what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 9,482 RSS Feed

Operating System: UNIX

Mandos Encrypted File System Unattended Reboot Utility 1.8.18
Posted Nov 25, 2024
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Client update to detect GPGME version correctly when building initramfs. Server update to ensure it only connects to D-Bus when necessary along with a few other changes.
tags | tool, remote, root
systems | linux, unix
SHA-256 | febc812db5ae0a6bd96fed7c1a01cdac63f8bdbb7bc58e6031aeafbae7d5b096
Faraday 5.9.0
Posted Nov 22, 2024
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added more validations to attachments. Removed license_version from init.py. Added a configurable limit to the retrieval of vulnerabilities. Added the description field to evidence attachments in the VulnerabilitySchema. Fixed vulnerability deletion when it has more than one command associated.
tags | tool, rootkit
systems | unix
SHA-256 | 30b3b1062287c7e55a12390a34c85d5cdfb4bd7d90aaa2c4218e3319a9a8f1ff
Proxmark3 4.19552 Custom Firmware
Posted Nov 22, 2024
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Orca".

Changes: Hitag 1, Hitag S, 8211 functionality. Simulate ISO14443a AID. Improved iCLASS config card generation. Updated to LUA5.4. Bambu 3d filament KDF. Many bugs and bad habits fixed.
tags | tool
systems | unix
SHA-256 | 43f0f5ddbbca478c5be33a6392847a99e2fda47b0a2d21e89fed4a918808f405
Wireshark Analyzer 4.4.2
Posted Nov 21, 2024
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: dfilter to not crash on failed IEEE 11073 float conversions. Qt 6.8 deprecations. Update manuf, services enterprise numbers, translations, and other items. Various other bug fixes and updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 6053d97499c83feb87ce1d7f732d9c889c6c18bb334de67e65dca11483b0514e
Falco 0.39.2
Posted Nov 21, 2024
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: A couple updates to cmake and one to ci.
tags | tool, intrusion detection
systems | unix
SHA-256 | 769d837b8a6c3e34330cb87bef813414005afc8b4418dc3b8c6df27b89942f6b
Zeek 6.0.9
Posted Nov 20, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: The input framework will no longer get stuck and use 100% of the CPU when encountering lines not immediately terminated by a new line. The Modbus analyzer added some additional protocol checks and should no longer over-match on traffic that's not specifically on port 502.
tags | tool, intrusion detection
systems | unix
SHA-256 | a942ce9cb6850374edbdb34a997b26985103b01a85203c8b289a843f3e49e1b6
Cable .NET Post Exploitation Tool
Posted Nov 18, 2024
Site github.com

Cable is a simple post-exploitation tool used for enumeration and further exploitation of Active Directory environments. This tool was primarily created to learn more about .NET offensive development in an Active Directory context.

tags | tool, scanner
systems | unix
SHA-256 | 458a872c342755e93082c07fb043a34150e44308454825841810949f373c7797
PHP-CGI Argument Injection Susceptibility Scanner
Posted Nov 14, 2024
Site github.com

This is a bash script that is a vulnerability checker for CVE-2024-4577 designed to scan multiple domains for an argument injection vulnerability in PHP-CGI. This tool allows security researchers and system administrators to quickly assess whether their systems or a list of domains are potentially vulnerable to this specific security issue. This issue affected PHP-CGI versions 8.1 before 8.1.29, 8.2 before 8.2.20, and 8.3 before 8.3.8.

tags | tool, cgi, scanner, php, bash
systems | unix
advisories | CVE-2024-4577
SHA-256 | 58c9a80f92e4d182c0940c15a33aa87129477ec3f26f7c5c954d840e6f170fd4
Scapy Packet Manipulation Tool 2.6.1
Posted Nov 5, 2024
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: This update contains fixes for various small bugs introduced in version 2.6.0 including a couple of crashes.
tags | tool, scanner, python
systems | unix
SHA-256 | a580a4cf6bbbaf72e64e082d3ee8e5afd4e06becb21eecd24c22d1ef2da58ef3
TOR Virtual Network Tunneling Tool 0.4.8.13
Posted Nov 4, 2024
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.

Changes: This is minor release fixing an important client circuit building (Conflux related) bug which lead to performance degradation and extra load on the network. Some minor memory leaks fixes as well as an important minor feature for pluggable transports.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 9baf26c387a2820b3942da572146e6eb77c2bc66862af6297cd02a074e6fba28
Faraday 5.8.0
Posted Oct 25, 2024
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added support for CVSS 4.0. Improved filtering for better notification links. Added new operator ANY_IN for pipeline job conditions. Updated nginx config template for socketio. Added contains conditional for pipelines conditions. Added custom fields as conditions.
tags | tool, rootkit
systems | unix
SHA-256 | 8b9c5c988d81106685788ea9bf9fec1f90fa1fe8e34107e705fadc70c0d689d9
Adversary3 3.32
Posted Oct 25, 2024
Authored by malvuln | Site malvuln.com

Adversary3 malware vulnerability intel tool for third-party attackers living off malware (LOM), updated with 700 malware and C2 panel vulnerabilities.

