Section: .. / UNIX / audit /
| /// File Name: |
zodiac-0.2.25.tar.gz |
Description:
|
Zodiac is a portable, extensible and multithreaded DNS tool. It is meant to be used as a DNS packet monitor and DNS protocol test and debuging tool. It's basic features are: sniffing of DNS datagrams on an ethernet device, decoding of all types of DNS packets, including safe decompression (partly finished, SOA record are, for example, not decoded yet), nice display and gui, if you like ncurses and text based frontends, always interactive in all situations through built in command line, threaded and flexible design. Advanced features include: local DNS spoof handler, jizz DNS spoof, exploiting a weakness in old bind implementations, determines jizz-weakness, id-prediction and resolver type remotely, id spoofing, exploiting a weakness in the dns protocol itself, implements some advanced DNS denial of service attacks, including flood, label compression and unres attack, advanced DNS smurf.
| | Author: | scut smiler | | File Size: | 41549 | | Last Modified: | Sep 27 16:52:21 1999 |
| MD5 Checksum: | 4c90a5a527abca8c47f7bbcd48429000 |
|
| /// File Name: |
sr-1.02.tar |
Description:
|
System Recovery v1.02 - This is a simple program that can be used to set a database of important system files, and then compare them to see if any were hacked and changed with trojans binaries.
| | Author: | Patrick Lambert | | File Size: | 40960 | | Last Modified: | Aug 16 20:04:49 1999 |
| MD5 Checksum: | d537af138187f3797621174eb0931b99 |
|
| /// File Name: |
auditd-1.20.tar.gz |
Description:
|
auditd is part of the Linux Kernel Auditing Facility (KAD). It will capture auditing trails created by the kernel auditing facility from /proc/audit, filter them, and save them in specific log files. Either a kernel patch or loadable module must be installed for the daemon to be useful, both of which are included.
| | Homepage: | http://www.hert.org | | Changes: | This release includes a kernel module (modkaf) which replaces the previously used patches. Also included is a library (libaudit) which enables you to write applications which emit debugging trails under certain trust-related conditions, and can also be used as a ld.preload object to hook syslog calls. | | File Size: | 39423 | | Last Modified: | Jan 8 16:15:08 2001 |
| MD5 Checksum: | 5cf24931b5d522eb2e3a5825d6d7a993 |
|
| /// File Name: |
rkhunter-1.00RC2.tar.gz |
Description:
|
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix clone.
| | Author: | Michael Boelen | | Homepage: | http://www.rootkit.nl/ | | File Size: | 39048 | | Last Modified: | Dec 18 00:23:47 2003 |
| MD5 Checksum: | e9194c6ee33726d877114b31d3b4317a |
|
| /// File Name: |
chkrootkit-0.48.tar.gz |
Description:
|
Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | New and enhanced tests, minor bug fixes. | | File Size: | 38323 | | Last Modified: | Jan 3 17:58:17 2008 |
| MD5 Checksum: | de8b8b5013e7faa2b66c0e33c59677e8 |
|
| /// File Name: |
flog-0.50.tar.gz |
Description:
|
Flog 0.50 - Flog is a nice, fast ftpd log analyzer. It currently only runs on Linux systems.
| | Author: | Ani Joshi | | Changes: | Added reports and speed improvements. 37k. | | File Size: | 37540 | | Last Modified: | Aug 16 20:04:53 1999 |
| MD5 Checksum: | 8b20bd6aa3edbe9432cd1330733da0e6 |
|
| /// File Name: |
chkrootkit-0.45.tar.gz |
Description:
|
Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | Various improvements, minor bug fixes. | | File Size: | 36359 | | Last Modified: | Apr 18 02:53:28 2005 |
| MD5 Checksum: | 57493e24ca81750a200d8bcb4049e858 |
|
| /// File Name: |
cops_dan_farmer.txt |
Description:
|
Cops and Robbers.
| | Author: | Dan Farmer | | File Size: | 36020 | | Last Modified: | Aug 16 20:05:00 1999 |
| MD5 Checksum: | eb12b6db7883146ec698e5aefc2c816a |
|
| /// File Name: |
ncarp-1.0p1.tar.gz |
Description:
|
Use with COPS to make auditing/monitoring output easier to understand. Comes with COPS package.
