Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 13:41:04 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1676774177&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2Fweb%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1676774177.1338212464.1338212464.1338212464.1%3B%2B__utmz%3D32867617.1338212464.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/112628/OWASP-Mantra-Lexicon-0.91Beta.7z http://packetstormsecurity.org/files/112628/OWASP-Mantra-Lexicon-0.91Beta.7z http://packetstormsecurity.org/files/112628/OWASP-Mantra-Lexicon-0.91-Beta.html Fri, 11 May 2012 15:43:54 GMT OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals, etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the source code release. http://packetstormsecurity.org/files/111701/ZAP_1.4.0.1_Windows.exe http://packetstormsecurity.org/files/111701/ZAP_1.4.0.1_Windows.exe http://packetstormsecurity.org/files/111701/Zed-Attack-Proxy-1.4.0.1-Windows-Installer.html Tue, 10 Apr 2012 03:30:27 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer. http://packetstormsecurity.org/files/111702/ZAP_1.4.0.1_Mac_OS_X.zip http://packetstormsecurity.org/files/111702/ZAP_1.4.0.1_Mac_OS_X.zip http://packetstormsecurity.org/files/111702/Zed-Attack-Proxy-1.4.0.1-Mac-OS-X-Release.html Tue, 10 Apr 2012 03:29:25 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release. http://packetstormsecurity.org/files/111700/ZAP_1.4.0.1_Linux.tar.gz http://packetstormsecurity.org/files/111700/ZAP_1.4.0.1_Linux.tar.gz http://packetstormsecurity.org/files/111700/Zed-Attack-Proxy-1.4.0.1-Linux-Release.html Tue, 10 Apr 2012 03:28:17 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release. http://packetstormsecurity.org/files/110144/xenotix_keylogX.xpi http://packetstormsecurity.org/files/110144/xenotix_keylogX.xpi http://packetstormsecurity.org/files/110144/Xenotix-KeylogX-Keylogger-For-Firefox.html Fri, 24 Feb 2012 03:53:02 GMT Xenotix KeylogX is a keylogger add-on for Mozilla Firefox. It captures and logs keystrokes sent to the browser and you simply type alt-X to retrieve the data from the logfile. http://packetstormsecurity.org/files/109397/dradis-v2.9.0.tar.gz http://packetstormsecurity.org/files/109397/dradis-v2.9.0.tar.gz http://packetstormsecurity.org/files/109397/Dradis-Information-Sharing-Tool-2.9.0.html Fri, 03 Feb 2012 02:53:20 GMT dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts. http://packetstormsecurity.org/files/108273/OWASP-Mantra-Armada-0.81Beta.7z http://packetstormsecurity.org/files/108273/OWASP-Mantra-Armada-0.81Beta.7z http://packetstormsecurity.org/files/108273/OWASP-Mantra-Armada-0.81-Beta.html Sat, 31 Dec 2011 14:22:05 GMT OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release. http://packetstormsecurity.org/files/108220/Pound-2.6.tgz http://packetstormsecurity.org/files/108220/Pound-2.6.tgz http://packetstormsecurity.org/files/108220/Pound-Reverse-HTTP-Proxy-2.6.html Thu, 29 Dec 2011 14:59:13 GMT Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests. http://packetstormsecurity.org/files/107323/wordpress-aes-0.0.2.zip http://packetstormsecurity.org/files/107323/wordpress-aes-0.0.2.zip http://packetstormsecurity.org/files/107323/WordPress-AES-Edition-0.0.2.html Fri, 25 Nov 2011 12:11:11 GMT WordPress AES-Edition is a modified version of WordPress that implements use of AES. http://packetstormsecurity.org/files/106830/w3af-1.1.tar.bz2 http://packetstormsecurity.org/files/106830/w3af-1.1.tar.bz2 http://packetstormsecurity.org/files/106830/w3af-Web-Application-Attack-and-Audit-Framework-1.1.html Thu, 10 Nov 2011 16:30:23 GMT w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. http://packetstormsecurity.org/files/106312/OWASP-Mantra-0.71Beta.7z http://packetstormsecurity.org/files/106312/OWASP-Mantra-0.71Beta.7z http://packetstormsecurity.org/files/106312/OWASP-Mantra-c0c0n-11-AppSecLatam-11-0.71-Beta.html Thu, 27 Oct 2011 12:11:11 GMT OWASP Mantra is a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers,security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software. This is the platform independent release. http://packetstormsecurity.org/files/105675/dradis-v2.8.0.tar.gz http://packetstormsecurity.org/files/105675/dradis-v2.8.0.tar.gz http://packetstormsecurity.org/files/105675/Dradis-Information-Sharing-Tool-2.8.0.html Tue, 11 Oct 2011 01:58:15 GMT dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts. http://packetstormsecurity.org/files/105359/ZAP-1.3.2.tgz http://packetstormsecurity.org/files/105359/ZAP-1.3.2.tgz