Section: .. / UNIX / scanners /
| /// File Name: |
p0f-2.0.8-db-20061113.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Extended db schema. Added support for SQLite. | | File Size: | 142529 | | Last Modified: | Dec 12 10:49:36 2006 |
| MD5 Checksum: | 3102c1d07f3f59547252d856f46a7afb |
|
| /// File Name: |
sqlninja-0.1.1.tgz |
Description:
|
sqlninja is a small tool to exploit SQL injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end. Its main goal is to provide a remote shell on the vulnerable database server, even in a very hostile environment. It should be used by penetration testers to help and automate the process of taking over a database Server when a SQL injection vulnerability has been discovered. It is written in perl and runs on Unix-like boxes.
| | Author: | icesurfer | | Homepage: | http://sqlninja.sourceforge.net | | Changes: | Fingerprinting of the remote server, bruteforce of sa password, privilege escalation if sa password found, creation of a custom xp_cmdshell if the original one has been disabled. | | File Size: | 109788 | | Last Modified: | Dec 11 11:27:17 2006 |
| MD5 Checksum: | e14fc9f7a4597629736cc865dc7de447 |
|
| /// File Name: |
sauerkraut.c |
Description:
|
sauerkraut is a lightweight, multi-threaded and very fast IP scanner with a built-in banner grabber.
| | Author: | softxor | | Homepage: | http://bunnies.phpnet.us/ | | File Size: | 5211 | | Last Modified: | Dec 8 18:18:45 2006 |
| MD5 Checksum: | 07c2a78a634aa26078972439062833ad |
|
| /// File Name: |
knock-out.tar.gz |
Description:
|
Knock-Out is a remote administration tool using port-knocking techniques. It supports both UDP and TCP transmission and is customizable. It allows both bind ports and reverse shells. Note that all documentation, etc, is written in Spanish.
| | Author: | A. Alejandro Hernandez Hernandez | | File Size: | 18890 | | Last Modified: | Dec 7 04:51:36 2006 |
| MD5 Checksum: | d3daef2b88524e78ab951fc3d4fd1304 |
|
| /// File Name: |
snmpcheck-1.6.txt |
Description:
|
snmpcheck is a free open source utility to get information via SNMP protocols. It works fine against Windows, Linux, Cisco, HP-UX, SunOS systems and any devices with SNMP protocol support. It could be useful for penetration testing or systems monitoring. snmpcheck has been tested on GNU/Linux, *BSD and Windows (Cygwin) systems.
| | Author: | Matteo Cantoni | | Homepage: | http://www.nothink.org/perl/snmpcheck/ | | File Size: | 28865 | | Last Modified: | Dec 6 01:15:22 2006 |
| MD5 Checksum: | 9545e5fd6e9f8ee19414e98d6fe0756c |
|
| /// File Name: |
tcpknock-v01.tar.bz |
Description:
|
TCP Knocking provides a port knocking implementation that attempts to solve problems of opening firewalls to provide remote access by incorporating the knock into unused fields in the TCP handshake sequence packets, rather than using UDP packets with secret ports.
| | Author: | ganhawk | | Homepage: | http://p2pbridge.sourceforge.net/tcpknocking/ | | File Size: | 5215 | | Last Modified: | Dec 6 01:03:21 2006 |
| MD5 Checksum: | 8bc291b1dd32bdf447aa464742276b8c |
|
| /// File Name: |
RedAdslScanner.c |
Description:
|
Simple scanning script that attempts to find ADSL router modems.
| | Author: | Tio Coder | | Homepage: | http://www.red-hack.org/ | | File Size: | 5817 | | Last Modified: | Nov 29 10:32:03 2006 |
| MD5 Checksum: | 87f460e0d53c43cdf65793e7c32d67aa |
|
| /// File Name: |
drknock-0.2.1.zip |
Description:
|
DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.
| | Author: | Olivier ROCH VILATO | | Homepage: | http://sourceforge.net/projects/drknock/ | | Changes: | Code cleanup and little bug fixes. | | File Size: | 443918 | | Last Modified: | Nov 21 02:12:12 2006 |
| MD5 Checksum: | eecc76c6f97c006fa6f44f4f3159bc59 |
|
| /// File Name: |
lft-2.6b5.tar.gz |
Description:
|
LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name lookups, load balancer and firewall detection, et al.
| | Author: | Victor Oppleman | | Homepage: | http://pwhois.org/lft/ | | File Size: | 154702 | | Last Modified: | Nov 20 11:49:02 2006 |
| MD5 Checksum: | ca97905f8c6aa2dfb858b63afe7cdde8 |
|
| /// File Name: |
pbnj-2.04.tar.gz |
Description:
|
PBNJ is a suite of tools to monitor changes on a network over time. It does this by checking for changes on the target machine(s), which includes the details about the services running on them as well as the service state. PBNJ parses the data from a scan and stores it in a database. PBNJ uses Nmap to perform scans.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | Changes: | Small fixes, updates to man pages, and some enhancements. | | File Size: | 86080 | | Last Modified: | Nov 17 18:33:29 2006 |
| MD5 Checksum: | f0a5b4dfa9456c21154a289e1e45b1d5 |
|
| /// File Name: |
DrKnock.zip |
Description:
|
DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.