Changes: New command to look up sha256 hash for malware entries and fixed the update cmd.
tags | tool, vulnerability
systems | unix
SHA-256 | edd452ec781794f829ff1751ce89d4f03d5f9c4bb1110ba2245132931f24b073
Helper 0.1
Posted Oct 21, 2024
Authored by Emiliano Febbi | Site nullsite.altervista.org

Helper is an enumerator written in PHP that helps identify directories on webservers that could be targets for things like cross site scripting, local file inclusion, remote shell upload, and remote SQL injection vulnerabilities.

tags | tool, remote, shell, local, scanner, php, vulnerability, xss, sql injection, file inclusion
systems | unix
SHA-256 | d393a8fbc83a7853129734872e32346a0060fce6cc2859479ba80540d7ca06af
Wireshark Analyzer 4.4.1
Posted Oct 10, 2024
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

Changes: Reload framing fixes. AppleTalk fix. Allows saving files with Qt 6.8. Donation page added. Update VELOS and rSeries platform identifiers for f5fileinfo. Various other updates and fixes.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 2b9e96572a7002c3e53b79683cf92f8172217e64c17ecaaf612eb68c2a7556ec
I2P 2.7.0
Posted Oct 10, 2024
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Seven bug fixes applied.
tags | tool
systems | unix
SHA-256 | 54eebdb1cfdbe6aeb1f60e897c68c6b2921c36ce921350d45d21773256c99874
Falco 0.39.1
Posted Oct 9, 2024
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Allows null init_config for plugin info. Fixed parsing issues in -o key={object} when the object definition contains a comma. Fixed event set selection for plugin with parsing capability.
tags | tool, intrusion detection
systems | unix
SHA-256 | 028606182ccc2e835bfa8d0034cd1d8bb344380d5e29428c930c76406269f21a
NIELD (Network Interface Events Logging Daemon) 0.6.2
Posted Oct 8, 2024
Authored by Tetsumune KISO | Site nield.sourceforge.net

Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the netlink socket and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules, and traffic control.

Changes: Fixed handling of retired TC. Updated copyrights. Deleted the unreferred function parse_tca_baseclass. Fixed some compiler warnings. Update made where it does not exit in case of ENOBUF or ENOMEM.
tags | tool, kernel, system logging
systems | unix
SHA-256 | c4f650e9f9401a3d545925d4b70777eac7e1d2ce1bdbe1a97b9fe45c0786f106
Zeek 6.0.8
Posted Oct 4, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Adding to the POP3 hardening in 6.0.7, the parser now simply discards too many pending commands, rather than any attempting to process them. Further, invalid server responses do not result in command completion anymore. Processing out-of-order commands or finishing commands based on invalid server responses could result in inconsistent analyzer state, potentially triggering null pointer references for crafted traffic.
tags | tool, intrusion detection
systems | unix
SHA-256 | 39e6293f11ec9f7d38e08f2eb076a436f384c9bb45ce026f60a4154064f6c1e0
Haveged 1.9.19
Posted Oct 3, 2024
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Added --time_interval N to add entropy unconditionally every N seconds. Now synchronizes haveged instances during switch root. Fixed warnings in 90-haveged.rules.
tags | tool
systems | linux, unix
SHA-256 | acbb05776668657012273be9bb3310e3140b79959aa4538e4cca8d30d40c0b8f
Suricata IDPE 7.0.7
Posted Oct 2, 2024
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 6 security fixes, 27 bug fixes, 2 optimizations, 2 features, 2 task, and 1 documentation updates.
tags | tool, intrusion detection
systems | unix
advisories | CVE-2024-45795, CVE-2024-45796, CVE-2024-45797, CVE-2024-47187, CVE-2024-47188, CVE-2024-47522
SHA-256 | 26d0a36194d53080fc8b09b999b2b5a83c4049f40ad07ef6ae69c7225a728b86
Falco 0.39.0
Posted Oct 1, 2024
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: 4 breaking changes, 9 major changes, 6 minor changes, 4 bug fixes, and 23 non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 77cfde0e3fe797209e92e741f526d6000c97302a686dd0b4cfa3801b2df4b199
Scapy Packet Manipulation Tool 2.6.0
Posted Sep 30, 2024
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Dropped support of Python 2.7. Improved packaging. Support for RFC6874-like scope identifiers. The internals that read the routes and interfaces configuration have been rewritten on Linux and BSD. The changelog is quite extensive as it has been two years since the last release so definitely review it.
tags | tool, scanner, python
systems | unix
SHA-256 | cfd1babc5c0008bc021eede72149922c24dfc4a511ced7cc3a8665193b6be5c5
Debian Security Advisory 5779-1
Posted Sep 30, 2024
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5779-1 - Simone Margaritelli reported that cups, the Common UNIX Printing System, does not properly sanitize IPP attributes when creating PPD files, which may result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, unix, debian
advisories | CVE-2024-47175
SHA-256 | 83ecd659e56de14800ec1796cd224782a1142b21ab9254aa2e8f5a8461f8cfc3
Lynis Auditing Tool 3.1.2
Posted Sep 27, 2024
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: 6 additions and 27 changes have been made.
tags | tool, scanner
systems | unix
SHA-256 | 882c46d28005c7c35d2829e646deabbd9834358d885489f7e3a472c7c10972d4
Zeek 6.0.7
Posted Sep 24, 2024
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: The POP3 parser has been hardened to avoid unbounded state growth in the face of one-sided traffic capture or when enabled for non-POP3 traffic.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8c99e850b8cc489e1f1607ffd2c922cb3802cf9159bd23abcbb331499a9dd22c
Page 1 of 380
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close