Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 08:02:15 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1933267815&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Security%20Tool%20Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Ffiles%2Ftags%2Ftool%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1933267815.1338192135.1338192135.1338192135.1%3B%2B__utmz%3D32867617.1338192135.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/113066/iptables-1.4.14.tar.bz2 http://packetstormsecurity.org/files/113066/iptables-1.4.14.tar.bz2 http://packetstormsecurity.org/files/113066/Linux-IPTables-Firewall-1.4.14.html Sun, 27 May 2012 19:00:14 GMT iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling. http://packetstormsecurity.org/files/113060/Hyperion-1.0.zip http://packetstormsecurity.org/files/113060/Hyperion-1.0.zip http://packetstormsecurity.org/files/113060/Hyperion-Runtime-Encrypter-1.0.html Sat, 26 May 2012 21:11:11 GMT Hyperion is a runtime encrypter for 32-bit portable executables. It is a reference implementation and bases on the paper "Hyperion: Implementation of a PE-Crypter". http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/kolkata.tgz http://packetstormsecurity.org/files/113040/Kolkata-Web-Application-Fingerprinting.html Fri, 25 May 2012 20:31:24 GMT Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker. http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/mobiusft-0.5.13.tar.gz http://packetstormsecurity.org/files/113003/Mobius-Forensic-Toolkit-0.5.13.html Thu, 24 May 2012 02:46:01 GMT Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools. http://packetstormsecurity.org/files/112951/nmap-6.00.tgz http://packetstormsecurity.org/files/112951/nmap-6.00.tgz http://packetstormsecurity.org/files/112951/Nmap-Port-Scanner-6.00.html Tue, 22 May 2012 04:00:28 GMT Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings. http://packetstormsecurity.org/files/112948/zoneh-poster.txt http://packetstormsecurity.org/files/112948/zoneh-poster.txt http://packetstormsecurity.org/files/112948/Zone-H-Multithreaded-Poster.html Mon, 21 May 2012 10:11:11 GMT Zone-H posting utility that is multi-threaded. http://packetstormsecurity.org/files/112941/Odaym-Cura-1.0.zip http://packetstormsecurity.org/files/112941/Odaym-Cura-1.0.zip http://packetstormsecurity.org/files/112941/Cura-1.0.html Sun, 20 May 2012 18:22:22 GMT Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address). http://packetstormsecurity.org/files/112856/hulk.zip http://packetstormsecurity.org/files/112856/hulk.zip http://packetstormsecurity.org/files/112856/HULK-Http-Unbearable-Load-King.html Fri, 18 May 2012 14:31:37 GMT HULK is a web server denial of service tool written for research purposes. It is designed to generate volumes of unique and obfuscated traffic at a webserver, bypassing caching engines and therefore hitting the server's direct resource pool. http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/AdminpageFinder.py.txt http://packetstormsecurity.org/files/112855/Admin-Page-Finder-Script.html Fri, 18 May 2012 14:29:33 GMT This python script looks for a large amount of possible administrative interfaces on a given site. http://packetstormsecurity.org/files/112828/360AnalyticsLtd-0.2.4.zip http://packetstormsecurity.org/files/112828/360AnalyticsLtd-0.2.4.zip http://packetstormsecurity.org/files/112828/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.4.html Fri, 18 May 2012 14:05:00 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112854/webvulscan_v0.11.zip http://packetstormsecurity.org/files/112854/webvulscan_v0.11.zip http://packetstormsecurity.org/files/112854/Web-Application-Vulnerability-Scanner-0.11.html Thu, 17 May 2012 21:54:06 GMT WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities. As a scan is running, details of the scan are dynamically updated to the user. These details include the status of the scan, the number of URLs found on the web application, the number of vulnerabilities found and details of the vulnerabilities found. After a scan is complete, a detailed PDF report is emailed to the user. The report includes descriptions of the vulnerabilities found, recommendations and details of where and how each vulnerability was exploited. http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/opendnssec-1.3.8.tar.gz