Section: .. / UNIX / scanners /
| /// File Name: |
paps-1.1.tar.gz |
Description:
|
Paps is a passively active port scanner. It scans while posing as other hosts in the same network segment and sniffs for responses in order to determine port status. It is multithreaded and supports syn, fin, null, xmas, udp and random scanning.
| | Author: | willdamn | | Changes: | Paps now uses /dev/urandom for increased entropy | | File Size: | 11584 | | Last Modified: | Mar 16 19:28:16 2006 |
| MD5 Checksum: | 644c01de44ef110ce2b7d535952e647a |
|
| /// File Name: |
p0f-2.0.6.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Bug fixes and feature enhancements. Cygwin support. | | File Size: | 131652 | | Last Modified: | Mar 10 03:39:09 2006 |
| MD5 Checksum: | 5f48bc69592079dad0a3866f39905141 |
|
| /// File Name: |
coarseknocking-0.0.5.tar.gz |
Description:
|
This is a simple implementation of Port Knocking techniques. It sniffs network packets looking for predetermined keys and executes commands to open and close ports on the firewall. In the client mode it injects packets with the key to server.
| | Author: | Andre Luiz Rodrigues Ferreira | | Homepage: | http://coarseknocking.sourceforge.net/ | | Changes: | Added support to choose network interface. Added configuration tool. | | File Size: | 14177 | | Last Modified: | Feb 13 01:47:31 2006 |
| MD5 Checksum: | df086dcbcfe43701bff517d726b030cb |
|
| /// File Name: |
paps-1.0.tar.gz |
Description:
|
Paps is a passively active port scanner. It scans while posing as other hosts in the same network segment and sniffs for responses in order to determine port status. It is multithreaded and supports syn, fin, null, xmas, udp and random scanning.
| | Author: | willdamn | | File Size: | 9982 | | Last Modified: | Feb 2 05:51:12 2006 |
| MD5 Checksum: | ed7cdf73c7a49df3b23475d103066695 |
|
| /// File Name: |
scapy-1.0.3.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | See changelog. | | File Size: | 125145 | | Last Modified: | Jan 29 20:55:29 2006 |
| MD5 Checksum: | bdc5247105312c61597d5c3e00dc1127 |
|
| /// File Name: |
mpscan-0.1.0.tar.gz |
Description:
|
mpscan is a parallel network scanner that checks for open ports. It uses select() to increase its speed and was designed for rapidly scanning large networks, but also works with a single IP.
| | Author: | Markus Fraczek | | Homepage: | http://mpscan.sourceforge.net/ | | File Size: | 55412 | | Last Modified: | Jan 29 20:49:29 2006 |
| MD5 Checksum: | 07699c969fdce919965c67523e21589c |
|
| /// File Name: |
ptscan_1.1.tgz |
Description:
|
A simple lightweight threaded portscanner. Version 1.1
| | Author: | Ralph | | Changes: | Using pthreads instead of forking, thus reducing the overhead of creating threads and the memory consumption. Bug fixes in the log file and screen output. Added separate option for read timeout. | | File Size: | 8022 | | Last Modified: | Jan 26 04:17:18 2006 |
| MD5 Checksum: | 08ec1b5bd651ed9cfe57c5105473b844 |
|
| /// File Name: |
dnsgrep-1.16.tgz |
Description:
|
dnsgrep enumerates DNS information from a domain, attempts zone transfers, and performs a brute force dictionary style attack.
| | Author: | geinblues | | File Size: | 4097 | | Last Modified: | Jan 21 18:50:50 2006 |
| MD5 Checksum: | a5d2d58fe0564fa4b58c7d1af0ca7ec6 |
|
| /// File Name: |
fwknop-0.9.6.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Added GPG based authentication capability for SPA packets. Added patch against OpenSSH-4.2p1 to integrate SPA mode. Various other additions, enhancements, and bug fixes. | | File Size: | 396349 | | Last Modified: | Jan 15 12:42:58 2006 |
| MD5 Checksum: | 7036840ae01f7c8471cb732eee1898fb |
|
| /// File Name: |
ptscan.tgz |
Description:
|
A simple threaded portscanner that is lightweight.
| | Author: | Ralph | | File Size: | 8655 | | Last Modified: | Jan 15 11:56:58 2006 |
| MD5 Checksum: | 2ca7c8d71ea76b9ce2a247dd8c3bcef6 |
|
| /// File Name: |
snmpcheck.pl.txt |
Description:
|
snmpcheck is a tool to get information via SNMP protocols for Windows, Linux, Cisco, HP-UX and SunOS platforms. Tested on GNU/Linux, *BSD and Windows (Cygwin and ActivePerl) systems. Distributed under the GPL license and based on Athena-2k script by jshaw.
| | Author: | Matteo Cantoni | | Homepage: | http://www.nothink.org/perl/snmpcheck.html | | File Size: | 22042 | | Last Modified: | Jan 7 21:05:33 2006 |
| MD5 Checksum: | 336c228eabd30a3119c070ba6123e9b2 |
|
| /// File Name: |
webknock.tgz |
Description:
|
Webknock is a program that continuously scans Apache's access logfile and executes a configurable command when a certain URL sequence is detected. The IP address of the client can be passed to the command to be executed, allowing one to use iptables to open certain ports (usually, SSH) to certain hosts as soon as the correct URL sequence is activated. No changes to the Web server configuration are necessary.
