|
(Page 10 of 17) < Prev 5 6 7 8 9 10 11 12 13 14 15 Next > Category: Auditing » Host BFBTester Added 2001-10-22 BFBTester is great for doing quick, proactive, security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. Versions 2.0-BETA and higher can also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names. While BFBTester cannot test all overflows in software, it is useful for detecting initial mistakes that can red flag dangerous software. DataPool Added 2001-10-22 An extensive collection of 3 shell scripts used in conjunction with 69 DoS tools to analyze vulnerabilities of a certain system. Options to scan only, log to disk, select port range. Ability to work on a range of IPs, and to loop the script until a weakness is found. Compiled in Linux with sources. Only brief testing done so far on local machine, and only on Linux. ARPCI (Automated RPCInfo) Added 2001-10-22 ARPCI automates rpcinfo auditing. It will read a specified host list, log all results, and report on specified string. fs-spider Added 2001-10-22 fs-spider is a multi-threaded bad permissions finder (user defined). NetMonitor Added 2001-10-22 NetMonitor is small program which monitors TCP/IP connections to your machine. Meant for systems administrators who wish to keep track of access to a machine, it can also be useful in network programming or troubleshooting. Basically a graphical version of netstat.exe' which ships with win95/98/nt, it has the added advantages of constantly refreshing it's display as well as logging capabilities. open_constrained() Added 2001-10-22 open_constrained() Code for opening a file and checking that it is only writable by users you intend. It checks ancestor directories and is careful about race conditions and transient errors. XploiterStat Lite Added 2001-10-22 XploiterStat Lite is a freeware network management tool in a similar vein to the dos program 'Netstat.exe' - i.e. shows all the connections to your machine, listening ports (identifying trojans) etc. allowing you the user to see TCP/UDP & ICMP connections are present on your machine. This is the latest release of the program formerly known as Totostat Enhanced. It can be used by networking professionals to determine what connections are on the machine at any time along with all the ports that may be listening (i.e. services, trojan horses etc.). Null.pl Added 2001-10-22 This script attempts to make a null session connection to an NT system, and enumerates information from it, such as transports, domain account policy, groups and users, etc. The script uses the Win32::Lanman module, and provides an excellent demonstration of many of the methods available in the module. rvscan (remote vulnerability scanner) Added 2001-10-22 scans a unix system for just about every remote vulnerability currently being used by hackers. DumpSec Added 2001-10-22 SomarSoft has granted SystemTools.com distribution rights for SomarSoft's DumpSec (formerly known as DumpAcl), DumpReg, and DumpEvt programs. DumpSec is a security auditing program for Microsoft® Windows NT?. It dumps the permissions (DACLs) and audit settings (SACLs) for the file system, registry, printers and shares in a concise, readable listbox format, so that holes in system security are readily apparent. DumpSec also dumps user, group and replication information. DumpSec is a must-have product for Windows NT systems administrators and computer security auditors. Browse by category |
|
|
Privacy Statement |
