extended HP-UX support. Only show relevant messages in report.
tags | tool, scanner
systems | unix
MD5 | af6de0260dd14ddfcb95f1ac9fb2ed98
Hashcat Advanced Password Recovery 4.0.0 Source Code
Posted Oct 27, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Added support to crack passwords and salts up to length 256. Added option --optimized-kernel-enable to use faster kernels but limit the maximum supported password- and salt-length. Added self-test functionality to detect broken OpenCL runtimes on startup. Various other additions.
tags | tool, cracker
systems | unix
MD5 | 5cfa32159eb1177bd5b0c6bc8f9f52ac
Hashcat Advanced Password Recovery 4.0.0 Binary Release
Posted Oct 27, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release..

Changes: Added support to crack passwords and salts up to length 256. Added option --optimized-kernel-enable to use faster kernels but limit the maximum supported password- and salt-length. Added self-test functionality to detect broken OpenCL runtimes on startup. Various other additions.
tags | tool, cracker
MD5 | 24796666d5409b2b73e2025fb739a4ef
Ansvif 1.8.1
Posted Oct 26, 2017
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: Bug fixes and a new option to let you control if null characters are in the fuzz.
tags | tool, fuzzer
systems | unix
MD5 | 958bee7b83ae584ad404b7efaa9635ac
TOR Virtual Network Tunneling Tool 0.3.1.8
Posted Oct 26, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.1.7 is the second stable release in the 0.3.1 series. It includes several bugfixes, including a bugfix for a crash issue that had affected relays under memory pressure. It also adds a new directory authority, Bastet.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | d04334a15527f9391a46d5ebf3d34782
Fuzzing Font Parsing
Posted Oct 23, 2017
Authored by James Fell

This article presents a cross-platform test harness written in Python that assists the user in searching for vulnerabilities in web browsers, specifically by fuzzing their font parsing functionality. The tool automates the delivery of test cases (font files in this context) into a web browser. The creation of a corpus of mutated TTF font files suitable for use in fuzzing is also covered.

tags | tool, web, vulnerability, python, fuzzer
systems | unix
MD5 | 9836d6b3407dbfd2c3fa9eee3efaf3c7
Suricata IDPE 4.0.1
Posted Oct 18, 2017
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: This is regular bug fix release fixing various issues. Also added is much improved Napatech support.
tags | tool, intrusion detection
systems | unix
MD5 | d05b323b2554e02678dfc896bb7cc6e7
Faraday 2.6.3
Posted Oct 18, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated Core Impact plugin to be compatible with 2016 version. Improved loading of fields request and website in Burp Plugin. Improved Nexpose Full plugin. Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions.
tags | tool, rootkit
systems | unix
MD5 | b2ee214f83214420e88ea9ae5cf07015
Bro Network Security Monitor 2.5.2
Posted Oct 16, 2017
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro 2.5.2 fixes a security issue in the ContentLine analyzer. In rare cases a bug in the ContentLine analyzer can lead to an out of bound write of a single byte. This allows a remote attacker to crash Bro; there also is a possibility this can be exploited in other ways.
tags | tool, intrusion detection
systems | unix
MD5 | c2de260b7592418e3f136a46a069f8d1
Macro Pack 1.1
Posted Oct 13, 2017
Authored by Emeric Nasi | Site github.com

macro_pack is a tool used to automate obfuscation and generation of MS Office documents for penetration testing, demo, and social engineering assessments. The goal of macro_pack is to simplify bypassing anti-malware solutions and automate the process from vba generation to final Office document generation.

tags | tool
MD5 | e03b77c16a16ab4c892b08e64966c673
Falco 0.8.1
Posted Oct 12, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed packaging to specify correct built-in config file.
tags | tool, intrusion detection
systems | unix
MD5 | f3c654ded00f3186f3ff92320204a747
Page 1 of 272
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close