Section: .. / UNIX / scanners /
| /// File Name: |
fwknop-1.9.9.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap. Added support to fwknop for the Linux 'any' interface. Added support for interfacing fwknop with third party software through the addition of three new variables in the access.conf file.Various other fixes and additions.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | File Size: | 595157 | | Last Modified: | Nov 21 13:24:09 2008 |
| MD5 Checksum: | 3e5d47e14a26071ba4cce04dfcb3bebd |
|
| /// File Name: |
dps-v1.5.tar.gz |
Description:
|
Dynamic Port Scanner - The sole idea of the Dynamic Port Scanner (DPS) is to provide a reliable spoofed source IP port scanner. The spoofed source IP is dynamically generated at run time and it varies for every scan packet; every scan packet carries a random spoofed source IP. Traditionally, a port scan with a spoofed source IP has been considered unreliable due to the fact that reply packets would not reach back the scanning system. However, the technique used by DPS ensures the reliability of such spoofed scan.
| | Author: | AR Samhuri | | Homepage: | http://www.securebits.org/dps.html | | File Size: | 1599676 | | Last Modified: | Nov 16 19:03:00 2008 |
| MD5 Checksum: | c36bf435c9d408a3b3617f3dbfef97f5 |
|
| /// File Name: |
MultiInjectorV0.3.tar.gz |
Description:
|
MultiInjector is an automatic SQL injection utility. It uses a list of URI addresses to test parameter manipulation. Once a vulnerable parameter has been found, a signature-evasive SQL injection is performed in order to achieve arbitrary OS command execution and automatic defacement on database server. Written in Python.
| | Author: | Raviv Raz | | Homepage: | http://chaptersinwebsecurity.blogspot.com/ | | File Size: | 4276067 | | Last Modified: | Nov 13 18:59:07 2008 |
| MD5 Checksum: | 4b24afb3d2c469765e734df2272a78f9 |
|
| /// File Name: |
miranda.tar.gz |
Description:
|
Miranda is a Python-based Universal Plug-N-Play client application designed to discover, query and interact with UPNP devices, particularly Internet Gateway Devices (aka, routers). It can be used to audit UPNP-enabled devices on a network for possible vulnerabilities.
| | Author: | Craig Heffner | | Homepage: | http://www.sourcesec.com/ | | File Size: | 21374 | | Last Modified: | Nov 7 20:59:32 2008 |
| MD5 Checksum: | 7a918e216859c92bc47dec41ced50092 |
|
| /// File Name: |
MultiInjectorV0.2.tar.gz |
Description:
|
MultiInjector is an automatic SQL injection utility. It uses a list of URI addresses to test parameter manipulation. Once a vulnerable parameter has been found, a signature-evasive SQL injection is performed in order to achieve arbitrary OS command execution and automatic defacement on database server. Written in Python.
| | Author: | Raviv Raz | | Homepage: | http://chaptersinwebsecurity.blogspot.com/ | | File Size: | 4273922 | | Last Modified: | Nov 1 01:22:50 2008 |
| MD5 Checksum: | 34c098ae9d170de060e78c05df54e6d7 |
|
| /// File Name: |
multiinjector.tgz |
Description:
|
Unavailable.
| | File Size: | 3249 | | Last Modified: | Oct 24 18:02:18 2008 |
| MD5 Checksum: | 05359b19a76e3caf9c57a6c33547473a |
|
| /// File Name: |
iaxscan-0.02.tar.gz |
Description:
|
iaxscan is a Python based scanner for detecting live IAX/2 hosts and then enumerating (by bruteforce) users on those hosts. It does so, in an obvious fashion, by sending valid IAX/2 requests and monitoring responses.
| | Author: | nnp | | Homepage: | http://code.google.com/p/iaxscan/ | | File Size: | 12650 | | Last Modified: | Oct 15 20:22:08 2008 |
| MD5 Checksum: | c52ac8cd7fcb126d15871b31d565dbe9 |
|
| /// File Name: |
mms-03.tgz |
Description:
|
Mini MySqlat0r is a multi-platform application used to audit web sites in order to discover and exploit SQL injection vulnerabilities. It is written in Java and is used through a user-friendly GUI that contains three distinct modules. Program and source code are both included in this tarball.
