exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 109

Integrity Files

Rootkit Hunter 1.4.6

Posted Feb 19, 2018

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added support for Alpine Linux (busybox). Added the Diamorphine LKM test. Added the ALLOWIPCPID configuration file option. Added the ALLOWIPCUSER configuration file option. Various other additions, improvements, and bug fixes made.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

SHA-256 | 9c0f310583ff0dd8168010acd45c7d2e3a37e176300ac642269bce3d759ebda0

Download | Favorite | View

Rootkit Hunter 1.4.4

Posted Jun 30, 2017

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added the GLOBSTAR configuration file option. This will set the shells globstar option to allow recursive checks of directories. By default this option is disabled. Added a Japanese translation file. Added support for the 'BSDng' package manager option. This can be used by those BSD systems which have the 'pkg' command available (currently later FreeBSD systems). Various other improvements and bug fixes made.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

SHA-256 | a8807c83f9f325312df05aa215fa75ad697c7a16163175363c2066baa26dda77

Download | Favorite | View

Chkrootkit Local Privilege Escalation

Posted Nov 20, 2015

Authored by Thomas Stangner, Julien jvoisin Voisin | Site metasploit.com

Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privsec. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default.

tags | exploit, tool, root, integrity, rootkit

advisories | CVE-2014-0476

SHA-256 | 0747e7950fe687c3ab16c47390e8715755184a47efb63dffd00b15a5ba393195

Download | Favorite | View

Check Rootkit 0.50

Posted May 23, 2014

Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.

tags | tool, trojan, integrity, rootkit

systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux

SHA-256 | 9548fc922b0cb8ddf055faff4a4887f140a31c45f2f5e3aa64aad91ecfa56cc7

Download | Favorite | View

Rootkit Hunter 1.4.2

Posted Mar 23, 2014

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: DISABLE_UNHIDE option has been removed from the configuration file. Various bug fixes.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

SHA-256 | 789cc84a21faf669da81e648eead2e62654cfbe0b2d927119d8b1e55b22b65c3

Download | Favorite | View

Another File Integrity Checker 3.4

Posted Sep 10, 2013

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Three new classes were added: Afick::Aliases, Afick::Macros, and Afick::Directives. A new macro was added: archive_retention. On Windows, installation of the Tk module is now forced. afickonfig now works on all config types. An inconsistency between command line parameters and config directives was fixed.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | d73a9ee31690f3b23171387fa6f99dadcf6613bbd0e1efb7e99124ca37275a9d

Download | Favorite | View

Another File Integrity Checker 3.3

Posted Dec 27, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This release continued the rewrite with libraries and unit tests. Afick::Gen, a new library for generic code was added. A bug was fixed in the fix report_url option. The check_update feature was also fixed.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | 09e9674109a70567315f3b473402b481393dff4d7842f9bf2844db43d014279f

Download | Favorite | View

Another File Integrity Checker 3.2

Posted Nov 14, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This is the second release of the new 3.x branch (a progressive rewrite in object oriented programming). Many bugs were fixed. A new plugin (stat_date) was added. The class Afick::Tst was added.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | d848542c2832eaa78bdd6919fdbd7f4f023b16fb5bd5f2d82d6e273f19097ba1

Download | Favorite | View

Another File Integrity Checker 3.1

Posted Jul 26, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This is the first public (stable) release of new 3.x branch. It is a rewrite (partial for now) of afick in object oriented programming, to allow better code and better support. It matches the 2.21 release for features. The two afick branches (2.x and 3.x) will be maintained in parallel for a few versions, to allow users to migrate when they want.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | 933d4fffd3ddffb6eeb8972b47caf3bce6a24d709209a488ab2ddec8e716842c

Download | Favorite | View

Another File Integrity Checker 2.21

Posted Jul 17, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: On Unix/Linux systems, the cron job can now notify nagios monitoring, using the nsca tool.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | a3e1d27385876c05c08eb1166b11ec93813315173953b748a1e2149f47a31761

Download | Favorite | View

Rootkit Hunter 1.4.0

Posted May 1, 2012

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: This release adds eleven bugfixes, seven changes, and five new items.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

SHA-256 | a891c0b900417f2980f0e9afcdb10d1fd5581703be2587a92c90c7631b8814dc

Download | Favorite | View

Another File Integrity Checker 2.20

Posted Feb 7, 2012

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: SHA-256 and SHA-512 checksum algorithms were added to replace SHA-1 for better security. Output of SHA checksums are now compatible with the output of the sha1sum, sha256sum, and sha512sum commands.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | 067e9fd3a6de7bcf39a64c3ea4e28159c8a11605e0f19179116cbaf0b785167e

Download | Favorite | View

Another File Integrity Checker 2.19

Posted Nov 16, 2011

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: A new option (--csv) is added to allow export of the database in CSV format. A new macro (MAILAUTH), permits mail authentication on Windows. A new directive (allow_relativepath) is added that makes internal controls use relative path instead absolute path. A new syntax for file/directories and use of the AFICK_CHROOT environment variable allow 'chrooted directories'.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | f7f6f52200bb66d9f8c5ad93800fbab84853a74f88790323a5688516a06a2a26

Download | Favorite | View

Another File Integrity Checker 2.18

Posted Oct 11, 2011

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This release fixes a lot of little problems on Windows operating systems. A delete button has been added in afick_set_planning.pl. Environment variables in the configuration file are now expanded on-the-fly at the beginning of a run. The program's documentation has been updated.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | dec04b3f53106cacd1335b01b592eab5a98834e75a09cc837f0526e999409a80

Download | Favorite | View

Another File Integrity Checker 2.17

Posted Jun 10, 2011

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Arguments for the --list option should now be separated by a comma instead a space character. Search for the default config file is now the same for Unix and Linux: /etc/afick.conf and then afick.conf. The version is now shared between afick and afick-tk. Arguments for --list can also be given in several calls.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | 16c0827f38b019c292df6dac99eddc1b658553dfb181f86e551638115f8bc238

Download | Favorite | View

Malmon Detection Tool 0.3

Posted Feb 2, 2011

Authored by ShadowX | Site sourceforge.net

Malmon is a real-time exploit/backdoor detection tool for Linux that audits the integrity of files in a given directory.