| | File Size: | 35576 | | Last Modified: | Aug 16 20:04:44 1999 |
| MD5 Checksum: | 655067dc57cba23260633b64f1d23065 |
|
| /// File Name: |
ncarp.tar.gz |
Description:
|
Use with COPS to make auditing/monitoring output easier to understand. Comes with COPS package.
| | File Size: | 35576 | | Last Modified: | Aug 16 20:04:44 1999 |
| MD5 Checksum: | 655067dc57cba23260633b64f1d23065 |
|
| /// File Name: |
chkrootkit-0.44.tar.gz |
Description:
|
Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | del counter fixed, better support for Linux threads, Madalin now detected, lots of minor bug fixes. | | File Size: | 34101 | | Last Modified: | Nov 10 03:18:08 2004 |
| MD5 Checksum: | d1ea2951dfaa76aed3ce8554c0769626 |
|
| /// File Name: |
chkrootkit-043.tar.gz |
Description:
|
Chkrootkit v0.43 locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | Better PROMISC mode detection on newer Linux kernels, new CGI backdoors detected, new rootkits added, and minor bug fixes. | | File Size: | 33355 | | Last Modified: | Jan 6 17:05:22 2004 |
| MD5 Checksum: | 08646b9bf3a9dc45c25a40946962a839 |
|
| /// File Name: |
env_audit-2.0.tar.gz |
Description:
|
Env_audit is a program that ferrets out everything it can about the environment. It looks for process IDs, UID, GID, signal masks, umask, priority, leaked file descriptors, and environmental variables. It comes with test configurations for anacron, Apache, atd, crond, GDB, inittab, logrotate, PHP, pppd, procmail, rsh, rxvt, Sendmail, SSH, stunnel, sudo, xinetd, and xterm.
| | Author: | Steve Grubb | | Homepage: | http://www.web-insights.net/env_audit/ | | File Size: | 31305 | | Last Modified: | Dec 30 18:49:03 2003 |
| MD5 Checksum: | 05cba8f3d1c1b498b4ded630a0832aa6 |
|
| /// File Name: |
chkrootkit-0.42b.tar.gz |
Description:
|
Chkrootkit v0.42b locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | Fixed NPTL threading mechanisms, minor corrections, chkrootkit, a new test (vdir), detection of the worms 55808.A and TC2, and detection of the rootkits Volc, Gold2, Anonoying, Suckit (improved), and ZK (improved). Fixed bugs and added BSDI support. | | File Size: | 31129 | | Last Modified: | Nov 11 00:34:18 2003 |
| MD5 Checksum: | b708c13663b784db1b1e675279707f7e |
|
| /// File Name: |
chkrootkit-0.39a.tar.gz |
Description:
|
Chkrootkit v0.39a locally checks for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | Solaris bugs where fixed in chkdirs.c, HP-UX support was added to chkdirs.c, A new Adore version was added to chkproc.c, ps thread error fixed in chkproc.c, a Red Hat 8.0 bug was fixed in chkproc.c and detection for several Slapper variants is added to the package. | | File Size: | 29294 | | Last Modified: | Feb 2 14:29:05 2003 |
| MD5 Checksum: | 95c49aae601d402dac063f157de8fb58 |
|
| /// File Name: |
chkrootkit-0.38.tar.gz |
Description:
|
Chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | chkdirs.c added. chkproc.c improvements. Now includes slapper B, sebek LKM, LOC, and Romanian rootkit detection. new test added: trojan tcpdump. Minor bug fixes in the chkrootkit script. | | File Size: | 28500 | | Last Modified: | Dec 24 11:52:04 2002 |
| MD5 Checksum: | 53a0d56d8b5bd1300237fc448c0b37eb |
|
| /// File Name: |
L5.tgz |
Description:
|
Tripwire-like script that traverses UNIX or DOS file systems and checks for file integrity.
