Section: .. / UNIX / scanners /
| /// File Name: |
ptscan.tgz |
Description:
|
A simple threaded portscanner that is lightweight.
| | Author: | Robert Molnar | | File Size: | 8655 | | Last Modified: | Jan 15 11:56:58 2006 |
| MD5 Checksum: | 2ca7c8d71ea76b9ce2a247dd8c3bcef6 |
|
| /// File Name: |
snmpcheck.pl.txt |
Description:
|
snmpcheck is a tool to get information via SNMP protocols for Windows, Linux, Cisco, HP-UX and SunOS platforms. Tested on GNU/Linux, *BSD and Windows (Cygwin and ActivePerl) systems. Distributed under the GPL license and based on Athena-2k script by jshaw.
| | Author: | Matteo Cantoni | | Homepage: | http://www.nothink.org/perl/snmpcheck.html | | File Size: | 22042 | | Last Modified: | Jan 7 21:05:33 2006 |
| MD5 Checksum: | 336c228eabd30a3119c070ba6123e9b2 |
|
| /// File Name: |
webknock.tgz |
Description:
|
Webknock is a program that continuously scans Apache's access logfile and executes a configurable command when a certain URL sequence is detected. The IP address of the client can be passed to the command to be executed, allowing one to use iptables to open certain ports (usually, SSH) to certain hosts as soon as the correct URL sequence is activated. No changes to the Web server configuration are necessary.
| | Author: | Marco Paganini | | Homepage: | http://www.paganini.net/index.cgi/opensource/webknock.html | | File Size: | 5048 | | Last Modified: | Dec 31 03:57:00 2005 |
| MD5 Checksum: | 4ee79b7fb4fecaaf75ee709c12328654 |
|
| /// File Name: |
Stealfly.tar.gz |
Description:
|
Stealfly is proof of concept perl code that illustrates the usage of port knocking. The server sits on a defined interface and listens for a certain amount of UDP packets to be sent from a chosen ip that will use a range of source ports for each packet. If the rules are satisfied then server will open it's port or connect back using netcat.
| | Author: | hash | | Homepage: | http://gotfault.net/~hash/tools/stealfly/stealfly.html | | File Size: | 3999 | | Last Modified: | Dec 28 22:03:24 2005 |
| MD5 Checksum: | 654a6be0a89a56b3b2084d3d7c89f76a |
|
| /// File Name: |
pbnj-1.12.tar.gz |
Description:
|
PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | Changes: | Fixed to work with nmap 3.95. | | File Size: | 28685 | | Last Modified: | Dec 28 18:49:20 2005 |
| MD5 Checksum: | 30753280dca24fec8caeb148dbdda34b |
|
| /// File Name: |
httprint_macosx_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Mac OS-X release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL in formation gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 458359 | | Last Modified: | Dec 28 18:15:34 2005 |
| MD5 Checksum: | 6b188cd60df6eca5409694fa40859f0d |
|
| /// File Name: |
httprint_linux_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the Linux release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL in formation gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 679128 | | Last Modified: | Dec 28 18:15:04 2005 |
| MD5 Checksum: | af53704de9c1851bd439cbe3fab3e0ad |
|
| /// File Name: |
httprint_freebsd_301.zip |
Description:
|
httprint is a web server fingerprinting tool. It relies on web server characteristics to accurately identify web servers, despite the fact that they may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. httprint can also be used to detect web enabled devices which do not have a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings and it is very easy to add signatures to the signature database. httprint can import web servers from nmap network scans, if they are saved in XML format. The current version adds the ability to save reports in CSV and XML formats, and features a completely new method of scoring by confidence ratings to minimize false positives. This version is the FreeBSD release.
| | Author: | Saumil Shah | | Homepage: | http://net-square.com/httprint/ | | Changes: | New multi-threaded engine. SSL information gathering. Automatic SSL port detection. Various bug fixes. | | File Size: | 512708 | | Last Modified: | Dec 28 18:14:34 2005 |
| MD5 Checksum: | d5efd9463f671ce92f50ce3222f1774e |
|
| /// File Name: |
ndisc6-0.5.1.tar.bz2 |
Description:
|
ndisc consists or two small command line tools (ndisc and rdisc) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | Changes: | Various updates. | | File Size: | 23027 | | Last Modified: | Dec 9 12:08:10 2005 |
| MD5 Checksum: | 33487fe5505b195eb31468d88ba9ab56 |
|
| /// File Name: |
pbnj-1.10.tar.bz2 |
Description:
|
PBNJ is a network tool that can be used to give an overview of a machine or multiple machines and includes the details about the services running on them. PBNJ is different from other tools because it is based on using a scan from nmap parsed to amap. PBNJ parses the data from a scan and outputs to a CSV format file for each ip address scanned.
| | Author: | Joshua D. Abraham | | Homepage: | http://pbnj.sf.net/ | | File Size: | 24997 | | Last Modified: | Dec 3 00:32:49 2005 |
| MD5 Checksum: | 5a5b347106e5419259e62c5943687bdb |
|
| /// File Name: |
automagic.zip |
Description:
|
The Automagic SQL Injector is part of the Sec-1 Exploit Arsenal provided as part of the Applied Hacking & Intrusion Prevention training courses. In a nutshell it's an automated SQL injection tool designed to help save time on pen tests. It is only designed to work with vanilla Microsoft SQL injection holes where errors are returned.
