Section: .. / UNIX / scanners /
| /// File Name: |
everscan-0.8.2.tgz |
Description:
|
Everscan is a daemonized network scanner that randomly scans at a very slow pace for machines and stores the data to a database. It comes with a client to query for finds.
| | Author: | TheFinn | | Homepage: | http://ghettoshell.net/~thefinn/everscan/ | | File Size: | 2822 | | Last Modified: | Nov 2 00:57:25 2004 |
| MD5 Checksum: | 90a8f52ff8e8395829c161e8bcbaed40 |
|
| /// File Name: |
nixfo-ng-1.5.tar.gz |
Description:
|
NixFo NG is a script that scans Linux-based systems and does a complete inventory of anything installed, available, manipulated, or other wise.
| | Author: | atomix | | Changes: | 59 including many bug fixes and feature additions. | | File Size: | 18751 | | Last Modified: | Oct 31 22:09:28 2004 |
| MD5 Checksum: | ad636b7147a34a43bb451fc54557e89a |
|
| /// File Name: |
rkdscan.zip |
Description:
|
Rkdscan is a scanner designed to detect whether or not an NT based computer is infected with the Hacker Defender root kit. To do this, it makes use of a design flaw.
| | Author: | Andres Tarasco | | Homepage: | http://www.siainternational.com | | File Size: | 43742 | | Last Modified: | Oct 25 23:50:16 2004 |
| MD5 Checksum: | bb653a41e757b9762070bcd1ec082e5e |
|
| /// File Name: |
fwknop-0.4.2.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Added init script for Fedora systems. Added --Kill, --Restart, and --Status modes. | | File Size: | 158890 | | Last Modified: | Oct 1 11:47:43 2004 |
| MD5 Checksum: | 19a008bc79cb9a906d0694a7b826ac9d |
|
| /// File Name: |
BanCh.pl |
Description:
|
BanCh version 1.0 checks hosts for selected banners. Available services are FTP, SMTP, and HTTP. Provides anonymous FTP login checking, CGI scanning, e-mail address extraction from web pages, and other features.
| | Author: | LynX | | File Size: | 24240 | | Last Modified: | Sep 30 03:43:08 2004 |
| MD5 Checksum: | c3b47c724ef1b929ed5e32b959ad96f3 |
|
| /// File Name: |
fwknop-0.4.1.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | Changes: | Bugfix for legacy posf code in fwknop and variable in fwknop.conf. | | File Size: | 157533 | | Last Modified: | Sep 15 01:05:48 2004 |
| MD5 Checksum: | 9a6b53d401e700a648a9166ef7a5cf2a |
|
| /// File Name: |
p0f-2.0.5.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Bug fixes and feature enhancements. | | File Size: | 130002 | | Last Modified: | Sep 14 21:59:12 2004 |
| MD5 Checksum: | 78235749e8ada6ad2b16b40fe15081f6 |
|
| /// File Name: |
nixfo-ng-1.4.tar.gz |
Description:
|
NixFo NG is a script that scans Linux-based systems and does a complete inventory of anything installed, available, manipulated, or other wise.
| | Author: | atomix | | File Size: | 14418 | | Last Modified: | Aug 24 04:47:01 2004 |
| MD5 Checksum: | c55a468b71bb61c1baf75e560ad9f510 |
|
| /// File Name: |
fwknop-0.2.tar.gz |
Description:
|
fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.
| | Author: | Michael Rash | | Homepage: | http://www.cipherdyne.org/fwknop/ | | File Size: | 150152 | | Last Modified: | Aug 5 03:10:52 2004 |
| MD5 Checksum: | f09dbf358b319f9b6f4007e1440dd3c9 |
|
| /// File Name: |
cryptknock-1.0.1.tar.gz |
Description:
|
Cryptknock is an encrypted port knocking tool. Unlike other port knockers which use TCP ports or other protocol information to signal the knock, an encrypted string sent via UDP is used as the trigger, so sniffing cannot be used to recover the knock.
| | Author: | Joe Walko | | Homepage: | http://cryptknock.sourceforge.net/ | | File Size: | 13688 | | Last Modified: | Aug 5 00:16:40 2004 |
| MD5 Checksum: | 2ec3313ae7bab4e2ed35834f4199a2f7 |
|
| /// File Name: |
scapy-0.9.17.tar.gz |
Description:
|
Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
| | Author: | Philippe Biondi | | Homepage: | http://www.secdev.org/projects/scapy | | File Size: | 53855 | | Last Modified: | Jul 27 19:03:19 2004 |
| MD5 Checksum: | c7b0363d646fbdee7fd09042de6fb0a7 |
|
| /// File Name: |
p0f-2.0.4.tgz |
Description:
|
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Tested on Linux, FreeBSD, OpenBSD, NetBSD, SunOS, and Solaris.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/p0f.shtml | | Changes: | Bug fixes and feature enhancements. | | File Size: | 126886 | | Last Modified: | Jul 10 05:03:00 2004 |
| MD5 Checksum: | 7dc7a20c7678233381ed1dbc96d1f423 |
|
| /// File Name: |
bios_synscan.tgz |
Description:
|
BIOS is a fast SYN scanner designed to be quick and sufficient. Source and binary included.
