Memory Layout - Detailed information on memory management.
cc6fe6e45674468a6bc672789840a5b21125c251e2bdb99011fbff20d436c393
GreedyDog v2.3 is an ethernet packet sniffer for Linux, FreeBSD, OpenBSD, NetBSD, Solaris, IRIX, SunOS4, AIX, MacOSX, and Windows2000/Xp. GreedyDog keeps stream of each TCP session and writes to logfile. Very portable. Manual is here.
9ea5aa65e79bb73b43231fbad538888ef8b601b0fa200261c300006cf9e23e7c
Slrnpull '-d' buffer overflow exploit. Executes shellcode with group 'news' privileges. Tested to work on an Intel Red Hat 6.2 installation .
eccfcdb6d3ad013958b3649b816be1230bf50ad9509fddc11a59fc1c14880407
The SucKIT is easy-to-use, Linux-i386 kernel-based rootkit. The code stays in memory through /dev/kmem trick, without help of LKM support nor System.map or such things. Everything is done on the fly. It can hide PIDs, files, tcp/udp/raw sockets, sniff TTYs. Next, it have integrated TTY shell access (xor+sha1) which can be invoked through any running service on a server. No compiling on target box needed, one binary can work on any of 2.2.x & 2.4.x kernels precompiled (libc-free).
0782e8116250f17749de320363e484ece37a2856ab5f59c96075f788b0c901a8
Apache chunked encoding mass scanner / defacer. When a vulnerable server is found code is launched.
e701383409bcc76b9426ac970d717b951451d645474790a4db482cd1cf64f15d
Labview v5.1.1 and below denial of service exploit.
63e49c0eaaa4336a0325f6a46a82472a47c66c33ef37e4f6220653f0c7488c72
Remote root exploit for Solaris Sparc 6-8 rpc.walld.
c1e410fe5ab1b188ba6d26dea7078a80e8c12c1aca5f21472f6d5a56a4dc4455
Microsoft IIS 4/5.0 remote .ida exploit. Spawns a shell on port 8008.
0fd5e0fbd77aa95dad4b9cbea18e4904d8c929ac25376f72fd816415bf8d97d3
Backdoors Bash-2.05 for local root.
a091c406eec0646458840e3613e28a2adfa1c29709189adf1882c67b9ae23876
Apache remote DoS (1.3.x/2.0.x branches) based on the recent flaw met in chunked encoding.
cec28b70971878ff54768796e2494d2f8f48cedd275ac84b1261c0bfa5ecdbd3
Burndump is a LKM which strips off the Teso burneye protection from encrypted executables. You must be able to run the executable. When the program is unwrapped you don't need the host-fingerprint or the password anymore and the ELF file can be reverse engineered without the burneye anti-debugger tricks. Tested under Linux v2.4.x.
3b36a23bff328ef64a1ac8f9706fb52054711b53b98732f854931af64e878115
Kcms_configure -o -S command line local root buffer overflow for SPARC/solaris 8. More information available here.
78bc78b679916c2da141474802dd02ab271715c5e4e3edc5e7bc694f77031ccc
Bigeye is a network utility dump that can be run in multiple modes - sniffer, logging connections, and even emulating protocols such as HTTP or FTP. The main focus of this program is to create an emulative service that would fool hackers/worms into thinking that they're exploiting a real service, but in fact, they're trying to exploit a fake service. The services currently available are ftp or http. Useful for honeypots.
539835fe1b31923f09bb295a5f862a421092758644cc95c5c8832c043cfe9635
The KF Web Server v1.0.2 shows file and directory content if %00 is appended to the URL. Patch available here.
57f627a9f7b88cd3cc183123645d6f6df32860f6e50530dad88c452563699256
How to hack windows remotely through file sharing.
ffc2b445833e871c315c998250f6bb60702c9aff78e05256d53c79e26ad64a71
An ARP Man In the Middle tool for Windows, which allows one to redirect traffic on a LAN. See https://www.arp-sk.org/ for further information.
7c83e529e9d258e4315f98745f67f5fb87f6070e2e6805589e7fa8950669f767
An ARP packet generator for Windows designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. See https://www.arp-sk.org/ for further information.
f1191f75f28f7a68d09d4241dd2bf20d460669b7d2b6eea6f0ef3687a36b6ce6
An ARP packet generator for Unix designed to illustrate ARP protocol flaws and applications such as ARP cache poisoning. See https://www.arp-sk.org/ for further information.
21428b13238919ff843b6c227cdda0412bd27c97f46fd1a37cea460b5aa9a56c
Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies.
2a96c33a0a19de6d914800a19780c4cf0afe15ce07d6b285cce8f622ff3aa7da
Fake Backdoor System v1.1 - Binds to a port and waits for a connection. When attacker runs a command known to the backdoor, it will print a cloned response back to trick the user, and then disconnect the user from the host. Will save to a log file of choice (default is fbdlog.txt) which includes the Hostname and Command used by the attacker.
5dc3ae887a9df138c0d781f450a5e1ee7cb64aa46e88bf2b62f2a6836f40913b
Lcrzoex is a toolbox for network administrators and network hackers. Lcrzoex contains over 200 functionalities using network library lcrzo. For example, one can use it to sniff, spoof, create clients/servers, create decode and display packets, etc. The Ethernet, IP, UDP, TCP, ICMP, ARP and RARP protocols are supported. Lcrzoex and lcrzo were successfully installed under Linux, FreeBSD and Solaris. This archive contains Lcrzo and Lcrzoex. Windows binaries available here.
aaccde9036a29ac77918fe1c8fdc2677865d02d67615a6a300462690f1da8911
IE'en remotely controls Internet Explorer using DCOM. Windows username and password required. This tool can capture data sent and received using Internet Explorer and more.
9ef911b4b08a0221e78596c8ed1e45ef18ad4ebfd6e83362e9bc571939b71cad
2fax prior to v2.02 for Linux and Windows contains a locally exploitable buffer overflow.
14214e7f949c470b58c600c51e76ebc4d256a68496c77854fa8efd95dc259861
2fax -bpcx option local exploit for Linux.
ebae72f5d4e6a1ffe3acb022e81f8c0f51e05a3a4c47eaa2b903e3d2c92066ef