(Page 1 of 1)  

Category: Intrusion Detection » Evasion

Katana: Portable Multi-Boot Security Suite
Added 2009-11-25
by .ronin
Katana v1 (Kyuzo) has just been released from www.hackfromacave.com . The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security tools, you can keep them all conveniently in your pocket. Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots. Katana comes with over 100 portable Windows applications, such as Wireshark, HiJackThis, Unstoppable Copier, Firefox, and OllyDBG. It also includes the following distributions: - Backtrack 4 pre - the Ultimate Boot CD - Ophcrack Live - Damn Small Linux - the Ultimate Boot CD for Windows - Got Root? Slax - Organizational Systems Wireless Auditor (OSWA) Assistant - Damn Vulnerable Linux Katana is also highly customizable. You can modify Katana by adding or removing distributions and portable apps with ease. You can add functionality to distributions like the Ultimate Boot CD, Got Root? Slax and UBCD4Win. You can also load your personal scripts and documents to keep them conveniently with you on your flash drive to use in concert with the provided tools. More informations on this can be found at forum.hackfromacave.com

PacketFence
Added 2009-07-20
by Inverse inc.
PacketFence is a fully supported, Free and Open Source network access control (NAC) system. PacketFence is actively maintained and has been deployed in numerous large-scale institutions over the past years. It can be used to effectively secure networks - from small to very large heterogeneous networks. PacketFence has been deployed in production environments where thousands of users are involved. Among the different markets are : * banks * colleges and universities * engineering companies * manufacturing businesses * school boards (K-12) ... and many more! Released under the GPL, PacketFence offers an impressive amount of features.

Open Leak Prevention Test Tool
Added 2006-06-15
by Sharon Besser
The Open Leak Prevention Test Tool is an open source, freely distributed tool and methodology that were developed and maintained by PortAuthority Technologies Inc in order to measure the accuracy, effectiveness and detection capabilities of content filtering technologies used by Information Leak Prevention and Content Monitoring and Filtering products to prevent information leaks and ensure corporate and regulatory compliance.

tripp
Added 2006-03-01
by poplix
TRIPP is a utility to rewrite incoming and outgoing IP packets. Since it can rewrite both headers and payload, it can be used to configure the tcp/ip stack behavior in order to perform various tasks mainly intended for network tests, simulations and development. It is configured via a small rule-based language, which allows the user to intercept packets, set arbitrary header values, increment or decrement numeric header fields, set an arbitrary payload, rewrite parts of the payload, or fragment, multiply, or drop packets. It is totally user-level and doesn't require any kernel module.

Travesty
Added 2005-03-07
by Robert Wesley McGrew
Travesty is an interactive program for managing the hardware addresses (MAC) of ethernet devices on your computer. It supports manually changing the MAC, generating random addresses, and applying different vendor prefixes to the current address. It also allows the user to import their own lists of hardware addresses and descriptions that can be navigated from within the Travesty interface. Travesty is written in Python, and is very simple to add functionality to, or modify.

PHP_Sec (Wasp Project)
Added 2004-10-07
by Jose Antonio Coret (Joxean Koret)
PHP_Sec is a library for PHP, designed to detect possible Web attacks, use encryption and log information quickly and easily. The library acts as an IDS but at script level detecting possible SQL Injection, Cross Site Scripting, Directory Traversal, Evasion Techniques and various other vulnerabilties. By adding 2 lines of code we can protect any application PHP application in an easy way.

Bait and Switch Honeypot System
Added 2003-10-01
by Violating Networks
The Bait and Switch Honeypot System combines the snort Intrusion Detection System (IDS) with honeypot technology to create a system that reacts to hostile intrusion attempts by marking and then redirecting all "bad" traffic to a honeypot that partially mirrors your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data, while your clients and/or users are still safely accessing the real system. Life goes on, your data is safe, and you get to learn about the bad guy as an added benefit.

Stick
Added 2001-10-22
by Coretez Giovanni, coretez@8thport.com
Stick uses the Snort rule set and produces a C program via lex that when compiled will produce an IP packet capable of triggering that rule from a spoofed IP range (or all possible IP addresses) into a target IP range. A function is produced for each rule and a loop then executes these rules in a random order. The tool currently produces these at about 250 alarms per second.

Snot
Added 2001-10-22
by sniph
Snot is an arbitrary packet generator, that uses snort rules files as its source of packet information. It attempts at all times to randomise information that is not contained in the rule, to hamper the generation of 'snot detection' snort rules. It can be used as an IDS evasion tool, by using specific decoy hosts, or just something to keep your friendly IDS monitoring staff busy.

Mendax
Added 2001-10-22
by Min G. Kang
Mendax is a "TCP de-synchronizer" that injects overlapping segments in randomly generated order. It's not a router but a stand-alone TCP client program. It can inject a simple attack signature or lines typed in. Although using general socket functions to receive data from the target host, it can send TCP segments not via TCP/IP stack. It's sort of "Own-Hijack"?

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus