< Prev 1 2 3 4 5 6 7 8 9 10 11 Next >
Background: SNMP is the Simple Network Management Protocol. It is used by many if not most companies to manage and monitor their infrastructure. It is also often overlooked in terms of security and underestimated as an attack vector. RFC1157. Components: The program is a GUI program, written in c#, so you'll need the .NET framework (3.5) and it will only work in MS Windows (Mono and Windows GUI components are a pain to make compatible for now). It uses 2 DLL's that were written from scratch: the hacking.snmp and hacking.bruteforce.dll. The SNMP dll is not complete yet but whenever the author finds time it will be extended to support bulkget and extended ASN parsing, so enumeration will become possible as well as SET actions. You will also need to provide a dictionary for dictionary attacks. A very small one is included. Generic usage: The interface should be intuitive enough. Use the slider to increase or decrease scanning speed. This is important to get accurate results. On a LAN the slider can be set to maximum speed. Behind a Natted broadband connection, caution is advised. Devices such as ADSL modems aren't capable to deal with the large amount of packets and nat connections they generate. The program uses non-blocking udp sockets and a listener for answers, which makes it quite fast. You can also set the destination port for devices which listen on non-standard ports (not 161) and set the listening port to make sure the packets get back ok in case of firewalls. For optimal speed, turn off verbosity, errors and reverse lookups (only in case of maximum speed on a LAN). Results can be saved in XML for further processing and loaded back.
SecurePE is a user friendly freeware utility coded in 32bit assembly language that protects Microsoft Windows® PE files with a password, strong RC4 encryption and checksum while leaving them totally functional.
Splunk Log Management | IT Search
Splunk is a FREE software program that indexes and makes searchable data from any app, server or network device in real time including logs, config files, messages, alerts, scripts and metrics.
SELS: Secure Email List Services
SELS provides support for secure mailing lists where email messages are signed and encrypted. Only authorized subscribers have access to messages while others, including the list server, do not. SELS is compatible with most commonly used email clients.
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Grendel-Scan is an open source web application security tool. It has a number of automated testing modules for finding common vulnerabilities such as SQL injection, cross-site scripting, or session fixation. There are also a number of features to aid in manual application penetration testing, such as a intercepting proxy.
Switch Center is network management software for managed network switches and hubs from any vendor supporting SNMP BRIDGE-MIB that helps to discover, monitor and analyze networks connectivity and performance. Switch Center key features are: real-time network discovery, nodes and users information, network switch ports mapping, connectivity and performance monitoring and built-in reports and statistics.
SPAMfighter Exchange Module
SPAMfighter Exchange Module is a Spam and Antivirus Filter for Exchange Server 2000, 2003 and 2007. As email arrives and the Exchange Server routes it to its addressees, SEM makes a unique encrypted signature for each message and sends it to the SPAMfighter Server for evaluation. If the SPAMfighter Server determines that a message is spam, it notifies SEM and the spam mail is moved to the user's spam folder.
DAVIX - the Data Analysis & Visualization Linux® - brings the most important tools for data processing and visualization to your desk. This solution allows you to get started with security visualization without cumbersome compiling and installing tools. The DAVIX CD is based on SLAX 6.0 and follows a modularized approach. Thus, the SLAX ISO image can easily be customized for various purposes. It can even be installed on USB sticks and provide you with mobile analysis capabilities. The CD is shipped with a comprehensive manual that gives you a quick start for all tools and provides information on how-to tailor DAVIX to your needs. All tools are accessible through the KDE start menu and are accompanied with links to external manuals and tutorials.
Exploit-Me is a set of Firefox plugins to test for reflected Cross-Site Scripting and SQL Injection vulnerabilities in web applications. The tools are designed to be lightweight, extensible and easy to use.
Browse by category