KeySweeper is a stealthy Arduino-based device, camouflaged as a functioning USB wall charger, that wirelessly and passively sniffs, decrypts, logs and reports back (over GSM) all keystrokes from any Microsoft wireless keyboard in the vicinity.
7d3cce0ee36f29266235b182ba2142ade64c886109aa061d0884fbcfb4375461This tool extracts credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, and more from a pcap file or from a live interface.
6a4ebb9233e9c4bc5f6625c3d1e68f90988774a7b8b02f8e394c0e6d53a1ddedhttpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
ef53454f895f68005f7b9ab634d1b433c4df839eacea9109e4ee48d4296fb613netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
80436a306947e6c541d573c897cf64e1f223b867f571fabe74cea2ab512aa13cnetsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
ed1a222a43a37f6fb8b8e7da260280f33fd005af5235cf63c75266c05508924enetsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
72e802f84e9a2666d71a07b9b2fee2f975659fa1a31baeb810c3bb775f538738netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
be656505a745b41a05dc5fcf746b167dbb7dce761520725f93f79d222c6e5357Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
a7eeb7f0852c3f890b1cf069da1c6007331be8b19ddd6ca7025e8cfe208f0861MF Sniffer is a python script for capturing unencrypted TSO login credentials. It requires Scapy. Given an interface, IP and port this script will try to sniff mainframe user IDs and passwords sent over cleartext using TN3270 (tested against x3270, TN3270Plux and TN3270X). This script does not work if the mainframe is using SSL encryption.
2f8ddc0ba0bec2aac0376b8862e3276847ef5e50cf7cb4cd1696b477d19a726dHexInject is a hexadecimal and raw packet injector and sniffer. It can be easily combined with other tools to provide a powerful command line framework for raw network access. It will automatically set the correct checksum (IP, TCP, UDP, ICMP).
329f0686069988ac0dae4a00082b205ac9669bc8e202d4b112c600bcbc198ce9netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
ab4e1ef6aadb00b998349aff66e4e1cec53910113344c53ac8eb947fd46b5e89UC Sniff is a VoIP/UC Sniffer / Assessment / Pentest tool with some useful new features, such as IP Video Sniffing. UCSniff is a Pro of of Concept tool to demonstrate the risk of unauthorized recording of VoIP and Video - it can help you understand who can eavesdrop, and from what parts of your network. It is intended for next generation enterprise VoIP/UC Infrastructures that rely on Voice VLANs to segment UC applications for QoS requirements. UCSniff was born from pentesting and the "VoIP Hopper" tool as an idea to combine automated Voice VLAN Discovery and VLAN Hop with MitM, along with targeted VoIP attacks against users in the VoIP Corporate Directory. Eavesdropping is one of many potential UC-specific attacks that can take place, and UCSniff can be used by other researchers and security professionals as a base tool to explore this idea. UCSniff is a text and GUI application, written in C/C++, that runs in the Linux and Windows OS environment. It is freely available under the GPLv3 license for anyone to download and use.
31c61d8d179ca67e76b8f36f1e366088b663c0282554470ac68d0535614f9b33Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
ad968798c1c3dc2e811d17b3502b2237418f4680838c912b55636ed2b18b1027Intercepter-NG [Console Edition] is a sniffer that offers various capabilities including sniffing for password hashes related to ORACLE/MYSQL/VNC/NNTP/CVS/WWW/HTTP/SOCKS/MRA/FTP/POP3/SMTP/IMAP/LDAP/AIM. It works on NT/Linux/BSD/IOS/Android and is optimized for screen size 80x30 or higher.
5f7266338e53e4318d99d392ca8aa81bda985a3b34aa8b12b8fdf6fc55f2f586Sagan is multi-threaded, real-time system- and event-log monitoring software, but with a twist. Sagan uses a "Snort" like rule set for detecting nefarious events happening on your network and/or computer systems. If Sagan detects a "bad thing" happening, it can do a number of things with that information. Sagan can also correlate the events with your Intrusion Detection/Intrusion Prevention (IDS/IPS) system and basically acts like an SIEM (Security Information and Log Management) system.
6c4fe7128a01c6f309bd181563c54cdf0abf2f623db78e0207f9c69176b15858netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.
64b06725a19d2103aeefa1b60d166657ed3008f8a94691a6ec883708348de227Aanval is the industry's most comprehensive snort and syslog intrusion detection, correlation and management console. Aanval is designed specifically to scale from small single sensor installations to global enterprise deployments. Aanval is browser based and designed to work on all current variants of UNIX, Linux and Mac OS X.
29cb7e0c535a6404936891ae9b0a751ee670c68ad1e549eedae7aa5f981c682bhttpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
00debb88f90f79d65dcbcc590c2a1172411f70f9134a9367f29c113594d7b9faThis is a bash script to use in conjunction with Backtrack that simplifies the spawning of various sniffers.
f47f5904466161ca77c2e5dfe50b339c668137229b6b7c9220564c7df7b59982This sniffer has an ncurses user interface, network statics for many different protocols, a view into active TCP connections, UDP packets, ICMP packets, and more.
20edb03065ae08c88c2ecc1b5358f2f44567966ddbd835acba99e4890c9e55ddS.S.T (Save Typed Text) javascript proof of concept keylogging code.
3d93476f79d386daaf0081e819a0e2b9b68992bbd8af9ed271d5b909759e9021PZIDS (Peta Zetas IDS) is a tool to test if your IDS is detecting threats properly. Written in Python.
782a38ad56fd8b478a46cd9fec2b164e0e758d8def1fc0aeb7f24a95cc747b14Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
04d375b627dd256d6257f2cbe5a770e4552e3f35d5e2100b97f75426b600d8cbEttercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.
9b5abd2dad2b6df91658086ceed6962a6b985ac25de8fa38f0195d68639ba55b0x4553-Intercepter is a WinPcap-based sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.
25362e9cea7e4f4cda7174fcbdb2dece439046aef654cee2fd1018136c073f8b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed