Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 07:24:28 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=2033200511&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2FUNIX%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.2033200511.1338189868.1338189868.1338189868.1%3B%2B__utmz%3D32867617.1338189868.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/Kolkata-Web-Application-Fingerprinting.html Fri, 25 May 2012 20:31:24 GMT Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker. http://packetstormsecurity.org/files/112951/nmap-6.00.tgz http://packetstormsecurity.org/files/112951/nmap-6.00.tgz http://packetstormsecurity.org/files/112951/Nmap-Port-Scanner-6.00.html Tue, 22 May 2012 04:00:28 GMT Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. http://packetstormsecurity.org/files/112948/zoneh-poster.txt http://packetstormsecurity.org/files/112948/zoneh-poster.txt http://packetstormsecurity.org/files/112948/Zone-H-Multithreaded-Poster.html Mon, 21 May 2012 10:11:11 GMT Zone-H posting utility that is multi-threaded. http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/Admin-Page-Finder-Script.html Fri, 18 May 2012 14:29:33 GMT This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormsecurity.org/files/112828/360AnalyticsLtd-0.2.4.zip http://packetstormsecurity.org/files/112828/360AnalyticsLtd-0.2.4.zip http://packetstormsecurity.org/files/112828/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.4.html Fri, 18 May 2012 14:05:00 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112854/webvulscan_v0.11.zip http://packetstormsecurity.org/files/112854/webvulscan_v0.11.zip http://packetstormsecurity.org/files/112854/Web-Application-Vulnerability-Scanner-0.11.html Thu, 17 May 2012 21:54:06 GMT WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited. http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/OpenDNSSEC-1.3.8.html Tue, 15 May 2012 21:59:41 GMT OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security. http://packetstormsecurity.org/files/112678/XCat_1.5.zip http://packetstormsecurity.org/files/112678/XCat_1.5.zip http://packetstormsecurity.org/files/112678/XCat-1.5.html Sun, 13 May 2012 12:12:12 GMT XCat is a PHP web interface for scanning sites mined through bing.com. http://packetstormsecurity.org/files/112593/360AnalyticsLtd-0.2.3.zip http://packetstormsecurity.org/files/112593/360AnalyticsLtd-0.2.3.zip http://packetstormsecurity.org/files/112593/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.3.html Thu, 10 May 2012 04:33:07 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.zip http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.zip http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.html Mon, 07 May 2012 19:49:06 GMT NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell. http://packetstormsecurity.org/files/112484/Netzob-0.3.2.tar.gz http://packetstormsecurity.org/files/112484/Netzob-0.3.2.tar.gz http://packetstormsecurity.org/files/112484/Netzob-0.3.2.html Sun, 06 May 2012 02:04:45 GMT Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats). http://packetstormsecurity.org/files/112384/cifex-1.1.txt http://packetstormsecurity.org/files/112384/cifex-1.1.txt http://packetstormsecurity.org/files/112384/cIFrex-1.1-Source-Scanner.html Wed, 02 May 2012 01:37:48 GMT cIFrex is a small script written in PHP that supports searching for bugs in the analysis of the source code. It uses a database of regular expressions. http://packetstormsecurity.org/files/112335/rkhunter-1.4.0.tar.gz http://packetstormsecurity.org/files/112335/rkhunter-1.4.0.tar.gz http://packetstormsecurity.org/files/112335/Rootkit-Hunter-1.4.0.html Tue, 01 May 2012 21:24:57 GMT Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD. http://packetstormsecurity.org/files/112446/samhain-3.0.4.tar.gz http://packetstormsecurity.org/files/112446/samhain-3.0.4.tar.gz