(Page 4 of 9)   < Prev  1 2 3 4 5 6 7 8 9  Next >

Category: Auditing » File Integrity

Added 2002-01-23
by Samy Kamkar
screamingCobra is an application for remote vulnerability discovery in ANY UNKNOWN web applications such as CGIs and PHP pages. Simply put, it attemps to find vulernabilities in all web applications on a host without knowing anything about the applications. Modern CGI scanners scan a host for CGIs with known vulnerabilities. screamingCobra is able to 'find' the actual vulnerabilities in ANY CGI, whether it has been discovered before or not.

Modular Syslog
Added 2001-12-05
by Alejo
The modular syslog allows for an easy implementation of input and output modules. The modules that mantain compatibility with its precursor are included in the standard distribution along with four modules: om_peo (an implementation of PEO-1 and L-PEO, two algorithmic protocols for integrity checking), om_mysql and om_pgsql (modules that sends output to a mysql and postgresql database, respectively) and om_regex (a module that allows output redirection using regular expressions).

Added 2001-11-08
by Alexander Jeliazkov
Saswire is a little program written in perl , which generates database in SDBM format with modification time, MD5 Checksum, Size and creation time for a list of files specified in a input file, one per line with full pathnames to them. Usefull for checking unwanted modification on UNIX system binaries.

Worm Report 1.2
Added 2001-10-22
by Robert S Muhlestein
Worm Report is a very simple Perl script to filter out the known worm hits from the access log, and put them into their own files named for the IP/Host that has been "wormed". A basic report containing the count, hostname, ip, and a guess at the parent domain is then printed to STDOUT to facilitate contacting these individuals. This script is useful in the short term to get the info to the people who need it. Adding a new worm requires adding a new worm hit string to the DATA section of the script, nothing so fancy (or exhaustive) as an Apache module.

Form Scalpel
Added 2001-10-22
by curryman
"Form Scalpel" is designed to aid security professionals to assess the resilience of a web sites forms to various forms of attack. Supports HTTP/HTTPS, Proxy servers, Cookies, Java/javascript/vbscript/XML pages and forms - GUI interface. Detailed analysis of certificates and real-time manipulation of HTML data.

Added 2001-10-22
by Jeff Foster
cqual is a typed-based analysis tool for finding bugs in C programs. It extends the type system of C with extra user-defined type qualifiers. The programmer annotates their program with the appropriate qualifiers, and cqual checks for errors. Incorrect annotations indicate potential bugs. cqual presents the analysis results using Program Analysis Mode, an emacs-based GUI. Among other applications, cqual can be used to detect potential format-string vulnerabilities. It includes default configuration files to detect format-string bugs out-of-the-box.

Site Watcher
Added 2001-10-22
by ForixNT
Site Watcher is a utility that 'watches' a directory for changes. If a file is deleted or changed, the script will reload that file from a repository. This utility is a MUST HAVE for NT administrators to monitor web, FTP, or user's home directories. The readme file in the archive contains all necessary information to run Site Watcher. Site Watcher was developed on NT 4.0 SP6, using ActiveState Perl build 618. You MUST have Digest::MD5 installed for Site Watcher. This will also require the installation of Convert::ASN1. Both modules can be installed via PPM: ppm install Digest-MD5 ppm install Convert-ASN1 Site Watcher is a Perl module (with an accompanying driver script) that monitors a directory for activity. When a file is deleted or changed, Site Watcher will attempt to reload the file from a repository directory. All activity is logged to a file called 'sw.log', located in the repository directory. Site Watcher has not been tested under the following: 1. Win9x 2. Win2000 3. Remote directories All questions or comments should be sent to forixnt@forixnt.com

Added 2001-10-22
by michel@sgi.com
SocketWatcher is an SGI utility similar to lsof.

Added 2001-10-22
by Thomas Biege, thomas@suse.de
Assitch is a remote packetfilter analyzer, that detects in and OUT rules by doing ACK scanning. (It's useless against state-full filters.) Assitch is nearly 3 years old, but still useful for debugging filter rules.

Integrity checking utility (ICU)
Added 2001-10-22
by Andreas Ístling
ICU (Integrity Checking Utility) is a Perl program used for executing AIDE filesystem integrity checks on remote hosts from an ICU server and sending reports via email. This is done with help from SSH(1).

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus