The Xitami Windows 95/98 webserver is vulnerable to a remote DoS attack.
64fd8af32411e699883ac1a9b8fdeeccfc5dc800bea17a82b88105de457d8d4d
Zombie Zapper Unix version - Zombie Zapper [tm] is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep.
d2449dc174fe563a2ba61533f5e93fdabc5327ba36f7ee9f40827f10035f866a
Spikeman's DoS Attack Tool - Revision 5.2. 33 denial of service attacks at once, launched from a 61k shell script!
d205b7a1f577183e4b8183c293ef82aa0cd5c4abaa624624abed5f55cb4c9a22
Ftpcat v1.0 is a simple program, that allows users to upload and download files and dirlistings from a ftpserver.
c25dbf4b49615bb7763c489be8f641f1cfb5f0b0bde244b4a19f9211c7a81b11
MS SQL 6.5/7.0 brute force password cracking tool.
aa5ad6b52b071928b25aa9e0eef524f1a15ea644108402b6150eb33e37e1c365
Razor has acquired a copy of the Windows Trojan Trinoo, the following is technical information gained from disassembling the binary.
5d0c0846d11849da11543b411218612346e6ce7fccec69dfcc03ec349a9e6dce
SendIP is a commandline tool to send arbitrary IP packets. It has a large number of command line options to specify the content of every header of a TCP, UDP, ICMP, or raw IP packet. It also allows any data to be added to the packet. Checksums can be calculated automatically, but if you wish to send out wrong checksums, that is supported too.
597d6ef601ed76dfaef00296fd97193e75ccb4d73d87574111106c629efefbeb
The idea of the International Kernel Patch is to collect all crypto patches so that using crypto in the kernel will be easier than today. The patch includes a number of crypto patches including a crypto API including Blowfish, CAST-128, DES, DFC, IDEA, MARS, RC6, Rijndael, Safer, Serpent, and Twofish, an encrypted filesystem loopback device using the crypto API, CIPE VPN and EnSKIP patches.
e127c72d3b33a9583b4a909efa7760a259c40e48f383db38c2d65e9736afc393
Whowatch is an interactive utility that displays information about the users currently on the machine in real time. Besides standard information (login name, tty, host, user's process) you can see the connection type (ie. telnet or ssh). You can also watch the process tree, navigate it, and send INT and KILL signals. Ncurses ascii graphics.
5250b61c95f715683cfa8b22cf987f0542a924c43c7c721bcc9186a9dd1a294f
The Secure-Linux patch adds a few security features to the kernel which, while not a complete method of protection, will stop most of the 'cookbook' buffer overflow exploits cold. It also adds the option of restricting the use of symlinks in +t (temp) directories which fixes most tmp-race exploits as well. It can also add a little bit more privacy to the system by restricting access to parts of /proc to root so that users may not see who else is logged on or what they're doing.
e49cc7a4048921f4199edee9044151b49ef7393fcab0d9eca7ca4b436290040f
Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 330 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them.
b0b89d4dbe4f9273fca5c58cc4f644f3ca2389977493c1ea30792332cf683cf3
Quick recode of netzero.c - From 200 lines to 3.
06f13a333a643d42997a81c3e91c853e9f4fa8d4d01c231ffb72ed87698d3a1f
FreeBSD Security Advisory - The MySQL database server (versions prior to 3.22.32) has a flaw in the password authentication mechanism which allows anyone who can connect to the server to access databases without requiring a password, given a valid username on the database - in other words, the normal password authentication mechanism can be completely bypassed.
8230e066083883d0ae634555fe321c957b2a765e1a726ab577f60505e5cff7f5
Evaluating the security of a NT system. Includes security tips, logging options, and more.
a0766d9e54d84ea3d83a5bb9053d2b3629b6c1e62ee62709fb52e33c6679ae23
Pirch98 irc client ident/fserve daemon DoS overflow attack.
a51683485dd5235a1ce5acee72a775e40b0a4252d1745c90c283550c164014c7
A sample ipchains firewall script, featuring many options you can uncomment.
c73bf8b50e6482f94f2b58e1d0d9d22ff9f47189b62981413f8451f53b316756
Overwrite is a UNIX utility for secure deletion, based on Peter Gutmann's paper "secure deletion of data from magnetic and solid state memory" and was created in order to make harder the data recovery process. It implements a built-in cryptographic prng and try to flush the SO and HD cache when possible.
317dd9c2efa2cce08bad1439038b873e64867fd105051aefbccaa62a434c4006
A new version of trin00 that runs on Microsoft Windows machines has been discovered. Trin00 was first discussed in the ISS Security Alert Denial of Service Attack Using the trin00 and Tribe Flood Network Programs on December 7, 1999, and available at http://xforce.iss.net/alerts/advise40.php3. The executable that has been found is a trin00 daemon. It is unclear if there is a Windows version of the trin00 master or if the Windows daemons are controlled by a Unix master.
25716f277d518f1a75f7ae6452ef437d5e20029ae1b50ad57b2e586b3d43a99c
Netscape and Outlook are vulnerable to a DoS attack involving bogus news group file entries. Demonstration page here.
2bfc1b097a8fc3f4b77fc5f10820d45099aeff86130c9d05d7dc4017d565e8b4
Toast is a shell script which launches 49 different DoS attacks against a victim IP. Binaries and source included.
e5fcc613459f097daeccb2086bc8b694d4247f391613f0a001f3eb313bba1be8
The WC Remote Administration Tool (v1.2b) is a Windows remote control trojan coded in Delphi. The client is in C and runs on unix. Includes a tool (LookItUp.c) to test a host for infection. Archive password is set to p4ssw0rd. Use at your own risk.
ec93afe0a1310cc59aa7b6f86bf45f137b1188460ae088fc8eb3f751e59a4264
Etherape is an etherman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based.
8c45f22051326c28d4e2def2ac7026f3424fdd27fd984d59115ccc90de5327c8
Redhat /usr/bin/man exploit (gid=15 leads to potential root compromise).
d047a4471bf94117e04bb0e27a10406bced47cad8417a1cac07d960a8d4110c5