| | Homepage: | http://www.scrt.ch/pages_en/minimysqlator.html | | File Size: | 771464 | | Last Modified: | Oct 14 16:24:29 2008 |
| MD5 Checksum: | d655551204886de47d3b8b779e4b27ba |
|
| /// File Name: |
depant-0.1a.tgz |
Description:
|
Depant, or DEfault PAssword Network Tool, is a scanner that will map out your local network and attempt to check it with a default password list.
| | Author: | Aaron Peterson | | Homepage: | http://midnightresearch.com/ | | File Size: | 359789 | | Last Modified: | Oct 13 20:48:54 2008 |
| MD5 Checksum: | 7c820231c63fdcaebc1ad9cb6721b492 |
|
| /// File Name: |
scapy-2.0.0.10.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes and enhancements. | | File Size: | 182350 | | Last Modified: | Oct 9 18:57:28 2008 |
| MD5 Checksum: | 41834e40e531b1b51911e34dafb6049e |
|
| /// File Name: |
fwknop-1.9.8.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Added GPG_NO_REQUIRE_PREFIX to access.conf. Bugfix to make sure that neither fwknop nor fwknopd reference any options file in GnuPG mode. Added the ability to control the path used for the gpg binary. Various other fixes and additions. | | File Size: | 580242 | | Last Modified: | Oct 1 17:41:14 2008 |
| MD5 Checksum: | 8dac0e2fc52ab4508563efe3617721f0 |
|
| /// File Name: |
geoipgen0.2b.tgz |
Description:
|
geoipgen is an IP network tool written in Ruby for generating geotargeted lists of IP Addresses using MaxMind's Free Open Source GeoLite Country database (www.maxmind.com). Examples: Generate all IPs for New Zealand (./geoipgen -s nz), generate 10,000 random ips for far east asia (geoipgen -n 10000 cn hk mn tw mo jp kr kp), indefinitely generate random ips for japan (geoipgen jp).
| | Author: | Andrew Horton | | Homepage: | http://code.google.com/p/geoipgen/ | | File Size: | 4655 | | Last Modified: | Sep 30 20:17:03 2008 |
| MD5 Checksum: | 06d980f9429355c1e752310261882c59 |
|
| /// File Name: |
sp3.rar |
Description:
|
SQL Playground (sp) is a command line prompt written in PHP which aims to provide an adapted environment for SQL injection attacks.
| | Author: | real | | Homepage: | http://www.real.o-n.fr/ | | File Size: | 22025 | | Last Modified: | Sep 28 14:39:44 2008 |
| MD5 Checksum: | a185edab95464452e0032fad3264faa6 |
|
| /// File Name: |
synner.c |
Description:
|
Synner is a custom eth->ip->tcp packet generator (spoofer) for testing firewalls and dos attacks. It is capable of sending large amounts of prebuilt tcp packets (very quickly) with user defined ips, macs, tcp flags, window sizes, payload lengths and more.
| | Author: | sm4x | | File Size: | 13232 | | Last Modified: | Sep 10 04:36:00 2008 |
| MD5 Checksum: | 30da5cf59aa9906478c1d041d92c6efe |
|
| /// File Name: |
proxyScan-0.3.tgz |
Description:
|
proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.
| | Author: | Ed Blanchfield | | Homepage: | http://www.e-things.org/ | | File Size: | 3916 | | Last Modified: | Sep 9 17:41:24 2008 |
| MD5 Checksum: | d188669d4f40454a187abe673f3e9b86 |
|
| /// File Name: |
informer.txt |
Description:
|
1nf0rm3r is a quick perl script that extracts database information from a website once leveraging a SQL injection vulnerability.
| | Author: | sm4x | | File Size: | 5583 | | Last Modified: | Sep 8 11:17:00 2008 |
| MD5 Checksum: | 438e6e817a02d453c4c9b61e09cd44cf |
|
| /// File Name: |
lynis-1.2.0.tar.gz |
Description:
|
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
| | Author: | Michael Boelen | | Homepage: | http://www.rootkit.nl/projects/lynis.html | | Changes: | Multiple new tests added, various support added, and various changes. | | File Size: | 71510 | | Last Modified: | Aug 29 01:16:03 2008 |
| MD5 Checksum: | 7b66c5c9f4febd9441c0cc63ded8c345 |
|
| /// File Name: |
fwknop-1.9.7.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Mirek Trmac from Red Hat contributed several patches so that fwknop can be bundled within the Fedora Linux distribution. Updated fwknop, fwknopd, and knoptm to import perl modules out of the /usr/lib/fwknop/ directory if it exists. Added module version output for each non-core perl module used by fwknop and fwknopd in --debug mode. Various other additions and fixes. | | File Size: | 572921 | | Last Modified: | Aug 25 20:21:55 2008 |
| MD5 Checksum: | 955a2a920aeeab655d16da212f70b5e8 |
|
| /// File Name: |
Grendel-Scan-v1.0-src.zip |
Description:
|
Grendel-Scan is an open-source web application security testing tool. It has an automated testing module for detecting common web application vulnerabilities, and features geared at aiding manual penetration tests.
