Labrea
Intrusion detection / "sticky" honey pot technology using virtual servers to detect and trap worms, hackers, and other malware.
Read the Article
|
ngrep: network grep
ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular or hexadecimal expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI, Token Ring and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
Read the Article
|
sshdfilter
sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output and generating iptables rules, the process can be quick enough to block an attack before they get a chance to enter any password at all.
Read the Article
|
Wesley - DHCP Spoof Tool
Wesley is a fake DHCP server that implements various features like invisible redirection of connections and MAC filtering for singling out a specific host or not replying to DHCP requests from security scanners.
Read the Article
|
arp_spoofer
This program (coded in C using PF_PACKET sockets) allows full manipulation of ARP packets, including specification of Source MAC/IP Addresses and Destination MAC/IP Addresses. This can be useful when diagnosing networking problems including host/switch ARP Poisoning testing, and router testing.
Read the Article
|
DenyHosts
DenyHosts is a script intended to be run by Linux system administrators to help thwart ssh server attacks.
Read the Article
|
WebGoat
WebGoat is a full J2EE web application designed to teach web application security lessons. In each lesson, users must demonstrate their understanding by exploiting a real vulnerability on the local system. The system is even clever enough to provide hints and show the user cookies, parameters and the underlying Java code if they choose. Examples of lessons include SQL injection to a fake credit card database, where the user creates the attack and steals the credit card numbers.
Read the Article
|
Bro Intrusion Detection System
Bro is a Unix-based Network Intrusion Detection System (IDS). Bro monitors network traffic and detects intrusion attempts based on the traffic characteristics and content. Bro detects intrusions by comparing network traffic against rules describing events that are deemed troublesome. These rules might describe activities (e.g., certain hosts connecting to certain services), what activities are worth alerting (e.g., attempts to a given number of different hosts constitutes a "scan"), or signatures describing known attacks or access to known vulnerabilities. If Bro detects something of interest, it can be instructed to either issue a log entry or initiate the execution of an operating system command.
Read the Article
|
DumpUsers
DumpUsers is able to dump account names and information even though RestrictAnonymous has been set to 1.
Read the Article
|
DelGuest
DelGuest deletes the built-in Guest account in Windows NT. This account is supposed to be impossible to delete, and it is impossible to delete through the ordinary user interface, but with DelGuest you can do it.
Read the Article
|
