Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers.
05c63c71e3f6ffd1f57bd602f09e0748166a5c36cd391e1714ff3d36ec28bec0
Narrow Security Scanner is a perl script which checks for 190 remote vulnerabilities. Tested on Slackware 4.0, Red Hat (4.2, 5.0, 6.0), SuSE 6.1, FreeBSD 3.0 & OpenBSD 2.5.
989a1e7d2ce2e359558585c2354c575e86de210466a48e25f799260cbf8fd649
Root Access Portscanner is a windows based portscanner that scans a remote computer and looks for open ports.
e046eeb1edcf442b0634f51b85633aa5e7bab803ed327a17d09ac104fb60eab2
Root Access Cached Password Explorer is a very handy tool that finds cached password on your computer.
4cfd0d9a7a4f4498ab0a0dfb352532eb909d525d6476c5038b5b3f33cd1f778b
Root Access Anonymous Emailer is an anonymous email program that can send email to anyone and you, the user can make it look like it came from ANY address.
dd32828ac2f21615142a16f27850b984a23f810a8e5ca021a4dce286a0282eaf
fwtable.pl (ver 1.0), used to convert your Checkpoint Firewall-1 connections table into human readable form. Documentation here.
93b2d75bb002c81f7bfb72a4deaa1af4ba6e4130e5a4b81bd73018ae34984d87
IDS Alert Script (ver 1.3) for Checkpoint Firewall-1 (Unix only). Build Intrustion Detection into your firewall. Features include: Automated alerting, logging, and archiving, Automated blocking of attacking source, Automated identification and email remote site, and Installation and test script. Ver 1.3 Optimized for performance, over 50% speed increase. Documentation here.
10f4b8a670367efd29cc6f1e2b1080b57abab5342acc80ce9ffe06156a3179e0
A tutorial on how to write shellcode and exploits, and how buffer overflows work in general. It aims to be detailed and suitable for novice exploit coders with some C understanding.
a589b984950281228fe3fb2d410cdf7e78ec852c53089f751095fb344aeea882
English Version - Several members of SET have discovered key flaws in the security of ciudad.com.ar, the incorrect configuration of EdgeMail system, used to offer mail services trough web, appears to be the cause. Ciudad.com.ar is an Argentinian portal offering free webmail accounts as well as chat and ICQ-style messaging, over 150.000 accounts could have been compromised. SET homepage here.
cfa0c4e9da0da0896be536a05c0db4d707d2497f221da6cd6335b602748cfa9a
Several members of SET have discovered key flaws in the security of ciudad.com.ar, the incorrect configuration of EdgeMail system, used to offer mail services trough web, appears to be the cause. Ciudad.com.ar is an Argentinian portal offering free webmail accounts as well as chat and ICQ-style messaging, over 150.000 accounts could have been compromised. SET homepage here.
e55e2ce0dec976ae6378f5e13e1d2fbc28bf63420c38a60280843f3589652266
Msadc scanner written in perl.
07ff1fe6f4a046c32243998708b03ef7de2be8e3106b99be9f907cf6ad6f1b38
Symantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability. Example included.
166e3926f91c3a2e6ac734080f583044da08ab40996832679d1591724e4ac3d1
IPSend v3.3.5 - TCP/IP packet-generator which uses a scripting language. Extracted from ipfilter 3.3.5.
5bc1d87f6346403c421ebb5fb47dd504a94d375b1f36d2e88fbcf1ec7b08377f
strace 4.1 is a useful diagnositic, instructional, and debugging tool. System adminstrators, diagnosticians and troubleshooters will find it invaluable for solving problems with programs for which the source is not readily available.
1badae30e2d715930f3fd42cd97276722f00ade2c2fc1187e3117693c7b65f5b
SuSE Advisory: Announcement of new security tools from SuSE. Includes SuSE FTP Proxy, SuSE Firewall (The new firewall script from SuSE, rewritten from scratch), Harden SuSE script, SuSE Secumod (This loadable kernel module enhances the security of the system by adding a symlink/hardlink/pipe protection, procfs protection, trusted path execution and capabilities), SuSE Secchk cron scripts, Yast-1, SuSE auditdisk (This tool generates a bootdisk with checksum data and all binaries etc. needed to automaticaly verify file checksums upon booting. This way it can't be subverted by lkm's like a standard e.g. tripwire installation), plus tmpwatch, arpwatch, plug, sslwrap, the newest nmap and more. SuSE security website here.
79e2c81812f8dd6ef4480bef4faaff9c9f0718e66d5f0a8f52f7f692c58108df
[w00giving '99 #4]: VNC is a software package that permits a user to view a remote desktop in real-time. To protect intruder to access the remote desktop, VNC has a password protection. This encryption is done using 3DES, but this encryption is very poor and can be attacked (through brute-force).
4fab2bb54a0a55a4b1e33e1ca86cb8fc49dfdae873e7efcd45c27a2f9d617c51
The Basics of Cryptography: Learn the basic of cryptography and how to break it in this short, simple and easy-to-understand text.
fff2de46b4df67eeb9c1cb05c58195d52ac5d84f72c6759cc86ade1fa67e5484
lids is an intrusion detection system patch for the Linux kernel; it can protect important files from being changed. When it's in effect, no one (including root) can change the protected files or directories and their sub-directories, and the protected append-only files can only be appended. It can also protect the hard disk's MBR, and can also disallow sniffing while the NIC is in promiscuous mode.
b38a4df3e05b43cf55bb5e9716bf5149a24df6b1633fb8006b9e1f42913f4260
The su command on SCO's UnixWare 7 has improper bounds checking on the username passed (via argv[1]), which can cause a buffer overflow when a lengthy username is passed.
2f370cc88cadf6efc7b1f8a55d5ae2f5c3b8ce45ae76e772bf81e939d0b03feb
[w00giving '99 #6]: UnixWare 7's Xsco. Due to improper bounds checking, an overflow occurs when a lengthy argument (argv[1]) is passed. Because Xsco runs with superuser privileges, this can be exploited for elevated privileges.
0710e3286329f4ec82f0b43031b6894da9140f1c90cf3c7b571b5b51ad62ad0d
[w00giving '99 #7]: UnixWare 7's xlock. The xlock command on SCO's UnixWare 7 has improper bounds checking on the username passed (via argv[1]), which can cause a buffer overflow when a lengthy username is passed. Exploit by K2
42dca4082a24f106af872bb2a9c3e695482d75141ae5f77e6e01c1aec727dbff
Clean, functional, and fast banner scanner.
86258d4a2f264691c77ffa0a0993644a51c8e6e327f63358160b93a492155b7d
The ELZA is a scripting language written in PERL aimed at automating HTTP requests, while maintaining fill browser-like behavoir, which enables it to go to places within web sites unaccessible to netcat, telnet, or similar tools. Features: Extraction of _dynamic_ URLs from from HTML;Handling of forms, passing custom form fields and field values, collecting hidden form fields; Following redirects and refreshes; Handling of cookies, honoring their Path and Domain attributes; HTTP Referer, User-Agent, and other HTTP headers for perfect mimicry; HTTP basic authorization including dictionary attacks; Looping for repeated requesting or dictionary attacks; Conditional execution; HTTPS communication via a SSL tunnel; Forms hijacking. Scripts written in ELZA can be executed remotely via POST or forked for load generation.
e5627cc320ee5aaa12c0c74d92cec2b85f9afcb5d372b8b2b7375671bf325bbf
Custom Auditing Scripting Language (CASL) implements a packet shell environment for the Custom Auditing Scripting Language that is the basis for the Cybercop(tm) line of products by Network Associates. The CASL environment provides an extremely high performance environment for sending and receiving any normal and/or morbid packet stream to firewalls, networking stacks and network intrusion detection systems as well as being sufficiently rich of a language to write honeypots, virtual firewalls, surfer hotel, phantom networks and jails.
3f66662c44322fa4381d84fc3d0189a19686130564e82d945f41f8ae24123b21
A remote password auditing and recovery tool that allows dictionary or complex brute-force scans. Scripting support allows you to define any plaintext login procedure. Optimised WWW basic authentication scanning.
1cb761991dfedbc5e82318ae106090d7a86574a987a476641acabef5072f0ec8