| | Author: | Gary O'Leary-Steele | | Homepage: | http://www.sec-1.com | | File Size: | 1494628 | | Last Modified: | Nov 30 02:31:55 2005 |
| MD5 Checksum: | e0a4e2669ec52d212d73d0864492dd78 |
|
| /// File Name: |
scapy-1.0.2.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | See changelog. | | File Size: | 104563 | | Last Modified: | Nov 8 23:34:01 2005 |
| MD5 Checksum: | c4cac0a657079492710b31a6aed0672a |
|
| /// File Name: |
coarseknocking-0.0.2.tar.gz |
Description:
|
This is a simple implementation of Port Knocking techniques. It sniffs network packets looking for predetermined keys and executes commands to open and close ports on the firewall. In the client mode it injects packets with the key to server.
| | Author: | Andre Luiz Rodrigues Ferreira | | Homepage: | http://coarseknocking.sourceforge.net/ | | File Size: | 11711 | | Last Modified: | Nov 3 20:23:30 2005 |
| MD5 Checksum: | 5c760ecdd6a41fa6e680c8aba14fed1a |
|
| /// File Name: |
fortress-0.3.tar.gz |
Description:
|
Fortress is a simple script driven framework for performing security scans. The core of the application is an application which will execute testing scripts written using the embedded LUA scripting engine. The scripts may perform almost arbitrary operations, including making HTTP requests, conducting port scanning, and taking advantage of several other provided primitives.
| | Author: | Debian | | Homepage: | http://www.steve.org.uk/Software/Fortress/ | | File Size: | 78627 | | Last Modified: | Oct 26 12:33:49 2005 |
| MD5 Checksum: | 69b39e4ad91b5b7d3d5be1a35c925998 |
|
| /// File Name: |
scapy-1.0.1.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes. | | File Size: | 102701 | | Last Modified: | Oct 26 12:20:33 2005 |
| MD5 Checksum: | 0257d4708107e31ca0705ada528a592a |
|
| /// File Name: |
AutoScan-0.97.3b.tar.gz |
Description:
|
AutoScan is an application designed to explore and to manage your network. Entire subnets can be scanned simultaneously without human intervention. The objective of the program is to post the list of all equipment connected to the network. A list of ports preset is scanned for each equipment.
| | Author: | AutoScan | | Homepage: | http://autoscan.free.fr | | File Size: | 2447064 | | Last Modified: | Oct 18 19:59:05 2005 |
| MD5 Checksum: | edfd9043a780e22dc42176d6c4595834 |
|
| /// File Name: |
fwknop-0.9.5.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and bug fixes. | | File Size: | 253153 | | Last Modified: | Oct 6 01:57:57 2005 |
| MD5 Checksum: | 9fb3d4d42b2c9a3458be11797dd5993c |
|
| /// File Name: |
walker-3.8.tar.gz |
Description:
|
DNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zone transfers, but the zone must contain DNSSEC NXT or NSEC records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.
| | Author: | Simon Josefsson | | Homepage: | http://josefsson.org/walker/ | | Changes: | Various tweaks and updates. | | File Size: | 18478 | | Last Modified: | Sep 22 03:17:23 2005 |
| MD5 Checksum: | 7cb1988a5ad65f132f43928ed9d8a06d |
|
| /// File Name: |
fwknop-0.9.4.tar.gz |
Description:
|
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and bug fixes. | | File Size: | 252409 | | Last Modified: | Sep 22 03:12:16 2005 |
| MD5 Checksum: | b1470d0025b1ba765bac72472a65b5dc |
|
| /// File Name: |
fwknop-0.9.3.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and bug fixes. | | File Size: | 248885 | | Last Modified: | Aug 31 03:06:29 2005 |
| MD5 Checksum: | cee2f1bfd69fdb2456780eda43d6a3e4 |
|
| /// File Name: |
ndisc6-0.1.5.tar.bz2 |
Description:
|
ndisc6 consists of two small command line tools (ndisc6 and rdisc6) that perform ICMPv6 Neighbor Discovery and ICMPv6 Router Discovery respectively. It is primarily meant for IPv6 networking diagnostics or to detect rogue IPv6 nodes or routers on an Ethernet segment.
| | Author: | Remi Denis-Courmont | | Homepage: | http://people.via.ecp.fr/~rem/ndisc/ | | File Size: | 14931 | | Last Modified: | Aug 28 16:02:58 2005 |
| MD5 Checksum: | 349de20ade093e2e4017a1ad1009b6b2 |
|
| /// File Name: |
nmapgui.zip |
Description:
|
An unofficial Win32 front-end for Fyodor's Nmap. Adds some functionalities that allow end users to take greater advantage of the tool. Allows for HTML exporting, and more.
| | Author: | Andrea Micalizzi | | Homepage: | http://retrogod.altervista.org | | File Size: | 705335 | | Last Modified: | Aug 14 18:35:59 2005 |
| MD5 Checksum: | c28ba1120dd648e3c5d6b7e81b678ca0 |
|
| /// File Name: |
scapy-1.0.0.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | Changes: | Various bug fixes. | | File Size: | 90189 | | Last Modified: | Aug 10 03:08:06 2005 |
| MD5 Checksum: | e4930279664b4651c0b657aeb1a0f195 |
|
| /// File Name: |
fwknop-0.9.2.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Various additions and bug fixes. | | File Size: | 247018 | | Last Modified: | Aug 10 02:48:31 2005 |
| MD5 Checksum: | d062bf97701b910244db34ab332c95ac |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
