Section: .. / UNIX / scanners /
| /// File Name: |
lilith-0.4c.tar.gz |
Description:
|
LiLith is a tool written in Perl to audit web applications. This tool analyses webpages and looks for html form tags, which often refer to dynamic pages that might be subject to SQL injection or other flaws. It works much like an ordinary webspider.
| | Author: | Michael Hendrickx | | Homepage: | http://angelo.scanit.biz/ | | File Size: | 7027 | | Last Modified: | Apr 15 06:19:00 2004 |
| MD5 Checksum: | 1329507e5777abdde5e6270cef203073 |
|
| /// File Name: |
knock-0.1.tar.gz |
Description:
|
knock is a server/client set of tools that implements the idea known as port-knocking. Port-knocking is a method of accessing a backdoor to your firewall through a special sequence of port hits. This can be useful for opening up temporary holes in a restrictive firewall for SSH access or similar.
| | Author: | Judd Vinet | | Homepage: | http://www.zeroflux.org/knock/ | | File Size: | 74379 | | Last Modified: | Apr 12 22:18:00 2004 |
| MD5 Checksum: | bc30ba70331ebf817a4bb2a0e9c84517 |
|
| /// File Name: |
ike-scan-1.6.tar.gz |
Description:
|
ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
| | Author: | Roy Hills | | Homepage: | http://www.nta-monitor.com/ike-scan/ | | Changes: | ISAKMP payloads are now decoded, new switch options added, various bug fixes. | | File Size: | 141847 | | Last Modified: | Feb 27 15:15:00 2004 |
| MD5 Checksum: | 5cdc5633a2a7484805d76b3952b8cef6 |
|
| /// File Name: |
sambascan2-0.3.4.tar.gz |
Description:
|
Sambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will search everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses SMB to list the shares and their contents.
| | Author: | Claudio Clemens | | Homepage: | http://asturio.gmxhome.de/sambascan.html | | File Size: | 8813 | | Last Modified: | Feb 14 13:33:00 2004 |
| MD5 Checksum: | d1c37e4edecd92c4a2e5c5311afde49c |
|
| /// File Name: |
jumper-1.2.tar.gz |
Description:
|
Jumper is a program for the search and analysis of hosts. It maps the network using the ARP protocol, and optionally can create an Nmap script. For example, it can tell you which IP addresses are free in your LAN segment or it can tell you which hosts are on your LAN.
| | Author: | Robota Seguridad | | Homepage: | http://www.robota.net/article?id=957 | | File Size: | 37301 | | Last Modified: | Feb 11 18:35:00 2004 |
| MD5 Checksum: | 32b0fe6b3ba6dd4bafc3aba3fa32d804 |
|
| /// File Name: |
systemsearcher.tgz |
Description:
|
SystemSearcher is a Linux security scanner written in Perl. It scans single hosts or subnets for anonymous FTP servers, TFTP servers, SMTP servers which allow relaying, SSH servers, Telnet servers, NFS servers with exported directories, mail servers, Web servers (HTTP/HTTPS), well- known trojan ports, and exploitable CGIs. You can also scan a list of specific servers and specific ports. It uses non-blocking socket communication with a 3-second socket timeout. It can also scan for proxy servers which are open to the world (on port 80,8080,1080, or 3128), and SMB servers or Windows boxes sharing directories.
| | Author: | ByteBeater | | Homepage: | http://www.geektown.de | | File Size: | 191982 | | Last Modified: | Feb 6 17:03:00 2004 |
| MD5 Checksum: | bc0ace69b5648e351d559893bfa25129 |
|
| /// File Name: |
httprint_macosx_200.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Mac OS-X release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | File Size: | 690035 | | Last Modified: | Jan 8 00:38:49 2004 |
| MD5 Checksum: | f2339dc65f778912bb9ecb0b8f3fc237 |
|
| /// File Name: |
httprint_linux_200.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Linux release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | File Size: | 656927 | | Last Modified: | Jan 8 00:38:06 2004 |
| MD5 Checksum: | 64146ac382f862211fb75bed1b6112a4 |
|
| /// File Name: |
httprint_freebsd_200.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | File Size: | 709893 | | Last Modified: | Jan 8 00:35:27 2004 |
| MD5 Checksum: | 1248147d76ab8ffa4ed0123f22a43d78 |
|
| /// File Name: |
PScanDetect-0.8.c |
Description:
|
PScanDetect version 0.8 is a utility that will detect TCP-based portscans. Tested under FreeBSD 5.1, OpenBSD 3.3, and Slackware Linux 9.0.
| | Author: | dodo | | File Size: | 14764 | | Last Modified: | Dec 23 05:35:08 2003 |
| MD5 Checksum: | 9e459e0614a935d0a5b983be1abf750b |
|
| /// File Name: |
arpscan-0.2.tar.gz |
Description:
|
Arpscan sends out ARP requests to specified IP addresses and displays a list of the found hosts. Useful for scanning your local network's IP's for live hosts.
| | Author: | Jason Ish | | Homepage: | http://codemonkey.net/~jason/arpscan | | File Size: | 35462 | | Last Modified: | Dec 1 22:02:12 2003 |
| MD5 Checksum: | a832c8946dc9e2d66c8fa02a7a8b8059 |
|
| /// File Name: |
ike-scan-1.5.1.tar.gz |
Description:
|
ike-scan is a utility that discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern.