http://packetstormsecurity.org/files/105359/Zed-Attack-Proxy-ZAP-1.3.2.html Wed, 28 Sep 2011 20:22:56 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Linux releases are all included in this file. http://packetstormsecurity.org/files/105358/ZAP_1.3.2_language_pack.2.zaplang http://packetstormsecurity.org/files/105358/ZAP_1.3.2_language_pack.2.zaplang http://packetstormsecurity.org/files/105358/Lanuguage-Pack-For-ZAP-1.3.2.html Tue, 27 Sep 2011 16:05:16 GMT This is the language pack for Zed Attack Proxy (ZAP). Languages supported include English, Brazilian Portuguese, Chinese, Danish, French, German, Greek, Indonesian, Japanese, Polish, and Spanish. http://packetstormsecurity.org/files/105357/ZAP-Client-API-0.1-alpha.zip http://packetstormsecurity.org/files/105357/ZAP-Client-API-0.1-alpha.zip http://packetstormsecurity.org/files/105357/Zed-Attack-Proxy-ZAP-Client-API-0.1-Alpha.html Tue, 27 Sep 2011 15:54:24 GMT This is the client API for the Zed Attack Proxy (ZAP). http://packetstormsecurity.org/files/105145/urlcrazy-0.4.tar.gz http://packetstormsecurity.org/files/105145/urlcrazy-0.4.tar.gz http://packetstormsecurity.org/files/105145/URLCrazy-Domain-Name-Typo-Tool-0.4.html Thu, 15 Sep 2011 18:49:51 GMT URLCrazy enables the study of domainname typos and URL hijacking. URLCrazy is a domainname typo generator that generates 13 types of typos, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo. http://packetstormsecurity.org/files/101683/w3af-1.0-stable.tar.bz2 http://packetstormsecurity.org/files/101683/w3af-1.0-stable.tar.bz2 http://packetstormsecurity.org/files/101683/w3af-Web-Application-Attack-and-Audit-Framework-1.0.html Wed, 25 May 2011 14:22:56 GMT w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. http://packetstormsecurity.org/files/100601/dradis-v2.7.0.tar.gz http://packetstormsecurity.org/files/100601/dradis-v2.7.0.tar.gz http://packetstormsecurity.org/files/100601/Dradis-Information-Sharing-Tool-2.7.0.html Wed, 20 Apr 2011 02:02:18 GMT dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts. http://packetstormsecurity.org/files/97652/w3af-1.0-rc5.tar.bz2 http://packetstormsecurity.org/files/97652/w3af-1.0-rc5.tar.bz2 http://packetstormsecurity.org/files/97652/w3af-Web-Application-Attack-and-Audit-Framework-1.0-RC5.html Wed, 19 Jan 2011 16:14:54 GMT w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. http://packetstormsecurity.org/files/96419/ZAP-1.1.0.tgz http://packetstormsecurity.org/files/96419/ZAP-1.1.0.tgz http://packetstormsecurity.org/files/96419/Zed-Attack-Proxy-ZAP-1.1.0.html Mon, 06 Dec 2010 21:50:44 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file. http://packetstormsecurity.org/files/95451/w3af-1.0-rc4.tar.bz2 http://packetstormsecurity.org/files/95451/w3af-1.0-rc4.tar.bz2 http://packetstormsecurity.org/files/95451/w3af-Web-Application-Attack-and-Audit-Framework-1.0-RC4.html Wed, 03 Nov 2010 02:22:41 GMT w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. http://packetstormsecurity.org/files/94517/ZAP-1.0.0.tgz http://packetstormsecurity.org/files/94517/ZAP-1.0.0.tgz http://packetstormsecurity.org/files/94517/Zed-Attack-Proxy-ZAP-1.0.0.html Tue, 05 Oct 2010 22:01:07 GMT The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file. http://packetstormsecurity.org/files/94051/iexploder-1.7.2.tgz http://packetstormsecurity.org/files/94051/iexploder-1.7.2.tgz http://packetstormsecurity.org/files/94051/iExploder-1.7.2.html Tue, 21 Sep 2010 01:14:34 GMT iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. namebench was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project. http://packetstormsecurity.org/files/93569/iexploder-1.7.tgz http://packetstormsecurity.org/files/93569/iexploder-1.7.tgz http://packetstormsecurity.org/files/93569/iExploder-1.7.html Wed, 08 Sep 2010 02:37:37 GMT iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of web browsers. Available as a standalone webserver or CGI script, it continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes. namebench was initially written as a QA tool for the Mozilla Project to test the Firefox 1.0 release, and is now included and used by Apple's Webkit project. http://packetstormsecurity.org/files/92162/RewriteProxy.tar.gz http://packetstormsecurity.org/files/92162/RewriteProxy.tar.gz http://packetstormsecurity.org/files/92162/RewriteProxy-Same-Domain-Policy-Bypass.html Mon, 26 Jul 2010 21:35:02 GMT RewriteProxy is a small python tool that is based on the twisted library. Its purpose is to serve local files instead of remote files to fool the same-domain policy of modified flash and java-applets.