(Page 3 of 125)   < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >

Category: Auditing

WinFail2Ban
Added 2009-01-11
by Vittorio Pavesi
Scans log files like FTP Logs or Event Viewer and bans IP that makes too many password failures. Basic idea is porting the features of Fail2Ban (http://www.fail2ban.org/) from Linux to Windows.

XArp
Added 2009-01-10
by Christoph P. Mayer
XArp provides advanced and highly customizable ARP spoofing detection. Active and passive mechanisms are available that can be configured per network interface using a GUI for normal users and a GUI for advanced users. XArp gives a complete view of all your network devices and the current state in ARP attacks.

D.O.P.E
Added 2008-12-26
by Mr.Mojo
Dis.Org Penetration Extension for Firefox (D.O.P.E) A User agent Switcher for firefox that supports the following: Search engine Impersonating Operating Systems Impersonation Browser Impersonation Cellular Phones and Mobile Devices Impersonation Game Consoles Impersonation http://www.lostlight.net/tools/blog.html

OSSEC HIDS
Added 2008-11-18
by Third Brigade
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

w3af
Added 2008-11-03
by Andres Riancho
w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

5nmp
Added 2008-10-27
by Filip Waeytens
Background: SNMP is the Simple Network Management Protocol. It is used by many if not most companies to manage and monitor their infrastructure. It is also often overlooked in terms of security and underestimated as an attack vector. RFC1157. Components: The program is a GUI program, written in c#, so you'll need the .NET framework (3.5) and it will only work in MS Windows (Mono and Windows GUI components are a pain to make compatible for now). It uses 2 DLL's that were written from scratch: the hacking.snmp and hacking.bruteforce.dll. The SNMP dll is not complete yet but whenever the author finds time it will be extended to support bulkget and extended ASN parsing, so enumeration will become possible as well as SET actions. You will also need to provide a dictionary for dictionary attacks. A very small one is included. Generic usage: The interface should be intuitive enough. Use the slider to increase or decrease scanning speed. This is important to get accurate results. On a LAN the slider can be set to maximum speed. Behind a Natted broadband connection, caution is advised. Devices such as ADSL modems aren't capable to deal with the large amount of packets and nat connections they generate. The program uses non-blocking udp sockets and a listener for answers, which makes it quite fast. You can also set the destination port for devices which listen on non-standard ports (not 161) and set the listening port to make sure the packets get back ok in case of firewalls. For optimal speed, turn off verbosity, errors and reverse lookups (only in case of maximum speed on a LAN). Results can be saved in XML for further processing and loaded back.

lm2ntcrack
Added 2008-10-17
by Yannick Hamon
This tool provides a simple way to crack Microsoft Windows NT Hash (MD4) when the LM Password is known. It is entirely written in perl, so its easily ported and installed. This program must be used with the password cracker "John the Ripper" http://www.openwall.com/john/ * Example : [yann@xmcopartners:~/lm2ntcrack]$ time perl lm2ntcrack.pl -v -l="AZERTY123$" -n="81CD1A1C4CBCE05C0F8D411ACEC7587F" ############################################################################ # NT Password cracker from LM password # Version : 0.5a - Oct 2008 # By Yannick HAMON # Homepage : http://www.xmcopartners.com ############################################################################ [INFO] : "AZERTY123$" has 10 character(s) but contains 4 special(s) char(s) and/or integer(s) [INFO] : => 64 words will be generated ...... OK !! [INFO] : Crack NT password from "AZERTY123$" and NT HASH "81CD1A1C4CBCE05C0F8D411ACEC7587F" [CRACKED] AZERTY123$ => azERTy123$ real 0m0.033s user 0m0.025s sys 0m0.007s * NB : Recently, after developped this fabulous TOOL, I've found an old post on "openwall mailing-list" : http://www.openwall.com/lists/john-users/2006/07/08/2 This post explains how to crack NT hash from LM password with john-the-ripper (need to modify john's configuration file to use [List.Rules:NT] section and stop running john on the LM hashes). john -show pwfile | cut -d: -f2 > cracked john -w=cracked -rules -format=nt pwfile john -show -format=nt pwfile One known problem with this approach is that it'll fail for passwords containing colons (':' is cut delimiter). This problem does not impact "lm2ntcrack" and you can use "lm2ntcrack" while john is cracking LM hashes.

Injector
Added 2008-10-12
by Raviv Raz
Injector is an automatic SQL injection tool able to evade signature detection by encoding its payload commands in binary format using the SQL CAST command. It can create automatic web site defacement or OS command execution on the backend database server. Good for testing web site immunity against ASPROX bot-net mass sql injections.

Yasca
Added 2008-09-30
by Michael Scovetta
Yasca is a source code analyzer that integrates other open-source tools (PMD, FindBugs, Jlint) to produce a single output file. Yasca is easily extensible and includes a large number of custom rules implemented via a plugin-based architecture. Yasca is designed to find "low hanging fruit" and has plugins supporting a variety of languages, but mostly focused on Java and C/C++.

OSSEC HIDS
Added 2008-08-29
by Third Brigade
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus