2 3 4 5 6 Next >
Category: Hostile Code
Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use.
JAAScois PC Monitor v1.0
» Protecting system and windows startup » Protecting internet explorer from hijacks & spyware » Preventing access to computer settings » Internet filtering for web sites , chat rooms and e-mail
Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation.
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.
Network Equipment Performance Monitor
NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems. Many networks behind separate firewalls can be reported on at one central site, and hard-to-reach isolated nets can be accessed. NEPM itself is system independent and can be hosted on either a UNIX or WinNT system or a combination of these with equal ease. NEPM monitors and reports uptime, critical events such as intrusion attempts, access rates, bytes-transferred rates, and error rates of network nodes. Unique precursor event links drill down instantly to the causes of downtime, intrusion events, etc. Performance graphs highlight element throughput and error rate. Hardware and software sub-systems within nodes are tracked and reported separately but in a common format that makes possible direct comparison. True hardware uptime is reported so that hardware and software performance can be separated from that of the communications links and from each other. Summary reports and alerts aggregate a view of an entire network's status onto a single page. Reports are provided via web pages posted to a web server for instant access to results. E-mailed text alerts provide prompt notification of dangerous conditions. NEPM is managed via a browser interface, providing full local or remote control from anywhere on the network. Use NEPM to increase your network uptime, increase network security, monitor QOS and SLA's, and evaluate new equipment. Equipment monitored can be Windows or Linux/UNIX/FreeBSD servers, or any processor-based system that logs events to non-volatile storage and has a telnet/rlogin/ssh/IP stream-mode interface
SIS File Analysis Toolkit
The SIS analysis toolkit consists of a base perl module,SisDump, and a number of perl scripts and utilities useful for analyzing malware. The toolkit contains: * DumpSIS.pl , dump header and file information; extract files * SIShash.pl, Display MD5 and SHA1 hashes for all files in SIS file * SISscan.pl, Hash based malware scanner
GeSWall ensures safe use of the internet applications. It protects you from intrusions and damage from malicious software by isolating vulnerable applications. Isolation applies an access restriction policy that effectively prevents all kinds of attacks, known and unknown.
When malicious software invades your system, the most invasive ones will ensure that they are malignant. They will do this by editing the registry, installing browser helper objects, hijacking the Internet connection with layer service providers and, sometimes all of the above. Some backdoor software will spawn or create clones of them selves in order to regenerate and become quite difficult to remove. Most Spyware scanners will not be able to baptize the system until these programs shut down and your scanners are not capable of doing this when the malicious software regenerates. Even deleting their entries found in the registry may not help considering that some malware will detect this change and add them selves back into the registry. Therefore, one must reboot into Safe Mode in order to ignore the startup list; however, it is now possible to detect, suppress, and remove these malignant processes without rebooting at all. With the release of Assassin version 1.0, anyone operating a personal computer can recover a hijacked network based Windows operating system within minutes and all without rebooting or changing the system configurations.
PE Explorer is a tool for inspecting and editing the inner workings of Windows 32-bit executable files. It offers a look at PE file structure and all of the resources in the file, and reports multiple details about a PE file (EXE, DLL, ActiveX controls, and several other Windows executable formats). Once inside, file structure can be analyzed and optimized, hostile code detected, spyware tracked down, problems diagnosed, changes made and resources repaired.
Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover. If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected.
Browse by category