| | Author: | David Byrne | | Homepage: | http://grendel-scan.com/ | | File Size: | 917014 | | Last Modified: | Aug 20 03:29:57 2008 |
| MD5 Checksum: | 15ad913facfcb8075b5b038f9cc19358 |
|
| /// File Name: |
modscan.py.txt |
Description:
|
ModScan is a new tool designed to map a SCADA MODBUS TCP based network. The tool is written in python for portability and can be used on virtually any system with few required libraries.
| | Author: | Mark Bristow | | Homepage: | http://modscan.googlecode.com/ | | File Size: | 5385 | | Last Modified: | Aug 20 03:24:40 2008 |
| MD5 Checksum: | a884da5a3df280eab12fd998cf7dbf8b |
|
| /// File Name: |
porkbind-1.3.tar.gz |
Description:
|
Porkbind is a robust and recursive DNS server vulnerability scanner which retrieves version.bind information for the nameservers and produces a report.
| | Author: | Derek Callaway | | Homepage: | http://innu.org/~super | | Changes: | Wrote in-a-bind shell script that scans random domain names from DMOZ. Implemented recursive query testing. Various other fixes and additions. | | File Size: | 43416 | | Last Modified: | Aug 18 18:18:31 2008 |
| MD5 Checksum: | 0f9eba661fd9187b6c488c8f6e587bc8 |
|
| /// File Name: |
inguma-0.0.9.1.tar.gz |
Description:
|
Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, and a disassembler.
| | Author: | Joxean Koret | | Changes: | Various bug fixes, new modules added, and a lot of new exploits. | | File Size: | 5024865 | | Last Modified: | Aug 12 23:32:24 2008 |
| MD5 Checksum: | 55407b5f254d9e8bb25cece11c8d38e7 |
|
| /// File Name: |
p0f-2.0.8-db-20080806.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
| | Author: | Michal Zalewski,David Coomber | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Added better handling of MySQL error codes. | | File Size: | 142878 | | Last Modified: | Aug 8 14:58:33 2008 |
| MD5 Checksum: | b85bbe604ddd7cb813e7d132655ccc72 |
|
| /// File Name: |
arp-scan-1.7.tar.gz |
Description:
|
arp-scan sends ARP (Address Resolution Protocol) queries to the specified targets, and displays any responses that are received. It allows any part of the outgoing ARP packets to be changed, allowing the behavior of targets to non-standard ARP packets to be examined. The IP address and hardware address of received packets are displayed, together with the vendor details. These details are obtained from the IEEE OUI and IAB listings, plus a few manual entries. It includes arp-fingerprint, which allows a system to be fingerprinted based on how it responds to non-standard ARP packets.
| | Author: | Roy Hills | | Homepage: | http://www.nta-monitor.com/tools/arp-scan/ | | File Size: | 344771 | | Last Modified: | Aug 1 17:46:09 2008 |
| MD5 Checksum: | a9927dba2b1dbdfd1c3b3bb09615fc14 |
|
| /// File Name: |
porkbind-1.2.tar.gz |
Description:
|
Porkbind is a robust and recursive DNS server vulnerability scanner which retrieves version.bind information for the nameservers and produces a report.
| | Author: | Derek Callaway | | Homepage: | http://innu.org/~super | | Changes: | Prints out version string every time even if it is not parsable, Removed the -f command line option, Updated porkbind.conf with all the latest CERT advisories for BIND, and more. | | File Size: | 38019 | | Last Modified: | Jul 30 23:53:27 2008 |
| MD5 Checksum: | 4253288959d7ac8386fe2432cae1aaad |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
