(Page 1 of 1)  

Category: Rootkits

Katana: Portable Multi-Boot Security Suite
Added 2009-11-25
by .ronin
Katana v1 (Kyuzo) has just been released from www.hackfromacave.com . The Katana: Portable Multi-Boot Security Suite is designed to fulfill many of your computer security needs. The idea behind this tool is to bring together many of the best security distributions and applications to run from one USB Flash Drive. Instead of keeping track of dozens of CDs and DVDs loaded with your favorite security tools, you can keep them all conveniently in your pocket. Katana includes distributions which focus on Penetration Testing, Auditing, Password Cracking, Forensics and Honey Pots. Katana comes with over 100 portable Windows applications, such as Wireshark, HiJackThis, Unstoppable Copier, Firefox, and OllyDBG. It also includes the following distributions: - Backtrack 4 pre - the Ultimate Boot CD - Ophcrack Live - Damn Small Linux - the Ultimate Boot CD for Windows - Got Root? Slax - Organizational Systems Wireless Auditor (OSWA) Assistant - Damn Vulnerable Linux Katana is also highly customizable. You can modify Katana by adding or removing distributions and portable apps with ease. You can add functionality to distributions like the Ultimate Boot CD, Got Root? Slax and UBCD4Win. You can also load your personal scripts and documents to keep them conveniently with you on your flash drive to use in concert with the provided tools. More informations on this can be found at forum.hackfromacave.com

IPPON
Added 2009-08-21
by Itzik Kotler, Tomer Bitton
This tool uses several techniques of update-exploitation attacks which leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session

OSSEC HIDS
Added 2008-11-18
by Third Brigade
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

OSSEC HIDS
Added 2008-08-29
by Third Brigade
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

Training in a Flash Malware Protection
Added 2007-04-18
by Guy Huntington
A free, 3 minute Flash Program to train enterprise users on malware attacks and how to avoid them.

LINReS
Added 2006-08-07
by Kush Wadhwa, Chetan Gupta
LINReS is a Live Response script designed to run on suspect/compromised Linux systems system with a minimal impact on the system to satisfy various forensic standards requirements. This script has been tested successfully on RedHat Enterprise Linux systems. LINReS consists of mostly statically compiled binaries and includes the various shared libraries that may be required to run the binaries (which are not statically compiled). All in all, no binary from the compromised system is used by this tool which mitigates the risk of collecting information on a trojaned system.

Helios
Added 2006-07-14
by MIEL e-Security Pvt. Ltd.
Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation.

DarkSpy Anti-Rootkit
Added 2006-06-06
by CardMagic & wowocock
DarkSpy(Freeware) Anti-Rookit is a powerful tool for rootkit detection. DarkSpy is a multiway-based detection tool . It internally combines many effective detection techniques, including DarkSpy's own handlers and also methods used by other famous tools. DarkSpy 1.0.5 new features: Enhanced Process/Driver Module detection. Fixed some problems working with other security software(Karspersky...etc). Enhanced process force terminate functionality. Start to support multi-cpu and hyperthread. Registry functionality added. Help document added. Use it at your own risk.

DarkSpy Anti-Rootkit
Added 2006-04-20
by CardMagic & wowocock
DarkSpy Anti-Rootkit V1.0.2 Test Version(Freeware) DarkSpy Introduction: DarkSpy is a new rootkit detection tool from China. It's coded by two guys : CardMagic & wowocock,and support some new features that can make the detection more effective. DarkSpy is consisted of five parts: 1.Process: Detect hidden process(even hide with FUTo...) Force kill process(even Icesword) 2.Kernel Module: Detect hidden kernel module(even hide with FUTo...) 3.File: Detect hidden files Force copy file Force delete file 4.Registry function is not provided in test version. 5.Port: Detect hidden ports (Notice: DarkSpy don't allow any kernel debugger to run!) Environment supported by test version: 32bit Windows 2000(SP4 and later) 32bit Windows XP 32bit WIndows 2003 Single CPU without hyperthread Try it at your own risk....:) If you find any bugs,please contact me via my email: sunmy1@sina.com Thanks!

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus