| Killerwall is a firewalling script for Linux 2.2.x and/or 2.4.x using either ipchains or iptables. It is a bash shell script (I know the top of the file says #!/bin/sh, but for most Linux distro's, that is a symbolic link to /bin/bash or /usr/bin/bash). The madness behind that is to use entirely POSIX tools to do it's job (sed, grep, awk...etc)....killerwall....killwall_howto.html |
| Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers....ethereal-0.9.13.tar.gz |
| mysecrep version 0.7 generates an audit-report from the syslog messages from snort, pcds and samhain, thus covering a whole range of security-tools, packed in 1 report. The report written is to disk and send via email. Written in Perl....mysecrep.gz |
| fang is a small proof-of-concept application to find non discoverable bluetooth devices. This is done by brute forcing the last six (6) bytes of the bluetooth address of the device and doing a read_remote_name()...redfang.tar.gz |
| Unmask is a simple md5 cracking utility that will attempt to find the true IP address of a fake host using Trircd 5.0 and PTlink....unmaskv2.tar.gz |
| Utility to brute-force AIM screenames and passwords. In a list of about 1500 passwords, aimcrack takes about 2 hours on a cable modem connection....aimcrack-0.1.tar.gz |
| Proxychains is a command line tool for Linux and Solaris which allows TCP tunneling trough one or multiple (chained) HTTP proxies. Changes: Minor bugfixes, improved compilation on FreeBSD, OpenBSD, and Sun Solaris, and addressed some cross platform issues....proxychains-1.8.2.tar.gz |
| RPM Finder Project version 1.0 is a utility that works much like the rpmfind.net site. It currently only supports RedHat but will support Mandrake and Suse in its future releases....rpf.tar.gz |
| Amap is a scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233! Changes: Bug fix in the -o output and RPC scanning....amap-2.5.tar.gz |
| P0F.... P0f is a small but strangely successful utility I developed long time ago. In short, it recognizes what system others run, but unlike nmap, it does it without generating any traffic. It can also deduct several other interesting facts about the remote system (such as NAT). P0f turned out to be quite popular, is shipped with a bunch of OSes, got integrated with several pieces of serious software, and even makes a part of OpenBSD packet firewall (kudos to Mike Frantzen). |