| | Author: | Marco Paganini | | Homepage: | http://www.paganini.net/index.cgi/opensource/webknock.html | | File Size: | 5048 | | Last Modified: | Dec 31 03:57:00 2005 |
| MD5 Checksum: | 4ee79b7fb4fecaaf75ee709c12328654 |
|
| /// File Name: |
Stealfly.tar.gz |
Description:
|
Stealfly is proof of concept perl code that illustrates the usage of port knocking. The server sits on a defined interface and listens for a certain amount of UDP packets to be sent from a chosen ip that will use a range of source ports for each packet. If the rules are satisfied then server will open it's port or connect back using netcat.
| | Author: | hash | | Homepage: | http://gotfault.net/~hash/tools/stealfly/stealfly.html | | File Size: | 3999 | | Last Modified: | Dec 28 22:03:24 2005 |
| MD5 Checksum: | 654a6be0a89a56b3b2084d3d7c89f76a |
|
| /// File Name: |
pbnj-1.12.tar.gz |
Description:
|
PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | Changes: | Fixed to work with nmap 3.95. | | File Size: | 28685 | | Last Modified: | Dec 28 18:49:20 2005 |
| MD5 Checksum: | 30753280dca24fec8caeb148dbdda34b |
|
| /// File Name: |
httprint_macosx_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Mac OS-X release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL in formation gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 458359 | | Last Modified: | Dec 28 18:15:34 2005 |
| MD5 Checksum: | 6b188cd60df6eca5409694fa40859f0d |
|
| /// File Name: |
httprint_linux_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Linux release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL in formation gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 679128 | | Last Modified: | Dec 28 18:15:04 2005 |
| MD5 Checksum: | af53704de9c1851bd439cbe3fab3e0ad |
|
| /// File Name: |
httprint_freebsd_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL information gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 512708 | | Last Modified: | Dec 28 18:14:34 2005 |
| MD5 Checksum: | d5efd9463f671ce92f50ce3222f1774e |
|
| /// File Name: |
ndisc6-0.5.1.tar.bz2 |
Description:
|
ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | Changes: | Various updates. | | File Size: | 23027 | | Last Modified: | Dec 9 12:08:10 2005 |
| MD5 Checksum: | 33487fe5505b195eb31468d88ba9ab56 |
|
| /// File Name: |
pbnj-1.10.tar.bz2 |
Description:
|
PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | File Size: | 24997 | | Last Modified: | Dec 3 00:32:49 2005 |
| MD5 Checksum: | 5a5b347106e5419259e62c5943687bdb |
|
| /// File Name: |
automagic.zip |
Description:
|
The Automagic SQL Injector is part of the Sec-1 Exploit Arsenal provided as part of the Applied Hacking & Intrusion Prevention training courses. In a nutshell it's an automated SQL injection tool designed to help save time on pen tests. It is only designed to work with vanilla Microsoft SQL injection holes where errors are returned.
| | Author: | Gary O'leary-Steele | | Homepage: | http://www.sec-1.com | | File Size: | 1494628 | | Last Modified: | Nov 30 02:31:55 2005 |
| MD5 Checksum: | e0a4e2669ec52d212d73d0864492dd78 |
|
| /// File Name: |
scapy-1.0.2.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | See changelog. | | File Size: | 104563 | | Last Modified: | Nov 8 23:34:01 2005 |
| MD5 Checksum: | c4cac0a657079492710b31a6aed0672a |
|
| /// File Name: |
coarseknocking-0.0.2.tar.gz |
Description:
|
This is a simple implementation of Port Knocking techniques. It sniffs network packets looking for predetermined keys and executes commands to open and close ports on the firewall. In the client mode it injects packets with the key to server.
| | Author: | Andre Luiz Rodrigues Ferreira | | Homepage: | http://coarseknocking.sourceforge.net/ | | File Size: | 11711 | | Last Modified: | Nov 3 20:23:30 2005 |
| MD5 Checksum: | 5c760ecdd6a41fa6e680c8aba14fed1a |
|
| /// File Name: |
fortress-0.3.tar.gz |
Description:
|
Fortress is a simple script driven framework for performing security scans. The core of the application is an application which will execute testing scripts written using the embedded LUA scripting engine. The scripts may perform almost arbitrary operations, including making HTTP requests, conducting port scanning, and taking advantage of several other provided primitives.
| | Author: | Steve Kemp | | Homepage: | http://www.steve.org.uk/Software/Fortress/ | | File Size: | 78627 | | Last Modified: | Oct 26 12:33:49 2005 |
| MD5 Checksum: | 69b39e4ad91b5b7d3d5be1a35c925998 |
|
| /// File Name: |
scapy-1.0.1.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes. | | File Size: | 102701 | | Last Modified: | Oct 26 12:20:33 2005 |
| MD5 Checksum: | 0257d4708107e31ca0705ada528a592a |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