| | Author: | Olivier ROCH VILATO | | Homepage: | http://sourceforge.net/projects/drknock/ | | File Size: | 218717 | | Last Modified: | Nov 16 11:58:43 2006 |
| MD5 Checksum: | e5e9b5761d8fadc916d74119e5e3775f |
|
| /// File Name: |
SinFP-2.04-1.tar.gz |
Description:
|
SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. It only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3.
| | Author: | GomoR | | Homepage: | http://www.gomor.org/sinfp | | Changes: | Update from Net::Packet 3.00 to 3.01. Net::SinFP updated to 2.04. New signatures (sinfp-20061101.db). | | File Size: | 2795983 | | Last Modified: | Nov 7 00:08:59 2006 |
| MD5 Checksum: | e78d553417634654af02748213a6a35c |
|
| /// File Name: |
fwknop-1.0.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various bug fixes and some enhanced validation. | | File Size: | 374614 | | Last Modified: | Nov 7 00:04:08 2006 |
| MD5 Checksum: | 88b8f170e05b40a626860928d2f3e669 |
|
| /// File Name: |
scapy-1.0.5.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes and enhancements. | | File Size: | 144746 | | Last Modified: | Nov 2 10:11:52 2006 |
| MD5 Checksum: | b094a03472375c3add5415345b8d79d6 |
|
| /// File Name: |
fwknop-0.9.9.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various enhancements and improvements. Some bug fixes. | | File Size: | 446261 | | Last Modified: | Oct 18 20:05:18 2006 |
| MD5 Checksum: | e45835980424838729144abd5537c36e |
|
| /// File Name: |
wapiti-1.1.4.zip |
Description:
|
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
| | Author: | Nicolas Surribas | | Homepage: | http://wapiti.sourceforge.net/ | | File Size: | 26125 | | Last Modified: | Oct 13 20:42:25 2006 |
| MD5 Checksum: | 13919bc991c54faf4a2266c0114f7785 |
|
| /// File Name: |
ndisc6-0.7.1.tar.bz2 |
Description:
|
ndisc6 consists of three command line tools (ndisc6, rdisc6, and traceroute6) that perform ICMPv6 Neighbor Discovery, ICMPv6 Router Discovery, and IPv6 tcptraceroute/traceroute respectively. It is primarily meant for IPv6 networking diagnostics and monitoring.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | Changes: | Minor portability fixes. | | File Size: | 104664 | | Last Modified: | Oct 5 00:15:52 2006 |
| MD5 Checksum: | 1db54bdacba134120b182ab651b36287 |
|
| /// File Name: |
nsat-1.5-ia64-port.tgz |
Description:
|
Nsat is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine, and much more. Unlike many other auditing tools, nsat can collect information about services independently of vulnerabilities, which makes it less dependent on frequent updates as new vulnerabilities are found.
| | Author: | Mixter | | Homepage: | http://1337.tsx.org | | Changes: | Ported to ia64. | | File Size: | 989816 | | Last Modified: | Oct 5 00:03:45 2006 |
| MD5 Checksum: | a900ccfc97feccf332d54e4934cd94b9 |
|
| /// File Name: |
p0f-2.0.8-db-20060921.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | p0f 2.0.8 was released. | | File Size: | 140625 | | Last Modified: | Oct 4 23:59:23 2006 |
| MD5 Checksum: | 32bbae159f72b3f0bfe682d69299f64a |
|
| /// File Name: |
fwknop-0.9.8.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various enhancements and improvements. | | File Size: | 419457 | | Last Modified: | Oct 4 23:55:28 2006 |
| MD5 Checksum: | 03e2155d9700be3a4320362ea09e47e5 |
|
| /// File Name: |
dnsmap-latest.tar |
Description:
|
dnsmap is a simple utility designed to enumerate subdomains on a target domain. It can scan from either an internal or user-supplied wordlist.
| | Homepage: | http://ikwt.com/projects/dnsmap/ | | File Size: | 40960 | | Last Modified: | Sep 21 20:53:57 2006 |
| MD5 Checksum: | 98c5c5762f92b809d8e461510ae0b5d7 |
|
| /// File Name: |
p0f-2.0.8.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | File Size: | 136877 | | Last Modified: | Sep 7 02:46:35 2006 |
| MD5 Checksum: | 1ccbcd8d4c95ef6dae841120d23c56a5 |
|
| /// File Name: |
p0f-2.0.7-db-20060823.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Updated for new p0f 2.0.7. | | File Size: | 136554 | | Last Modified: | Aug 27 18:09:15 2006 |
| MD5 Checksum: | 1a2bcd64356f44849ea3ff1809b5ed91 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
