Logclean.c is a tool to clean entries in utmp/wtmp which uses Operational System functions getutent(3), pututline(3), making it faster.
cbe0039b712816cb75ff94fccc71214c508e999984a63ef49eeab6df35751ca0
Orgasm v1.0 is a distributed reflection denial of service attack. More information available here.
d6dad5cb55226f0e8e534dbe17c2c41b0a68f7e8bc1f3cf035f779e1ea82e508
PluSHS allows a user to resolve the names of a single IP address or entire network of addresses to maintain a "map" of the names that comprise a certain network.
0d5bddb0ccc196ba0c98783a19d57e738ffda70e5cd718a83e2c996cfb0a742c
The following FreeBSD ports prior to the listed version have security vulnerabilities: amanda-2.3.0.4, fetchmail-5.9.11, gaim-0.58, gnokii-0.4.0.p20, horde-1.2.8, imap-uw (not fixed), imp-2.2.8, linux-netscape 6.2.3, mnogosearch-3.1.19_2, mpg321-0.2.9, ssh2 password auth issue, tinyproxy-1.5.0, and webmin-0.970.
573f30008a2e7144a46d4b6e77775ec38d8ffa94127935a00f2ec8c7e36ebf0e
IBM x86 Informix SE-7.25 sqlexec local root exploit. Overflows the INFORMIXDIR environment variable passed to the sqlexec binary. Offsets for Redhat 7.0 and Mandrake 8.2 included.
51fb5d073c8119f0f6b35e7780a8c034299174f9e239cfe43b734a26ce42b317
Yahoo! Messenger v5,0,0,1061 buffer overflow exploit for Windows XP Pro. Shellcode spawns cmd.exe. Fix available here.
596e8d32292e00213f89d2811227c7e70b98b19be3b42189a13ad01d3f5aa08f
Itadem Trojan v1.1 is a small trojan controlled by a web browser. Archive password is set to p4ssw0rd. Use at your own risk.
47617222232591d37c6d295c98d14336c69f1933fef69af6ff79b870919d5754
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
091a1a460c3facb06cc3d8994660db1e1705131ba03e4bc017fdd8c23aa2d20f
Darkstat is an ntop-workalike network statistics gatherer. Built to be faster and smaller than ntop, it uses libpcap to capture network traffic and serves up Web page reports of statistics such as data transferred by host, port, and protocol. It also has a neat bandwidth usage graph.
259d363b560ae3fb9e63fe6f6bc13149d8727ba71f7c8f381f5ba3a481983baa
Firestorm is an extremely high performance network intrusion detection system (NIDS). Right now it is just a sensor but there are plans are to include real support for analysis, reporting, remote console, and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible.
229ff0fbaf8f7f56b18c9ec3c9d898f4658977c517b13b149e4ea93c39f4c147
The Openwall Linux kernel patch is a collection of security "hardening" features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
a2a533a4d8f7adba193ff7a7df1163b538c95bd8fb6048e91973590e2c4726db
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.
7ef4c7c226f0859ea7fc4857508580b10666c13fdb7c7ef8727ce4c4db8646e9
HAP-Linux is a collection of security related patches which are designed to be applied after Solar Designers Openwall patches are installed. Changes include some extra information in the printks, and the ability to allow hard links to files you don't own which are in your group, and the ability to follow links & pipes in +t directories if they are not world-writable. This is useful for getting various daemons to run chrooted as a non-root user, and some secure drop- directory stuff.
58508fba90c8d918ac8566e635b8f317ad02aacbff916ed80bef5c55e066a163
Motion uses a video4linux device for detecting movement. It makes snapshots of the movement which later will be converted to MPEG movies, making it useful as an observation or security system. It can send out email and SMS messages when detecting motion.
2973ebd7d9483e9a9e0089d70bbd34b48d7783e269a3dfa37fd825c3804a0165
SmtpRC is a fully configurable, multithreaded open mail relay scanner which supports scanning of IP blocks and can print the results to a Web page. It is intended for Systems Administrators to check IP blocks under their control.
74aa240f24e78e625cc0b627e63705dd294da7108fae76e76a4967064c829ee7
Umpf is a system for managing encrypted files without using encrypted filesystems such as cfs/tcfs loop-aes/kerneli. Does not require root to run, is lightweight, and transparent.
3aad55bb1c34d97b342fdc0a9b37279257a60a4cbdf3c450c433f6d11856d3c9
Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and looks for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.
c668ce057dbed5c1588785c4508cff4332d9d2c971c1e9184024ee489736e792
IP Sorcery is a TCPIP packet generator which allows you to send TCP, UDP, and ICMP packets with a GTK+ interface.
facd91a81669d700e5622ef495f5237f1cabebd5a7cd0e634feb6c32e5a9f04f
MIME Defanger is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. It works with Sendmail 8.11 / 8.12's "milter" API and will alter or delete various parts of a MIME message according to a flexible configuration file.
a6f50ac4351088af61b7c2a974f2dc5299281c8a015a4d48c66d469f68f9c510
Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.
0505286f46a92eb98b135d52dc93d6949ecd18418ec1911d8d5d74825a2b4099
XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock and has more than 150 modes.
66257344f187978a5f7d46bed6b57d6074288f0ed714094c1f5f5392f27c9247
Cheops-ng is a graphical network management tool for mapping and monitoring your network. It has host/network discovery functionality, OS detection, and it also does a port scan of each computer to tell what services are running, so you can use or administer them.
8489b692fad2d019b1956801878c215f7c87fa10be5c51d375c0c245297a2a8b
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
33dce30ea53feca0860465757a1efa519ec41ab2990858f0d079760a48c366a2
The Firewall Tester consists of two perl scripts, the client part (ftest) and the listening sniffer (ftestd). The client injects custom marked packets, while the sniffer listens for them. The comparison of the script's log files permit the detection of filtered packets and consequently filtering rules if the two scripts are ran on different sides of a firewall. An IDS (Intrusion Detection System) testing feature is also available and snort rule definition file can parsed instead of the standard configuration syntax, ftest can also use common IDS evasion techniques. Stateful inspection firewall and IDS can be handled by the 'connection spoofing' option. CHANGES: Added fragmentation option, added option for specifying IP fragments and TCP segments numbers and size, added fragmentation related evasion techniques, extended syntax now works also for connection spoofing modes, various bugfixes, see Changelog for details. Requires: Net::RawIP, Net::PcapUtils, NetPacket.
b2e9999f056aca95a6a0edfcd1725b49f7add378b94d6548842ebf084f419695
Libfmtb v0.3 is a library with lots of functions for easily exploiting local and remote format string vulnerabilities.
75cb87287ef8777dfe7fccd084fd8a318fd10c069624afe34f229bf59951117e