http://packetstormsecurity.org/files/112446/Samhain-File-Integrity-Checker-3.0.4.html Tue, 01 May 2012 15:43:58 GMT Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris. http://packetstormsecurity.org/files/112387/whmcs-google-scan.sh.txt http://packetstormsecurity.org/files/112387/whmcs-google-scan.sh.txt http://packetstormsecurity.org/files/112387/WHMCS-Scanning-Tool.html Tue, 01 May 2012 12:12:12 GMT WHMCS scanning tool that uses Google to find systems that are possible vulnerable to shell upload. http://packetstormsecurity.org/files/112334/360AnalyticsLtd-0.2.1.zip http://packetstormsecurity.org/files/112334/360AnalyticsLtd-0.2.1.zip http://packetstormsecurity.org/files/112334/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.1.html Mon, 30 Apr 2012 14:34:58 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112328/ropeadope.py.txt http://packetstormsecurity.org/files/112328/ropeadope.py.txt http://packetstormsecurity.org/files/112328/RopeADope-1.1-Linux-Log-Cleaner.html Mon, 30 Apr 2012 14:17:16 GMT RopeADope is a log cleaning script for Linux. http://packetstormsecurity.org/files/112298/clamsap-0.9.7.4.tar.gz http://packetstormsecurity.org/files/112298/clamsap-0.9.7.4.tar.gz http://packetstormsecurity.org/files/112298/ClamSAP-Libraries-0.9.7.4.html Fri, 27 Apr 2012 20:46:20 GMT ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example. http://packetstormsecurity.org/files/112158/unweb-plown-ef3bc6a.zip http://packetstormsecurity.org/files/112158/unweb-plown-ef3bc6a.zip http://packetstormsecurity.org/files/112158/Plown-Plone-CMS-Scanner.html Tue, 24 Apr 2012 16:22:22 GMT Plown is a security scanner for Plone CMS. Although Plone has the best security track record of any major CMS and is considered highly secure, misconfigurations and weak passwords might enable system break-ins. Plown has been developed to ease the discovery of usernames and passwords, and act as an assistant to system administrators to strengthen their Plone sites. http://packetstormsecurity.org/files/111881/packetfence-3.3.0.tar.gz http://packetstormsecurity.org/files/111881/packetfence-3.3.0.tar.gz http://packetstormsecurity.org/files/111881/Packet-Fence-3.3.0.html Mon, 16 Apr 2012 18:13:08 GMT PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans. http://packetstormsecurity.org/files/111759/nield-0.23.tar.gz http://packetstormsecurity.org/files/111759/nield-0.23.tar.gz http://packetstormsecurity.org/files/111759/NIELD-Network-Interface-Events-Logging-Daemon-0.23.html Wed, 11 Apr 2012 15:17:25 GMT Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules. http://packetstormsecurity.org/files/111540/darkd0rk3r-0.7.py.txt http://packetstormsecurity.org/files/111540/darkd0rk3r-0.7.py.txt http://packetstormsecurity.org/files/111540/Dark-D0rk3r-0.7.html Wed, 04 Apr 2012 14:28:44 GMT Dark D0rk3r is a python script that performs dork searching and searches for local file inclusion and SQL injection errors. http://packetstormsecurity.org/files/111510/darkBing-v.0.1.py.txt http://packetstormsecurity.org/files/111510/darkBing-v.0.1.py.txt http://packetstormsecurity.org/files/111510/darkBing-SQL-Scanner-0.1.html Wed, 04 Apr 2012 01:26:41 GMT darkBing is a tool written in python that leverages bing for mining data on systems that may be susceptible to SQL injection. http://packetstormsecurity.org/files/111489/oath-toolkit-1.12.1.tar.gz http://packetstormsecurity.org/files/111489/oath-toolkit-1.12.1.tar.gz http://packetstormsecurity.org/files/111489/OATH-Toolkit-1.12.1.html Tue, 03 Apr 2012 02:40:42 GMT OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit. http://packetstormsecurity.org/files/111418/samhain-3.0.3.tar.gz http://packetstormsecurity.org/files/111418/samhain-3.0.3.tar.gz http://packetstormsecurity.org/files/111418/Samhain-File-Integrity-Checker-3.0.3.html Wed, 28 Mar 2012 17:41:37 GMT Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.