| | Author: | Doctor BIOS | | File Size: | 272920 | | Last Modified: | Jul 9 12:53:00 2004 |
| MD5 Checksum: | 4b87370b3b2ccbdcf9cd8600896e1ea0 |
|
| /// File Name: |
DHCPing-0.90.tar.gz |
Description:
|
DHCPing 0.90 is a tool that can be used for various security audits allowing an engineer the ability to create valid and invalid DHCP/BOOTP traffic via hping. It also features several exploits for the latest ISC Infoblox and DLink vulnerabilities.
| | Author: | Gregory Duchemin | | Homepage: | http://dhcping.openwall.net | | File Size: | 56479 | | Last Modified: | Jul 8 22:06:00 2004 |
| MD5 Checksum: | 50f79721f7d8a3db443e3fbee7a00a4b |
|
| /// File Name: |
hping3-alpha-2.tar.gz |
Description:
|
hping is a network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules, perform spoofed port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, transfer files (even with really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, and audit a TCP/IP stack. hping is very useful for learning TCP/IP.
| | Author: | Antirez | | Homepage: | http://www.hping.org | | Changes: | Two new features for the command line interface. | | File Size: | 573396 | | Last Modified: | Jun 22 19:11:50 2004 |
| MD5 Checksum: | 5abc5f4b5ea4ae55e2a4fd91438c8626 |
|
| /// File Name: |
nmbscan-1.2.3.tar.gz |
Description:
|
NMB Scanner scans the shares of a SMB network, using the NMB and SMB protocols. It is useful for acquiring information on a local area network for such purposes as security auditing. It can obtain such information as NMB/SMB/Windows hostname, IP address, IP hostname, ethernet MAC address, Windows username, NMB/SMB/Windows domain name, and master browser. It can discover all the NMB/SMB/Windows hosts on a local area network by using the hosts lists maintained by master browsers.
| | Author: | Gregoire Barbier | | Homepage: | http://gbarbier.free.fr/prj/dev/#nmbscan | | File Size: | 9649 | | Last Modified: | Jun 22 19:01:34 2004 |
| MD5 Checksum: | 05b087ef7a757fe3949e8f6177b1fec9 |
|
| /// File Name: |
cifspwscan-1_0_3.tar.gz |
Description:
|
A CIFS/SMB password scanner based on the jcifs implementation. The scanner and jcifs are both 100% pure Java, making it possible to run the scanner on a few different platforms. Both the Java source and binary distributions are included.
| | Author: | Patrik Karlsson | | Homepage: | http://www.cqure.net/ | | File Size: | 610744 | | Last Modified: | Jun 18 03:24:57 2004 |
| MD5 Checksum: | e6e80ca7923622aa55c17d56fc6176ce |
|
| /// File Name: |
hping3-alpha-1.tar.gz |
Description:
|
hping is a network tool designed to send custom ICMP/UDP/TCP packets and to display target replies like ping. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under all supported protocols. Using hping, you can test firewall rules, perform spoofed port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, transfer files (even with really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, and audit a TCP/IP stack. hping is very useful for learning TCP/IP.
| | Author: | Antirez | | Homepage: | http://www.hping.org | | Changes: | Implements scripting capabilities that prior versions did not have. A new packet generation core that is much more powerful than the previous is available to the scripting capabilities. | | File Size: | 582981 | | Last Modified: | Jun 14 03:21:36 2004 |
| MD5 Checksum: | 2b3f595d61ee2698341f0ca78987ceab |
|
| /// File Name: |
walker-3.5.tar.gz |
Description:
|
DNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zone transfers, but the zone must contain DNSSEC NXT or NSEC records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.
| | Author: | Simon Josefsson | | Homepage: | http://josefsson.org/walker/ | | Changes: | Minor updates. | | File Size: | 24869 | | Last Modified: | Jun 7 23:38:58 2004 |
| MD5 Checksum: | 2633a11a211e48a43d016c6f2c37d4a3 |
|
| /// File Name: |
x1bpackV1.tar.gz |
Description:
|
The x1b pack is a series of scripts written by the author as an exercise into socket programming with perl. Included are a port scanner with banner grabbing capabilities, a DNS service enumeration script with zonetransfer, some brute forcing utilities, a CGI web scanner, and a couple of other utilities.
| | Author: | Lawrence Lavigne | | File Size: | 6439775 | | Last Modified: | Jun 7 17:02:08 2004 |
| MD5 Checksum: | a4f30b7624eda9bcedf87bc0ca6758fe |
|
| /// File Name: |
walker-3.4.tar.gz |
Description:
|
DNSSEC Walker is a tool to recover DNS zonefiles using the DNS protocol. The server does not have to support zone transfers, but the zone must contain DNSSEC NXT or NSEC records. Optionally, it can also verify DNSSEC signatures on the RRsets within the zone.
| | Author: | Simon Josefsson | | Homepage: | http://josefsson.org/walker/ | | File Size: | 23135 | | Last Modified: | Jun 3 13:51:17 2004 |
| MD5 Checksum: | 5578fff53fda58233954e18e2cbf69ec |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
