Simple Packet Forwarder for Linux on the datalink level. Uses Libvsk.
c2ecda53d1964843248b9ebc23e2bc7249f516f195cae8a84c10f8ea0c299168
Libvsk is a set of libraries for network traffic manipulation from userlevel, with some functions of filtering/sniffing.
8bcc1a1790c4aa4e03c23b681e4033744bc8888256fc13f3662c29c20970762f
Syscall Monitor for FreeBSD - Using this tool you are allowed to monitor the use of the syscalls on your system and to prevent their execution for the specified users/groups.
d9917c7e535881afb784448565f8b5f170a26741c2baafcd4b532524c70a54d5
Securelevel Bypass - This kld gives you permission to load/unload a kld and modify a sysctl value even if you aren't root and securelevel is higher than 0.
2a0b20d98a3ea5ceca6c235d0dcd59e29d5642d989f65b4e5095adf6f65c0485
Anti Anti Sniffer Patch - Linux kernel patches to hide a sniffer from the most known anti-sniffers.
7898d92bbea3bdade89593e2f3ef566f7eaca0acda46611ec918606a1e054c0f
Kstat is a tool for Linux which can find an attacker in your system by a direct analysis of the kernel via /dev/kmem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
88b0b99c154e47fea38908d1d46542850be4215cd28ce2024ba4ade238b560a1
Ksec (Kernel Security Checker) is a tool for FreeBSD and OpenBSD which can find an attacker by direct analysis of the kernel via /dev/mem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). KSec can find the modified syscalls from userspace, detect the promisc interfaces, find the modifications applied to a protocol and much more.
1a4530115327bcbd02ef7104acaefc72ddfea1d0db0e12252f7b0ee3fdfa0a1f
Sinto.c is an interactive tty hijacker for Linux.
2545a9c0855c78b989ac5e2761936838dd95a63705a98662686aeed743282260
LKM for OpenBSD which makes ipfilter always accept packets from a certain IP.
197676aa8158610f0465e0cbff238d7ad65f3f6f057fb6ddd92a4d63386fcc6c
Anti-spoofing lkm for OpenBSD via setsockopt() - detects and logs IP header manipulation.
fca4eaa52977935a2efb9a116a709ae0a74a82aa8047fb6d7c04baf8fddfd9e4
Total obscurity for BPF Promisc Mode. OpenBSD Port.
4075e9176076c0914106ea44b5e66b037da9891ef3eb9c883807688ff1af19b2
SRaw for FreeBSD ( sock.c ) - Enables all users to open raw sockets.
031d603337d3c77dcca435afe3641d180032d7eff7eda4e2da825be6148d4d91
LKM for FreeBSD which makes ipfilter always accept packets from a certain IP.
d411790929f20a121f5c4adfb5b253210f3b91a01fbfc42a70416a71e1ff5ec4
Linux kernel 2.2.x implementation of the CaRoGNa 2.0.x module Secret technique of the divine HOKUHACKO school [ Hokuto No Ken rules ;)] Sacred Strike of the Modular Renewal that bumps root down.
2bf133e86ea4fc0e68826e775d8668b2e43f6fcbf8405c0482cbca6bbceed460
Simple module to prevent lame people from using your box as a launch base for spoofed ip packets. Intercepts the socketcall() system call looking for the IP_HDRINCL parameter passed via setsockopt().
f2a3456b36ee72088bb3f22154d0d0757742823d0a1f5aa1bbe881390873b18e
Linux Loadable Kernel Module to keep an eye on the system, and add security 'on the fly' to a prexisting running box. Contains a simple implementation of BSD securelevels, while waiting for the official 'in-distro' arrival of Linux Capabilities [POSIX 1.e] in 2.4.x and strong ACLs.
acb13ad23d34d3ac027d69404c713c283d541fe9f98969f2779ff97bcff33812
DETECT UDP SP00FiNG ON OUR FREEBSD BOX VIA KLD.
11818d662899f1f3be9befbe3281444ed8c4bb2041a3cb4441cf83924c29f7d8
LKM Detector - This module lets you a compare between a syscall & its kernel function, so you can detect any lkm which modifies your system. More documentation available here.
4dd86712125cd0e0aa3f86be78658c7384fc49ad18e49214d42677ca2d36a51b
s0ftpj snmp community name sniffer.
b045cba106f925e47765e9721dffa6e74e74231ba4043f0d3d73f43f57bab70c
IP_HDRINCL protection beta version 1.
7aa4377e96ae6d5a56e9a8b54c43ebb66246e4eb4db2d225719debea79ca60dc
Total obscurity for BPF Promisc Mode.
c8c67b00a7d8e3402342580f91f8c081512aed840c76ef6935fdc3c782677947
This simple source code uses sysctlbyname() to fetch statistics for a protocol that you can use for security purposes or for kernel testing.
f2452776425ae8565c153915701d04ef8305cbbdb0c2a5c86bafeb1133367914
IGMP/ICMP/IPIP/IDP/RSVP/IPIP/IPPROTO_RAW KERNEL CHECKER.
88d150b0fb1f12572bd32f4c4c131012166c8ebc26ac873c1c57d35c641e1113
Anti-spoofing lkm for FreeBSD via setsockopt() - detects and logs IP header manipulation.
6767ad2628aeb75102b54f33c88228bce7c4be5f07f5cbae3e4f3913921460c4
Simple Example of log for bad packets.
76919eef44ccbc084bae1b1b2858c154e8ae5fb096cbd787fb5ffe140a252a27