http://packetstormsecurity.org/files/112733/OpenDNSSEC-1.3.8.html Tue, 15 May 2012 21:59:41 GMT OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security. http://packetstormsecurity.org/files/112721/bluelog-1.0.3.tar.gz http://packetstormsecurity.org/files/112721/bluelog-1.0.3.tar.gz http://packetstormsecurity.org/files/112721/Bluelog-Bluetooth-Scanner-Logger-1.0.3.html Tue, 15 May 2012 03:19:40 GMT Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice. http://packetstormsecurity.org/files/112678/XCat_1.5.zip http://packetstormsecurity.org/files/112678/XCat_1.5.zip http://packetstormsecurity.org/files/112678/XCat-1.5.html Sun, 13 May 2012 12:12:12 GMT XCat is a PHP web interface for scanning sites mined through bing.com. http://packetstormsecurity.org/files/112665/Odaym-Cura-0.4.0.tar.gz http://packetstormsecurity.org/files/112665/Odaym-Cura-0.4.0.tar.gz http://packetstormsecurity.org/files/112665/Cura-0.4.0.html Sat, 12 May 2012 10:33:11 GMT Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address). http://packetstormsecurity.org/files/112593/360AnalyticsLtd-0.2.3.zip http://packetstormsecurity.org/files/112593/360AnalyticsLtd-0.2.3.zip http://packetstormsecurity.org/files/112593/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.3.html Thu, 10 May 2012 04:33:07 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.zip http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.zip http://packetstormsecurity.org/files/112491/NetcatPHPShell-1.10.html Mon, 07 May 2012 19:49:06 GMT NetcatPHPShell is a PHP backdoor that can be leveraged to launch a connect-back shell. http://packetstormsecurity.org/files/112484/Netzob-0.3.2.tar.gz http://packetstormsecurity.org/files/112484/Netzob-0.3.2.tar.gz http://packetstormsecurity.org/files/112484/Netzob-0.3.2.html Sun, 06 May 2012 02:04:45 GMT Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats). http://packetstormsecurity.org/files/112450/ransack.sh.txt http://packetstormsecurity.org/files/112450/ransack.sh.txt http://packetstormsecurity.org/files/112450/Ransack-Post-Exploitation-Tool.html Thu, 03 May 2012 23:09:12 GMT Ransack is a post exploitation shellscript for penetration testers. Its purpose is to grab any information deemed relevant on a system, post root compromise. This information may include config files, ssh keys, ssl keys, or any other information deemed valuable. http://packetstormsecurity.org/files/112384/cifex-1.1.txt http://packetstormsecurity.org/files/112384/cifex-1.1.txt http://packetstormsecurity.org/files/112384/cIFrex-1.1-Source-Scanner.html Wed, 02 May 2012 01:37:48 GMT cIFrex is a small script written in PHP that supports searching for bugs in the analysis of the source code. It uses a database of regular expressions. http://packetstormsecurity.org/files/112335/rkhunter-1.4.0.tar.gz http://packetstormsecurity.org/files/112335/rkhunter-1.4.0.tar.gz http://packetstormsecurity.org/files/112335/Rootkit-Hunter-1.4.0.html Tue, 01 May 2012 21:24:57 GMT Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD. http://packetstormsecurity.org/files/112446/samhain-3.0.4.tar.gz http://packetstormsecurity.org/files/112446/samhain-3.0.4.tar.gz http://packetstormsecurity.org/files/112446/Samhain-File-Integrity-Checker-3.0.4.html Tue, 01 May 2012 15:43:58 GMT Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris. http://packetstormsecurity.org/files/112387/whmcs-google-scan.sh.txt http://packetstormsecurity.org/files/112387/whmcs-google-scan.sh.txt http://packetstormsecurity.org/files/112387/WHMCS-Scanning-Tool.html Tue, 01 May 2012 12:12:12 GMT WHMCS scanning tool that uses Google to find systems that are possible vulnerable to shell upload. http://packetstormsecurity.org/files/112334/360AnalyticsLtd-0.2.1.zip http://packetstormsecurity.org/files/112334/360AnalyticsLtd-0.2.1.zip http://packetstormsecurity.org/files/112334/360-FAAR-Firewall-Analysis-Audit-And-Repair-0.2.1.html Mon, 30 Apr 2012 14:34:58 GMT 360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands. http://packetstormsecurity.org/files/112328/ropeadope.py.txt http://packetstormsecurity.org/files/112328/ropeadope.py.txt http://packetstormsecurity.org/files/112328/RopeADope-1.1-Linux-Log-Cleaner.html Mon, 30 Apr 2012 14:17:16 GMT RopeADope is a log cleaning script for Linux.