| | Author: | Roy Hills | | Homepage: | http://www.nta-monitor.com/ike-scan/ | | Changes: | More backoff patterns added, more flexible pattern specification, man page added, and more. | | File Size: | 122595 | | Last Modified: | Nov 25 00:16:57 2003 |
| MD5 Checksum: | 6425534104fd9f6f644c6f7286ed40e1 |
|
| /// File Name: |
p0f-2.0.3.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Masquerade detection code now checks for time going backwards in timestamps, added uptime in query data and p0fq.c, added -F fuzzy TTL matching option, added more signatures, and fixed some bugs. | | File Size: | 119407 | | Last Modified: | Nov 21 14:21:04 2003 |
| MD5 Checksum: | 583688a4c5718eec0bb34102b3ac457b |
|
| /// File Name: |
mfp_classClscan.sh |
Description:
|
Class C address scanner and lookup tool.
| | Author: | m4rc3l0 | | File Size: | 1535 | | Last Modified: | Nov 8 20:06:24 2003 |
| MD5 Checksum: | e71f89be361b2d76f63a94f5c047f718 |
|
| /// File Name: |
DMit-v1.0beta.tgz |
Description:
|
Dmitry (Deepmagic Information Gathering Tool) is a a UNIX/(GNU)Linux Command Line program coded purely in C with the ability to gather as much information as possible about a host. Gets netcraft information, whois lookup, tcp port scan, looks for subdomains, and grabs banners. Tested on *BSD and some Linux variations.
| | Author: | Kernel-- | | Homepage: | http://www.deep-magic.org | | File Size: | 114789 | | Last Modified: | Nov 7 23:39:01 2003 |
| MD5 Checksum: | 0c5ebcb5ca83c557660d51a7849c1fc6 |
|
| /// File Name: |
ms03-043scanner.c |
Description:
|
Scanner for ms03-043, the Microsoft Messenger Service vulnerability.
| | Author: | Crowley | | Homepage: | http://www.kiwi-hacker.net | | File Size: | 17735 | | Last Modified: | Nov 4 01:33:32 2003 |
| MD5 Checksum: | 213e5c9ea9cb318e303ab614821d7905 |
|
| /// File Name: |
xprobe2-0.2.tar.gz |
Description:
|
Xprobe2 is a remote active operating system fingerprinting tool. Xprobe2 uses advanced techniques, such as the usage of fuzzy logic to match fingerprinting results with the tool's signature database and unique fingerprinting methods to provide accurate results.
| | Author: | Fyodor Yarochkin | | Homepage: | http://www.sys-security.com/html/projects/X.html | | File Size: | 474216 | | Last Modified: | Oct 15 00:13:22 2003 |
| MD5 Checksum: | ca723a7e4c8c5001191efdb43e63bbee |
|
| /// File Name: |
httprint_macosx_107.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. The current version of httprint can import web servers from nmap network scans, if they are saved in XML format. Mac OSX version.
| | Homepage: | http://net-square.com/httprint/ | | File Size: | 678822 | | Last Modified: | Oct 15 00:05:22 2003 |
| MD5 Checksum: | 6622e2ccd92d5623f7d1f3c70e104bb7 |
|
| /// File Name: |
httprint_linux_107.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. The current version of httprint can import web servers from nmap network scans, if they are saved in XML format. Linux version.
| | Homepage: | http://net-square.com/httprint/ | | File Size: | 644225 | | Last Modified: | Oct 15 00:04:23 2003 |
| MD5 Checksum: | 7dc1061cfcaca9b5d0f7a1b8759c4c79 |
|
| /// File Name: |
metacoretex-0.8.0.tar.gz |
Description:
|
MetaCoretex is an entirely JAVA based vulnerability scanning framework which puts special emphasis on databases. Probe objects are written in JAVA for the sake of the ability to extend the AbstractProbe class. Additionally, probe generators make the process of writing simple probes a small task for the end user.
| | Author: | visigoth | | File Size: | 5296595 | | Last Modified: | Oct 2 12:59:24 2003 |
| MD5 Checksum: | 0505b17ff98627f7a43663211e5c7a89 |
|
| /// File Name: |
p0f-2.0.2.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Complete rewrite of version 1 code, making signatures more flexible and to improve fingerprint accuracy. | | File Size: | 72715 | | Last Modified: | Sep 22 18:28:47 2003 |
| MD5 Checksum: | 5686d672ba6762bb965ab5854880d543 |
|
| /// File Name: |
DominoHunter-0.92.zip |
Description:
|
Domino Hunter 0.92 is a Lotus Domino web server scanner, written in Perl. It attempts to access default NSF databases, as well as crawl user-defined bases. It tries to enumerate the database structure, enumerate available views, available documents, and ACLs set on documents. It also tries to retrieve documents from available views in order to check if ACLs are correctly set to restrict documents and not views. The scanner works in both anonymous mode or privileged mode if user supplied credentials are supplied to then be passed to the default names.nsf/?Login form.
| | Author: | Pierre CARON | | Changes: | Various bug fixes, more verbose of output, and a progress bar has been added. Fast ACL enumeration and various bugfixes. | | File Size: | 15901 | | Last Modified: | Sep 16 17:21:51 2003 |
| MD5 Checksum: | 0decf15695afcb40e2799e83661cba21 |
|
| /// File Name: |
Scan-0.2.tar.gz |
Description:
|
This utility makes use of google.com to figure out what domains are running vulnerable PHP servers. Instructions are written in French.
| | Author: | alex | | File Size: | 333839 | | Last Modified: | Aug 25 23:03:30 2003 |
| MD5 Checksum: | 77cc166621b423bcbbf8a5df77154b76 |
|
| /// File Name: |
dnsenum.zip |
Description:
|
A Perl script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
| | Author: | Filip Waeytens | | File Size: | 2976 | | Last Modified: | Aug 25 22:52:07 2003 |
| MD5 Checksum: | d04ba89b205f4e707804ab4b5a46fdd6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
