P R O G R A M S
If the Tao is great, then the operating system is great. If the
operating system is great, then the compiler is great. If the compiler
is great, then the application is great. If the application is great,
then the user is pleased and there is harmony in the world.
The Tao gave birth to machine language. Machine language gave
birth to the assembler. The assembler gave birth to the compiler.
Now there are ten thousand languages. Each language has its purpose,
however humble. Each language expresses the Yin and Yang of software.
Each language has its place within the Tao.
But do not program in COBOL if you can avoid it.
-- Geoffrey James, "The Tao of Programming"
DISCLAIMER
Please read the following disclaimer which applies to all pieces of
source code posted here. SHOULD YOU NOT AGREE TO THE DISCLAIMER, YOU ARE
NOT PERMITTED TO DOWNLOAD ANY CODE FROM THIS PAGE!
ALL OF THIS SOFTWARE IS GENERALLY DISTRIBUTED ACCORDING TO THE GNU GENERAL
PUBLIC LICENSE (GPL). ESPECIALLY, THE FOLLOWING TERMS APPLY:
THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
Network Scanners
- NSAT 1.43Added new HTTP IDS evasion, and webscan-only config file.
- NSAT 1.41 Better OS fingerprinting (xprobe), separate directory logging, enhanced reliability. NSAT's sourceforge page
- NSAT 1.32 Changes include code cleanup, new logging and distributed scanning. NSAT's sourceforge page
- NSAT 1.23 New version: scan target exclusion, bugfixes, improved some logs, etc.
- NSAT 1.22 A fast, highly configurable all-around bulk security scanner
- PAT v2 Ping sweeper, re-written and improved version
- exo (new, fixed version) a connectionless port 'sweeping' tool
- nbnbs NetBiosName BulkScanner, performs a long-range scan for netbios names
- WebScan (Updated) Scans for httpd version and 65 cgi scripts
- WebDecoy Small tool that finds, removes and replaces local vulnerable CGI scripts with decoys
- PAT Ping sweeper (1200 ips / minute)
- lscan v2 Performance & functionality enhanced lscan
- IRIX passwordless account scanner Signature
- LamerzScan 1.2 Signature
- IPZ Generator (iplist maker)
- LScan style scanner for name server iquery bug Signature
- Scanner for vulnerable WU-FTP servers Signature
Security tools, servers, libraries
- ileech.tgz Collection of search engine harvesting mini-bots.
- libmix-204.tgz New stealth communication protocol and new pcap/libnet support.
- libmix-201.tgz Added libnet/libpcap support for stealth transmission.
- Q-2.4.tgz Now with RSA/iSSL encryption.
- IPTABLES Frontend for linux Signature
- libmix-122.tgz Added lm_scan_run (scanner callback), lm_ntoa, lm_addr.
- issl.tgz independent secure sockets layer - library for SSL-alike communications
- libmix-120.tgz New version: exclusion lists API, new packet headers, updated manpages.
- md5bd.c shell backdoor with md5 password authentication
- libmix-110.tgz Crypto/Network/misc libray. STABLE RELEASE VERSION
- Q-2.0.tgz remote shell/bouncer with strong, now with improved security and stability
- l2h.c resolves IP addresses in scan logfiles (lscan, nsat, nscan, webscan, etc.
- libmix-108.tgz Crypto/Network/misc library. Now ported to C++ and as a shared object library.
- Q-1.0.tgz remote shell and bouncer with strong encryption
- libmix-107.tgz A library that provides AES crypto functions, Network functions, and much more useful things
- pcfs.c Creates a fake, but indistinguishable CFS directory
- shlog.c Writes remote host to syslog, when a shell is invoked
- ides.c A daemon that simulates connection attempts and tries to hide traffic from IDS (version 0.3)
- stasis - a tool that monitors and reverts atime/mtime timestamp changes
- echelon for dummies - a realtime pattern matching, high-stealth distributed sniffer network Signature
- spidernet 1.2 a host-based IDS logging network
- bin2c and aconv binary conversion tools
- FWMail 1.1 A secure anonymous SMTP gateway
- mw06.tgz - Millennium Internet Worm
- phantom.tgz - sniffer that sends logs with 96bit DES encryption to a remote loghost
- sniffy.c - My small TCP Packet sniffer
- GateWay 0.2 - flooder/scanner/bouncer/daemonshell/exploit
- LSLA - The encrypting logfile archiver Signature
- IPFWADM Frontend for linux Signature
- Tcl script to extract CGI variables - BETA
- Example for a TCP shell daemon/backdoor Signature