Section: .. / UNIX / scanners /
| /// File Name: |
lft-2.6b5.tar.gz |
Description:
|
LFT, short for Layer Four Traceroute, is a sort of 'traceroute' that often works much faster (than the commonly-used Van Jacobson method) and goes through many configurations of packet-filters (firewalls). More importantly, LFT implements numerous other features including AS number lookups through several reliable sources, loose source routing, netblock name lookups, load balancer and firewall detection, et al.
| | Author: | Victor Oppleman | | Homepage: | http://pwhois.org/lft/ | | File Size: | 154702 | | Last Modified: | Nov 20 11:49:02 2006 |
| MD5 Checksum: | ca97905f8c6aa2dfb858b63afe7cdde8 |
|
| /// File Name: |
pbnj-2.04.tar.gz |
Description:
|
PBNJ is a suite of tools to monitor changes on a network over time. It does this by checking for changes on the target machine(s), which includes the details about the services running on them as well as the service state. PBNJ parses the data from a scan and stores it in a database. PBNJ uses Nmap to perform scans.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | Changes: | Small fixes, updates to man pages, and some enhancements. | | File Size: | 86080 | | Last Modified: | Nov 17 18:33:29 2006 |
| MD5 Checksum: | f0a5b4dfa9456c21154a289e1e45b1d5 |
|
| /// File Name: |
DrKnock.zip |
Description:
|
DrKnock is a port knocking solution based on sig2knock by Cappella and Tan Chew Keong (http://www.security.org.sg/code/portknock1.html). Right now, the only functional improvement over sig2knock is the ability to use the client under Windows XP SP2. The client and server work on both Unix and Windows.
| | Author: | Olivier ROCH VILATO | | Homepage: | http://sourceforge.net/projects/drknock/ | | File Size: | 218717 | | Last Modified: | Nov 16 11:58:43 2006 |
| MD5 Checksum: | e5e9b5761d8fadc916d74119e5e3775f |
|
| /// File Name: |
SinFP-2.04-1.tar.gz |
Description:
|
SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. It only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3.
| | Author: | GomoR | | Homepage: | http://www.gomor.org/sinfp | | Changes: | Update from Net::Packet 3.00 to 3.01. Net::SinFP updated to 2.04. New signatures (sinfp-20061101.db). | | File Size: | 2795983 | | Last Modified: | Nov 7 00:08:59 2006 |
| MD5 Checksum: | e78d553417634654af02748213a6a35c |
|
| /// File Name: |
fwknop-1.0.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various bug fixes and some enhanced validation. | | File Size: | 374614 | | Last Modified: | Nov 7 00:04:08 2006 |
| MD5 Checksum: | 88b8f170e05b40a626860928d2f3e669 |
|
| /// File Name: |
scapy-1.0.5.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes and enhancements. | | File Size: | 144746 | | Last Modified: | Nov 2 10:11:52 2006 |
| MD5 Checksum: | b094a03472375c3add5415345b8d79d6 |
|
| /// File Name: |
fwknop-0.9.9.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various enhancements and improvements. Some bug fixes. | | File Size: | 446261 | | Last Modified: | Oct 18 20:05:18 2006 |
| MD5 Checksum: | e45835980424838729144abd5537c36e |
|
| /// File Name: |
wapiti-1.1.4.zip |
Description:
|
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
| | Author: | Nicolas Surribas | | Homepage: | http://wapiti.sourceforge.net/ | | File Size: | 26125 | | Last Modified: | Oct 13 20:42:25 2006 |
| MD5 Checksum: | 13919bc991c54faf4a2266c0114f7785 |
|
| /// File Name: |
ndisc6-0.7.1.tar.bz2 |
Description:
|
ndisc6 consists of three command line tools (ndisc6, rdisc6, and traceroute6) that perform ICMPv6 Neighbor Discovery, ICMPv6 Router Discovery, and IPv6 tcptraceroute/traceroute respectively. It is primarily meant for IPv6 networking diagnostics and monitoring.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | Changes: | Minor portability fixes. | | File Size: | 104664 | | Last Modified: | Oct 5 00:15:52 2006 |
| MD5 Checksum: | 1db54bdacba134120b182ab651b36287 |
|
| /// File Name: |
nsat-1.5-ia64-port.tgz |
Description:
|
Nsat is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine, and much more. Unlike many other auditing tools, nsat can collect information about services independently of vulnerabilities, which makes it less dependent on frequent updates as new vulnerabilities are found.
