(Page 6 of 9)   < Prev  1 2 3 4 5 6 7 8 9  Next >

Category: Hostile Code » Detection

Viralator Proxy Virus Scanner
Added 2001-11-13
by viralator
Viralator interfaces your network's squid proxy server with a virus scanner. Before a user can download a file, the proxy passes the file to the Viralator script which, in turn, uses a virus scanner (Inoculate for the first release) to scan, disinfect, or delete the download. This is especially good for stopping virus infected files from free email sites like hotmail, etc. Future enhancements will include other types of antivirus scanners, speed improvements, and limiting downloads to approved users. Support has now been added for AntiVir, AVP, RAV, and Sophos antivirus scanners, password protected sites, and filenames with spaces and special characters.

Added 2001-10-30
by Arne Vidstrom
PEriscope is a PE file inspection tool. For example you can use it as an aid when you are looking for malicious code in files.

NFR BackOfficer Friendly
Added 2001-10-22
by NFR Security
NFRŪ BackOfficer Friendly is a useful little burglar alarm - simple, unobtrusive, and easy to install - which rings when someone rattles your doorknob. It identifies attacks from Back Orifice, one of the nastier hacking applications, as well as other sorts of scans. NFR is currently offering BackOfficer Friendly as a FREE download for personal use only.

IIS Worms Detector
Added 2001-10-22
by Felipe Moniz
IIS Worms Detector scans for Code Red, Code Blue and Nimda Worm locally.

Retina Nimda Scanner
Added 2001-10-22
by eEye Digital Security
The Retina Nimda Scanner is a tool created by eEye Digital Security that is able to scan up to 254 IP addresses at once and determine if any are vulnerable to the "Nimda Worm". If a machine or server is found to be vulnerable to the Nimda Worm, the Retina Nimda Scanner will flag the IP address.

Nimda Notifyer
Added 2001-10-22
by Trevor Peirce
Nimda Notifyer is a Perl script that will automatically send the netblock coordinator an email each time a specific URL is requested. This is meant to pressure system administrators who either don't care about the scanning, or those who are unaware. The default email lists 3 URLs in the email where more information can be found, and even greets recipients with their names (if listed properly in the netblock information).

Form Scalpel
Added 2001-10-22
by curryman
"Form Scalpel" is designed to aid security professionals to assess the resilience of a web sites forms to various forms of attack. Supports HTTP/HTTPS, Proxy servers, Cookies, Java/javascript/vbscript/XML pages and forms - GUI interface. Detailed analysis of certificates and real-time manipulation of HTML data.

KSTAT - Kernel Security Therapy Anti-Trolls
Added 2001-10-22
by S0ftproject2000 Team
Tool useful to find an attacker in your system by a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.

Sentinel Security Toolkit
Added 2001-10-22
by Zurk
Sentinel is a fast file scanner similar to Tripwire or Viper with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database. Disclaimer: this is not a security toolkit. It is a single purpose file/drive scanning program. Available versions are for linux (tested on all current Slackware and RedHat releases), with Irix versions soon to be added on.

Added 2001-10-22
by Yoann Vandoorselaere
Prelude is a Network Intrusion Detection system. It is composed of the Prelude and Prelude Report programs. The first is for packet capture and data analysis, the second, for reporting attacks in a user readable form. Other important and current features of Prelude are an IP defragmentation stack and detection plugins with persistant state.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus