2 3 4 5 6 Next >
Category: Hostile Code » Detection
Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use.
JAAScois PC Monitor v1.0
» Protecting system and windows startup » Protecting internet explorer from hijacks & spyware » Preventing access to computer settings » Internet filtering for web sites , chat rooms and e-mail
Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation.
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.
Network Equipment Performance Monitor
NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems. Many networks behind separate firewalls can be reported on at one central site, and hard-to-reach isolated nets can be accessed. NEPM itself is system independent and can be hosted on either a UNIX or WinNT system or a combination of these with equal ease. NEPM monitors and reports uptime, critical events such as intrusion attempts, access rates, bytes-transferred rates, and error rates of network nodes. Unique precursor event links drill down instantly to the causes of downtime, intrusion events, etc. Performance graphs highlight element throughput and error rate. Hardware and software sub-systems within nodes are tracked and reported separately but in a common format that makes possible direct comparison. True hardware uptime is reported so that hardware and software performance can be separated from that of the communications links and from each other. Summary reports and alerts aggregate a view of an entire network's status onto a single page. Reports are provided via web pages posted to a web server for instant access to results. E-mailed text alerts provide prompt notification of dangerous conditions. NEPM is managed via a browser interface, providing full local or remote control from anywhere on the network. Use NEPM to increase your network uptime, increase network security, monitor QOS and SLA's, and evaluate new equipment. Equipment monitored can be Windows or Linux/UNIX/FreeBSD servers, or any processor-based system that logs events to non-volatile storage and has a telnet/rlogin/ssh/IP stream-mode interface
SIS File Analysis Toolkit
The SIS analysis toolkit consists of a base perl module,SisDump, and a number of perl scripts and utilities useful for analyzing malware. The toolkit contains: * DumpSIS.pl , dump header and file information; extract files * SIShash.pl, Display MD5 and SHA1 hashes for all files in SIS file * SISscan.pl, Hash based malware scanner
PE Explorer is a tool for inspecting and editing the inner workings of Windows 32-bit executable files. It offers a look at PE file structure and all of the resources in the file, and reports multiple details about a PE file (EXE, DLL, ActiveX controls, and several other Windows executable formats). Once inside, file structure can be analyzed and optimized, hostile code detected, spyware tracked down, problems diagnosed, changes made and resources repaired.
Spybot - Search & Destroy can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover. If you see new toolbars in your Internet Explorer that you didn't intentionally install, if your browser crashes, or if you browser start page has changed without your knowing, you most probably have spyware. But even if you don't see anything, you may be infected.
PHP_Sec (Wasp Project)
PHP_Sec is a library for PHP, designed to detect possible Web attacks, use encryption and log information quickly and easily. The library acts as an IDS but at script level detecting possible SQL Injection, Cross Site Scripting, Directory Traversal, Evasion Techniques and various other vulnerabilties. By adding 2 lines of code we can protect any application PHP application in an easy way.
DmpE32 -Symbian Executable Information Dumper
Symbian Exe File dumper * Useful for analysis of potential malware. * Determine wheteher or not an executable has been inappropiately modified(Mosquitos "Trojan"). * Provides information on: - Header (UIDs,Section sizes, Entry Point, Application Type) - Imported functions list (DLL name and number of functions by default)
Browse by category