| | Author: | Mixter | | Homepage: | http://1337.tsx.org | | Changes: | Ported to ia64. | | File Size: | 989816 | | Last Modified: | Oct 5 00:03:45 2006 |
| MD5 Checksum: | a900ccfc97feccf332d54e4934cd94b9 |
|
| /// File Name: |
p0f-2.0.8-db-20060921.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | p0f 2.0.8 was released. | | File Size: | 140625 | | Last Modified: | Oct 4 23:59:23 2006 |
| MD5 Checksum: | 32bbae159f72b3f0bfe682d69299f64a |
|
| /// File Name: |
fwknop-0.9.8.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various enhancements and improvements. | | File Size: | 419457 | | Last Modified: | Oct 4 23:55:28 2006 |
| MD5 Checksum: | 03e2155d9700be3a4320362ea09e47e5 |
|
| /// File Name: |
dnsmap-latest.tar |
Description:
|
dnsmap is a simple utility designed to enumerate subdomains on a target domain. It can scan from either an internal or user-supplied wordlist.
| | Homepage: | http://ikwt.com/projects/dnsmap/ | | File Size: | 40960 | | Last Modified: | Sep 21 20:53:57 2006 |
| MD5 Checksum: | 98c5c5762f92b809d8e461510ae0b5d7 |
|
| /// File Name: |
p0f-2.0.8.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | File Size: | 136877 | | Last Modified: | Sep 7 02:46:35 2006 |
| MD5 Checksum: | 1ccbcd8d4c95ef6dae841120d23c56a5 |
|
| /// File Name: |
p0f-2.0.7-db-20060823.tar.gz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris. This particular version is modified by Nerijus Krukauskas to store the data in a database.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Updated for new p0f 2.0.7. | | File Size: | 136554 | | Last Modified: | Aug 27 18:09:15 2006 |
| MD5 Checksum: | 1a2bcd64356f44849ea3ff1809b5ed91 |
|
| /// File Name: |
wapiti-1.1.3.zip |
Description:
|
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
| | Author: | Nicolas Surribas | | Homepage: | http://wapiti.sourceforge.net/ | | Changes: | Fixed a timeout bug. | | File Size: | 24671 | | Last Modified: | Aug 27 14:06:48 2006 |
| MD5 Checksum: | 2dea7ceab6572592a8b90f621f3c2e90 |
|
| /// File Name: |
sqlier-0.8.1b.sh.txt |
Description:
|
SQLIer takes an URL vulnerable to SQL injection attacks and attempts to determine all of the necessary information to build and exploit an SQL injection hole by itself. It requires no user interaction unless it can't guess the table/field names correctly. By doing so, it can build a UNION SELECT query designed to brute force passwords out of the database. It does not use quotes in the exploit, meaning it will work for a wider range of sites. An 8 character password (containing any character from decimal ASCII code 1-127) takes approximately one minute to crack.
| | Author: | Brad Cable | | Homepage: | http://bcable.net/project.php?sqlier | | File Size: | 18255 | | Last Modified: | Aug 27 02:48:56 2006 |
| MD5 Checksum: | a085c35dad28d05429083bafd1ee7ef1 |
|
| /// File Name: |
pbnj-2.02.tar.gz |
Description:
|
PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | Changes: | Small fixes. | | File Size: | 84397 | | Last Modified: | Aug 27 02:45:11 2006 |
| MD5 Checksum: | 8d5108cd8d8b06770087aa40a2674b31 |
|
| /// File Name: |
ndisc6-0.6.7.tar.bz2 |
Description:
|
ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | Changes: | Minor security fix. | | File Size: | 98050 | | Last Modified: | Aug 27 02:33:22 2006 |
| MD5 Checksum: | 77f4154d78304e87698d6da4f5f9ff86 |
|
| /// File Name: |
p0f-2.0.7.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | File Size: | 133069 | | Last Modified: | Aug 27 02:29:18 2006 |
| MD5 Checksum: | 55c222cfb72a0e323e11e9744bbb6ff9 |
|
| /// File Name: |
wapiti-1.1.0.zip |
Description:
|
Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.
| | Author: | Nicolas Surribas | | Homepage: | http://wapiti.sourceforge.net/ | | File Size: | 24376 | | Last Modified: | Aug 17 02:55:51 2006 |
| MD5 Checksum: | d688ebb6c11e6df54819340b0b9ccddc |
|
| /// File Name: |
fwknop-0.9.7.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Added fwknop_serv to function as a minimal TCP server. Updated to CRYPT:CBC 2.18. Various other bug fixes and enhancements. | | File Size: | 410604 | | Last Modified: | Aug 17 02:29:46 2006 |
| MD5 Checksum: | dbb836b771096cffc07e552fd9027b3b |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