| | File Size: | 26574 | | Last Modified: | Aug 16 20:04:44 1999 |
| MD5 Checksum: | 750fddb8835098f8326a0b8b601bfcde |
|
| /// File Name: |
chkrootkit-0.37.tar.gz |
Description:
|
Chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | New rootkits and worms are now detected - Now looks for 41 different ones including OpenBSD rk v1, Illogic rootkit, and SK rootkit, slapper SSL worm, and FreeBSD scalper worm.. Some bugfixes and improvements were made. | | File Size: | 25312 | | Last Modified: | Sep 17 07:19:17 2002 |
| MD5 Checksum: | b0feebea67655daa440da92099dd5187 |
|
| /// File Name: |
bsyrin1.zip |
Description:
|
Buffer Syringe is a tool for checking servers/daemons (e.g. ftp) for buffer overflow(s) on given parameter(s) (a stress tool if you may). It has a flexible configuration file where you input the parameters needed to run the program and it logs sessions to textfile for easy viewing and printing.
| | Author: | Digital Monkey | | File Size: | 24821 | | Last Modified: | Apr 17 17:48:54 2000 |
| MD5 Checksum: | 7c18e001b401c47b2eb6f113cc730c42 |
|
| /// File Name: |
pan_v_1_0.tar.bz2 |
Description:
|
pan is a c program that generates random passwords to a file called passwords.txt.
| | Author: | ad | | Homepage: | http://www.rootshell.be/~ad/ | | File Size: | 23742 | | Last Modified: | Jan 14 22:00:28 2008 |
| MD5 Checksum: | 93ccbf7e73f6877e2569d6f0d722a7c8 |
|
| /// File Name: |
chkrootkit-0.35.tar.gz |
Description:
|
chkrootkit locally checks for signs of a rootkit. Includes detection of LKM rootkits, ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions. Tested on Linux, FreeBSD, Solaris, and OpenBSD. Tested on Linux 2.0.x, 2.2.x and 2.4.x (any distribution), FreeBSD 2.2.x, 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9 and 3.0, Solaris 2.5.1, 2.6 and 8.0.
| | Author: | Nelson Murilo | | Homepage: | http://www.chkrootkit.org | | Changes: | Now includes its own strings command, tests for ldsopreload and lsof, new ports added to the bindshell test, and several new rootkits and trojans added, including the RST.b trojan, duarawkz, knark LKM, HiDrootkit, Monkit, Bobkit, Pizdakit, and t0rn v8.0. | | File Size: | 23571 | | Last Modified: | Jan 19 00:23:37 2002 |
| MD5 Checksum: | edf50a9c8c6bf09b0a9147f2e6168826 |
|
| /// File Name: |
cracklib.tar.Z |
Description:
|
Cracklib is a proactive password security library.
| | File Size: | 21792 | | Last Modified: | Aug 16 20:04:41 1999 |
| MD5 Checksum: | bd4cb87179ba5dba4f17e1116e6dca31 |
|
| /// File Name: |
zylyx-0.1.1.tar.gz |
Description:
|
Zylyx 0.1.1. Zylyx is a multiple purpose http url locator, which is able to find files that would be otherwise lost. it tries to find files within the caches of http proxies that are no longer existent on their original location. to do this it spawns a number of subprocesses which each connect to a proxy server and try to retrieve the original url. if the proxy doesn't have the file it fails, else the subprocess returns the file location.
| | Author: | teso | | File Size: | 21766 | | Last Modified: | Sep 27 16:51:25 1999 |
| MD5 Checksum: | 476c506dde6c12fafd58528cc39e29f8 |
|
| /// File Name: |
sqlmap-0.2.tar.gz |
Description:
|
sqlmap is an automatic blind SQL injection tool capable of enumerating entire remote databases, performing an active database fingerprint and much more. The aim of this project is to implement a fully functional database mapper tool which takes advantages of web application security flaws.
| | Author: | Bernardo Damele,Daniele Bellucci | | Homepage: | http://sqlmap.sourceforge.net | | File Size: | 21015 | | Last Modified: | Dec 15 05:02:21 2006 |
| MD5 Checksum: | 94d732f19b5f4d8e71c4f4aed8f353ef |
|
| /// File Name: |
cracklib26_small.tgz |
Description:
|
Cracklib is a proactive password security library.
| | File Size: | 20912 | | Last Modified: | Aug 16 20:04:42 1999 |
| MD5 Checksum: | 7181205d70afcf75bb2240678b6be855 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
