(Page 1 of 15)   1 2 3 4 5 6 7 8 9 10 11  Next >

Platform: Perl (any system supporting perl)

NS2HTML
Added 2009-09-23
by Rodrigo Pace de Barros
NS2Html is a tool that converts plaintext configs extracted from Netscreen devices into friendly HTML rulebases. It has an intuitive Tk GUI for *nix and Windows. It has been tested on devices from the (oldies) ns100 to the isg5200.

OWASP Joomla! Vulnerability Scanner
Added 2009-09-13
by Aung Khant
A regularly-updated signature-based scanner that can detect file inclusion, sql injection, command execution, XSS, DOS, directory traversal vulnerabilities of a target Joomla! web site.

moth
Added 2009-06-08
by Bonsai - Information Security
Moth is a VMware image with a set of vulnerable Web Applications and scripts, that you may use for: 1. Testing Web Application Security Scanners 2. Testing Static Code Analysis tools (SCA) 3. Giving an introductory course to Web Application Security

Webtunnel
Added 2009-02-22
by Janos Szatmary
Webtunnel is a network utility that encapsulates arbitrary data in HTTP and transmits it through a web server. In that regard, it is similar to httptunnel, however, it has several key important differences: its server component runs in the context of a web server as a CGI application (with optional FastCGI support) so it does not need its own port, and supports most things that the web server supports, such as authentication, HTTP 1.1, HTTPS, and client certificates; it uses simple requests and responses so it works seamlessly through forward and reverse proxies; it is multi-threaded (actually multi-process using sockets for inter-process communication) to allow multiple parallel connections to multiple destinations simultaneously.

Webtunnel
Added 2009-02-10
by Janos Szatmary
Webtunnel is a network utility that encapsulates arbitrary data in HTTP and transmits it through a web server. In that regard, it is similar to httptunnel, however, it has several key important differences: its server component runs in the context of a web server as a CGI application (with optional FastCGI support) so it does not need its own port, and supports most things that the web server supports, such as authentication, HTTP 1.1, HTTPS, and client certificates; it uses simple requests and responses so it works seamlessly through forward and reverse proxies; it is multi-threaded (actually multi-process using sockets for inter-process communication) to allow multiple parallel connections to multiple destinations simultaneously.

D.O.P.E
Added 2008-12-26
by Mr.Mojo
Dis.Org Penetration Extension for Firefox (D.O.P.E) A User agent Switcher for firefox that supports the following: Search engine Impersonating Operating Systems Impersonation Browser Impersonation Cellular Phones and Mobile Devices Impersonation Game Consoles Impersonation http://www.lostlight.net/tools/blog.html

lm2ntcrack
Added 2008-10-17
by Yannick Hamon
This tool provides a simple way to crack Microsoft Windows NT Hash (MD4) when the LM Password is known. It is entirely written in perl, so its easily ported and installed. This program must be used with the password cracker "John the Ripper" http://www.openwall.com/john/ * Example : [yann@xmcopartners:~/lm2ntcrack]$ time perl lm2ntcrack.pl -v -l="AZERTY123$" -n="81CD1A1C4CBCE05C0F8D411ACEC7587F" ############################################################################ # NT Password cracker from LM password # Version : 0.5a - Oct 2008 # By Yannick HAMON # Homepage : http://www.xmcopartners.com ############################################################################ [INFO] : "AZERTY123$" has 10 character(s) but contains 4 special(s) char(s) and/or integer(s) [INFO] : => 64 words will be generated ...... OK !! [INFO] : Crack NT password from "AZERTY123$" and NT HASH "81CD1A1C4CBCE05C0F8D411ACEC7587F" [CRACKED] AZERTY123$ => azERTy123$ real 0m0.033s user 0m0.025s sys 0m0.007s * NB : Recently, after developped this fabulous TOOL, I've found an old post on "openwall mailing-list" : http://www.openwall.com/lists/john-users/2006/07/08/2 This post explains how to crack NT hash from LM password with john-the-ripper (need to modify john's configuration file to use [List.Rules:NT] section and stop running john on the LM hashes). john -show pwfile | cut -d: -f2 > cracked john -w=cracked -rules -format=nt pwfile john -show -format=nt pwfile One known problem with this approach is that it'll fail for passwords containing colons (':' is cut delimiter). This problem does not impact "lm2ntcrack" and you can use "lm2ntcrack" while john is cracking LM hashes.

PandoraFMS
Added 2008-09-23
by Sancho Lerena
Pandora FMS is monitoring software. It can detect a network interface down, a defacement in your website, a memory leak in one of your server application, or the movement of any value of the NASDAQ new technology market. Pandora FMS can send SMS messages when your systems fails... or when Google's value drop below US$ 500. Pandora FMS can monitor Windows remotely (through WMI), any device via TCP and/or ICMP checks, and any SNMP device through polling and trap reception. Also allows to reuse user-defined "plugins" that make remote checks, like execute remote commands, connecting devices by telnet to gather data, etc. Pandora FMS can perform periodical network reconnissances to discover new hosts and devices on the network and can create a visual network map, with its network topology and OS type. Pandora FMS also has an WYSIWYG AJAX Visual Console editor for interactive map creation; It has also advanced features like data replication across multiple Pandora FMS setups, pattern-anomaly detection, a prediction engine, a event notificacion manager and a correlation alert system. Besides agentless monitoring it has software agents that can be installed in most OS on the market, these agents can be remotely configured from the Console, and are able to process logs from Windows and Unix systems. Reporting features include user defined reports: SLA checks, real time graphs, and much more possibilities thanks to its SQL automanaged backend. Link & Other data:

SnortNotify
Added 2007-03-24
by Adam Ely
Running from cron at a specified interval SnortNotify will search a snort database for new alerts. If new alerts match a pre configured priority level, an email will be sent to the contact. The email will include Sensor name, the signaturename, and the timestamp.

Prometheus
Added 2007-03-02
by Nemesis (BlackAngels Staff)
Prometheus borns as a tool for Mac OS X system firewall configuration (eredited from FreeBSD IPFW); it is wrote in Perl. It is really versatile and it has two ways of configuration: 1) Step by step configuration, for novice users (by a series of simple questions, it automatically configures firewall rules) 2) Manual configuration, for expert users (read rules directly from user input) Next releases, will include a independet rules library, to give a more complete list of rules to novice users, a firewall log parsing and search function, for system administrators and maybe a GUI.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus