exploit the possibilities
Showing 76 - 100 of 7,031 RSS Feed

Security Tool Files

TestSSL 2.9.5-7
Posted Sep 7, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | 62c5148ca576b0ec7229775b1ec69720
SQLMAP - Automatic SQL Injection Tool 1.2.9
Posted Sep 5, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 001dd095cf0009c79d3e957e256abc10
Blue Team Training Toolkit (BT3) 2.8
Posted Sep 5, 2018
Authored by Juan J. Guelfo | Site encripto.no

Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.

Changes: SSL_TRUST option has been included in Maligno. Bug fixes and minor adjustments.
tags | tool, python
systems | unix
MD5 | 59ec404f377eafd4cfcca6d3b2ea9241
TestSSL 2.9.5
Posted Sep 5, 2018
Authored by Dr. Dirk Wetter | Site drwetter.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

Changes: This update contains a few bugfixes only.
tags | tool, scanner, protocol, bash
systems | unix
MD5 | da5717d95120b32fc3d0a5fe80454f59
Bro Network Security Monitor 2.5.5
Posted Aug 31, 2018
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Fixed signed/unsigned comparison warning. Fixed SMTP command string comparisons. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | 0731cac64562e113195a32758022f14e
GNU Privacy Guard 2.2.10
Posted Aug 31, 2018
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes and code improvements added.
tags | tool, encryption
MD5 | 3ae8bd6246367602e72571f7a6588bcd
Wireshark Analyzer 2.6.3
Posted Aug 31, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Reduce the Valgrind packet limit to 10,000 for Fuzz. Various other updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 716100be9027e735bba82a40db828abc
Faraday 3.0.1
Posted Aug 28, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated code to use Flask 1.0. Added threadfix integration (corp only). Fixed create_service fplugin. Executive report bug fixed on tags. Persistence server bug fixed on impact and ease of resolution. Various other updates and improvements.
tags | tool, rootkit
systems | unix
MD5 | 9b87ff400a365997e33259495ae6c199
Haveged 1.9.4
Posted Aug 27, 2018
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Added a fix to avoid misleading message if cmd socket is in use.
tags | tool
systems | linux, unix
MD5 | 95867032bb3f2abd36179f92e328e651
SQLMAP - Automatic SQL Injection Tool 1.2.8
Posted Aug 27, 2018
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Various updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | f8172574e6c94b3c3fdce9988fe1d65e
Ansvif 1.10
Posted Aug 27, 2018
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release comes with lots of bug fixes and a couple new features added to the GTK frontend.
tags | tool, fuzzer
systems | unix
MD5 | 6bf4770f84fcca587a06d84b04f577e3
I2P 0.9.36
Posted Aug 24, 2018
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Updated translations. Removed unused stream methods from I2NP. Various other updates.
tags | tool
systems | unix
MD5 | 483f60127927c008954b35e370065868
OpenSSH 7.8p1
Posted Aug 24, 2018
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: Multiple updates.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | ce1d090fa6239fd38eb989d5e983b074
Lynis Auditing Tool 2.6.8
Posted Aug 24, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Alpine Linux detection for Docker audit added. Improved display in Docker output for showing which keys are used for signing. Various other updates.
tags | tool, scanner
systems | unix
MD5 | 91a538055bfb682733ef8e4fe7eb0902
Mandos Encrypted File System Unattended Reboot Utility 1.7.20
Posted Aug 20, 2018
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | tool, remote, root
systems | linux, unix
MD5 | 0bba68e11c8427696515793eaef2d6cc
OpenSSL Toolkit 1.1.0i
Posted Aug 17, 2018
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Addressed a client denial of service due to a large DH parameter addressed. Cache timing vulnerability fixed. Various other updates and fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2018-0732, CVE-2018-0737
MD5 | 9495126aafd2659d357ea66a969c3fe1
FireHOL 3.1.6
Posted Aug 13, 2018
Authored by Costa Tsaousis | Site github.com

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Multiple fixes added to FireHOL. FireQOS had a status fix and has updated sample service definitions to start after network. Various other components were updated as well.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 4a8ce84950cf1303fa4ad1ff8c5f424a
Lynis Auditing Tool 2.6.7
Posted Aug 9, 2018
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added busybox as a service manager. Changed classification of SSH root login with keys. Various other updates.
tags | tool, scanner
systems | unix
MD5 | 4614aab3885bbe05827c0ba5ca1103f5
Fwknop Port Knocking Utility 2.6.10
Posted Aug 8, 2018
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added MAX_FW_TIMEOUT to access.conf stanzas to allow a maximum number of seconds for client-specified timeouts in SPA packets. Bug fix in CMD_EXEC mode to make sure to call exit() upon any error from execvpe(). Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 5b5850ab8684ce0bdf52ef400a83065c
Hashcat Advanced Password Recovery 4.2.1 Source Code
Posted Aug 7, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Fixed a buffer overflow in precompute_salt_md5() in case salt was longer than 64 characters. Various other fixes and improvements.
tags | tool, cracker
systems | unix
MD5 | e55a3235e87612b449cf2d9bc47a96ed
Hashcat Advanced Password Recovery 4.2.1 Binary Release
Posted Aug 7, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Fixed a buffer overflow in precompute_salt_md5() in case salt was longer than 64 characters. Various other fixes and improvements.
tags | tool, cracker
MD5 | e0c04565eb1fec521f55b5d25b235983
Hashcat Advanced Password Recovery 4.2.0 Source Code
Posted Aug 3, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Added 4 hash modes. Various other fixes and improvements.
tags | tool, cracker
systems | unix
MD5 | b67abfb8e995de46f414b726468a3fc5
Hashcat Advanced Password Recovery 4.2.0 Binary Release
Posted Aug 3, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Added 4 hash modes. Various other fixes and improvements.
tags | tool, cracker
MD5 | 95ed4ef67b7140cf3f4dc8bf1d17af02
Falco 0.11.1
Posted Jul 31, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed a problem that caused the kernel module to not load on certain kernel versions.
tags | tool, intrusion detection
systems | unix
MD5 | 2c364a28eed999aba8e007dddf9be6dc
Faraday 3.0
Posted Jul 27, 2018
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Interface removed from model and from persistence server lib. Performance improvements on the backend. Add quick change workspace name. Various other updates and improvements.
tags | tool, rootkit
systems | unix
MD5 | 36e7f74b93b8cf2944b57637aeab6d30
Page 4 of 282
Back23456Next

File Archive:

January 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    15 Files
  • 2
    Jan 2nd
    15 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    1 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    24 Files
  • 8
    Jan 8th
    15 Files
  • 9
    Jan 9th
    16 Files
  • 10
    Jan 10th
    23 Files
  • 11
    Jan 11th
    17 Files
  • 12
    Jan 12th
    3 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    33 Files
  • 16
    Jan 16th
    23 Files
  • 17
    Jan 17th
    29 Files
  • 18
    Jan 18th
    15 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close