Changes: Huge speed optimizations, a scan option, force update, and the ability to add/remove a directory from the watch list while running.

tags | tool, integrity

systems | linux, unix

SHA-256 | b44bd8cc65e7ed8c1749175d09228644839ff1029e6d7827c30f82a2877767af

Download | Favorite | View

Malmon Detection Tool 0.1b

Posted Jan 21, 2011

Authored by ShadowX | Site sourceforge.net

Malmon is a real-time exploit/backdoor detection tool for Linux that audits the integrity of files in a given directory.

tags | tool, integrity

systems | linux, unix

SHA-256 | d5dd56f761d0cdd8088afc2459b6355673102f394d9f5f7aa0f74876cbcf1afa

Download | Favorite | View

Another File Integrity Checker 2.16

Posted Dec 15, 2010

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Some bugs were fixed in checksum computing.

tags | tool, integrity

systems | linux, windows, unix

SHA-256 | 66d8374c7516016aa8a7fce0af66cc5c2cfea6101ef18e20cdbfe33a76789658

Download | Favorite | View

Rootkit Hunter 1.3.8

Posted Nov 18, 2010

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: The change log lists 24 bug fixes, 29 changes and 18 new items.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

SHA-256 | fb1fb8bac53bab476142b5556140c59d589bc0f45d3dc058f400f2edada77a33

Download | Favorite | View

Another File Integrity Checker 2.15

Posted Apr 24, 2010

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Afick will now work on Windows Vista/Seven with uac. Afick_cron now uses boune syntax instead of bash syntax. A bug has been fixed for activeperl 5.10.1.1007. Remaining environment variables in the configuration file are detected/replaced by the check_config and clean_config options.

tags | tool, integrity

systems | windows, unix

SHA-256 | 3fbc00b9baf21d4e47916f9da5ebf3cad4f643b51f83c0d0862eb96cf85c07af

Download | Favorite | View

Rootkit Hunter 1.3.6

Posted Nov 30, 2009

Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: This release offers more ease of use and improved checks. The changelog lists 29 additions including 9 configuration options and details for 12 rootkits, 29 changes including improvements for 15 rootkit checks, and 22 bugfixes.

tags | tool, shell, perl, integrity, rootkit

systems | netbsd, unix, solaris

SHA-256 | e3f5e21307e4876da4bc4a1521a86f1cda93ad22d4c77366876d7c170dcefc10

Download | Favorite | View

iWatch Filesystem Monitor 0.2.2

Posted Nov 18, 2009

Authored by Cahya Wirawan | Site iwatch.sourceforge.net

iWatch is a real-time filesystem monitoring program. It is a tool for detecting any changes on your filesystem and reporting it to the system administrator immediately. It uses a simple configuration file in XML format and is based on inotify, a file change notification system in the Linux kernel.

Changes: The bug where the file being watched contains one of the formats available for substitution was fixed. A directory that is renamed or moved is now watched properly. Unnecessary watching of create events was fixed. A feature was added to reload the configuration file when the SIGHUP signal is received. A feature to specify the charset was added.

tags | tool, kernel, integrity

systems | linux

SHA-256 | beb2b8326b90130b3102cba38e6efb1f73622e9b52ea1b1da6270e2365ee0fe7

Download | Favorite | View

Check Rootkit 0.49

Posted Jul 30, 2009

Authored by Nelson Murilo | Site chkrootkit.org

Chkrootkit checks locally for signs of a rootkit. Chkrootkit includes ifpromisc.c to check and see if the interface is in promisc mode, chklastlog.c to check lastlog for deletions, and chkwtmp.c to check wtmp for deletions, strings.c for quick and dirty strings replacement, check_wtmpx.c to check for wtmpx deletions and the files chkproc.c and chkdirs.c to check for LKM trojans. Tested on Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x, 3.x, 4.x, and 5.x, BSDI, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0 and 3.1, NetBSD 1.5.2 and Solaris 2.5.1, 2.6 and 8.0, and HP-UX 11.

Changes: New and enhanced tests, minor bug fixes.

tags | tool, trojan, integrity, rootkit

systems | linux, netbsd, unix, solaris, freebsd, openbsd, hpux

SHA-256 | ccb87be09e8923d51f450a167f484414f70c36c942f8ef5b9e5e4a69b7baa17f

Download | Favorite | View

Another File Integrity Checker

Posted Jul 28, 2009

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: The checksum output is now compatible with md5sum/sha1sum commands. A bug was fixed on negative rules. The quiet option was added. The graphical interface now accepts database, history, and archive command line options.

tags | tool, integrity

systems | windows, unix

SHA-256 | c153bac2a81cf0db04f64c84975d8eb350619b161262ca423f395b9bb6eeb37c

Download | Favorite | View

Another File Integrity Checker 2.13-1

Posted Jan 21, 2009

Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Removed udev files from scan. Began to remove global variables. Various other bug fixes and additions.

tags | tool, integrity

systems | windows, unix

SHA-256 | c3070a5715957e2d8f94273a98bc4f922f8d2077847b1e2c87f41ca241e65b61

Download | Favorite | View