Microsoft LSASS vulnerability auto rooter. Downloads and executes code from a FTP server.
f71ef7270796d05800fff06da2bb58e37b947b69d61fbedbb27101d5571716ba
tcpreplay is a BSD-style licensed tool to replay saved tcpdump files at arbitrary speeds. It provides a variety of features for replaying traffic for both passive sniffer devices as well as inline devices such as routers, firewalls, and the new class of inline IDS's. Many NIDSs fare poorly when looking for attacks on heavily-loaded networks. tcpreplay allows you to recreate real network traffic from a real network for use in testing.
9d8239023b75dd6c0b9e911839f95de8c525490ec95b4e149405ac24a212f5b2
XScreenSaver is a modular screen saver and locker for the X Window System. It is highly customizable and allows the use of any program that can draw on the root window as a display mode. It is also more stable than xlock and has more than 150 modes.
e428b88cb6719b4deedf505ffb98fb7cbfecb4340e81c29857801aeeef329528
tcptrack is a packet sniffer which passively watches for connections on a specified network interface, tracking their states and listing them in a manner similar to the top command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage. Screenshot available here.
ffb8532569fd43819bf7a138a019f8da2eb141e62ce0b962d897e3e957d2f963
Ettercap NG is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.
9e042be55dc3fc883314f68cf213147ecf2e919ac0fa03815dcf4e4ff60cb58b
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
bcfefe2bdad05e3ef87f47860826e2d5667e3b1be86bc86bd387cc276c4aff77
Webdevil is a tool used to create a distributed performance test against webservers by keeping connections alive until the server times them out. Slave daemon is included to assist in stress testing.
25e78e914b5eb91d497b9fe75d5d5c553156aa5477b01c8871545759d820db53
netjail is a user-space mechanism for limiting the ability of a process to connect sockets in the PF_INET and PF_UNIX domain. The main motivation for this is to foil (or discover) spyware or "call home" code in suspect pieces of binary-distribution-only programs.
2062e3bd63e3da7ecd933c31add9dd03a66dafd8760d66429f68c0271fa79398
Paper discussing shellcode usage that also includes troubleshooting and functionality information. Included are other whitepapers that help offer guidance, some tools, and some shellcodes.
4ec0245150d0f387da8ee2844e769c59d9caac00f74d87dd99b63675db28cafe
Netwox is a utility that can be thought of as a one stop shop network toolbox. It includes a graphical front-end called Netwag. This kit comes with 150 tools that can be used to perform a multitude of tasks that are very useful to any administrator. It supports various protocols (DNS, FTP, HTTP, NNTP, SMTP, SNMP) and performs low level functions like sniffing, spoofing traffic, and playing client/server roles. Both Windows and Unix versions are included.
d068f8caaf9544ef94715cbf215b51943bdd474f04bcc7da82636eeb7f0fd7c3