|
Network Fuzzer :: JBroFuzz 0.2
hot!
|
|
Hits: 58 |
|
Date added: 11/12/2006 |
|
JBroFuzz is a java based (exe currently part of this message) stateless network protocol fuzzer for penetration tests. It allows for the identification of certain classes of security bugs, by means of creating malformed data and having the network protocol in question consume the data.
Fuzzing can take place on any part of a socket request by means of specifying one or more generators. These generators can be hexadecimal, octal, decimal as well as binary. A version of a protocol sniffer acting as a TCP reflector is also included within the current implementation.
The current version supports a more robust set of generations, including basic cross site scripting checks (XSS) as well as basic SQL injection. A number of tests involving buffer overflows (BFO), format string errors (FSE) as well as integer overflows (INT) have been added. Also, a separate panel is present showing the definitions for each and actually what a generator performs. |
|
|
|
|
|
Pass-The-Hash Toolkit v1.0
hot!
|
|
Hits: 58 |
|
Date added: 08/24/2007 |
|
The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!) |
|
|
|
|
|
NessusWX v1.4.5d
hot!
|
|
Hits: 54 |
|
Date added: 12/29/2005 |
|
Nessus is the world's most popular vulnerability scanner used in over 75,000 organizations world-wide. Many of the world's largest organizations are realizing significant cost savings by using Nessus to audit business-critical enterprise devices and applications.
NessusWX is a client program for Nessus security scanner which is designed specially for Windows platform. NessusWX has Windows look'n'feel and, in addition, some features that in my opinion was missed in standard Nessus client for Windows. |
|
|
|
|
|
|
Sam Spade v1.14
|
|
Hits: 48 |
|
Date added: 05/28/2005 |
|
This version has a lot of bugfixes over 1.10, the previous stable release, and a number of new features. |
|
|
|
|
|
|
THC-Amap v5.2
|
|
Hits: 47 |
|
Date added: 01/11/2006 |
|
Application Mapper is a next-generation scanning tool that allows you to identify the applications that are running on a specific port. It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233! |
|
|
|
