Section: .. / web /
| /// File Name: |
FireCat.tgz |
Description:
|
FireCat is a new Firefox Framework Map collection of the most useful security oriented extensions. It stands for FireFox Catalog of Auditing Toolbox. Included is a zip file of the extensions and a pdf that provides a diagram of everything included.
| | Author: | Security Database Team | | Homepage: | http://www.security-database.com/ | | File Size: | 83395 | | Last Modified: | Mar 20 11:14:17 2007 |
| MD5 Checksum: | f42fa4fa01b5c59bc6e75f452b057fa3 |
|
| /// File Name: |
modsecurity-apache_2.1.0.tar.gz |
Description:
|
Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
| | Homepage: | http://www.modsecurity.org/ | | Changes: | Improved performance and reduced memory consumption (200% improvement). Includes the generic Web application security rules from the Core Rules project. The manual has been extensively improved. | | File Size: | 650133 | | Last Modified: | Mar 4 04:00:21 2007 |
| MD5 Checksum: | 2e919766f2878c4ee46334816004dd15 |
|
| /// File Name: |
mod_evasive_1.10.1.tar.gz |
Description:
|
Mod_evasive is a module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_evasive reports abuses via email and syslog facilities. Detection is performed by creating an internal dynamic hash table of IP Addresses and URIs, and denying any single IP address from requesting the same page more than a few times per second or making more than 50 requests with the same child per second.
| | Author: | Jonathan A. Zdziarski | | Homepage: | http://www.zdziarski.com/projects/mod_evasive/ | | File Size: | 20454 | | Last Modified: | Feb 5 13:47:38 2007 |
| MD5 Checksum: | 784fca4a124f25ccff5b48c7a69a65e5 |
|
| /// File Name: |
stompy.tgz |
Description:
|
Stompy is a free tool to perform a fairly detailed black-box assessment of WWW session identifier generation algorithms. Session IDs are commonly used to track authenticated users, and as such, whenever they're predictable or simply vulnerable to brute-force attacks, we do have a problem.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx/ | | File Size: | 24523 | | Last Modified: | Jan 29 11:26:19 2007 |
| MD5 Checksum: | d5f3de170e61b5ec865dfc5d0c1790a1 |
|
| /// File Name: |
Pound-2.2.tgz |
Description:
|
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
| | Author: | roseg | | Homepage: | http://www.apsis.ch/pound/index.html | | Changes: | Added the host to LogLevel 2. Added support for tcmalloc. Fixed problem with the initialisation of host_mut. | | File Size: | 146076 | | Last Modified: | Dec 21 22:15:50 2006 |
| MD5 Checksum: | a94e781ced1b2f3a7f8b8051f4d95713 |
|
| /// File Name: |
refspoof.c |
Description:
|
Refspoof acts like a proxy server and is able to spoof your HTTP referrer and user-agent. This comes in handy to bypass certain authentication mechanisms or user-agent limitations for some download managers.
| | Author: | softxor | | Homepage: | http://bunnies.phpnet.us/ | | File Size: | 7029 | | Last Modified: | Dec 8 18:15:01 2006 |
| MD5 Checksum: | efa2344a37c1108a34821fce25644a3b |
|
| /// File Name: |
googlegath.txt |
Description:
|
googlegath is a free open source utility to obtain informations through Google searches. It could be useful for penetration testing, security scanning, etc. googlegath has been tested on GNU/Linux, *BSD systems.
| | Author: | Matteo Cantoni | | Homepage: | http://www.nothink.org/perl/googlegath/ | | File Size: | 3900 | | Last Modified: | Dec 8 16:53:07 2006 |
| MD5 Checksum: | 7258710bb9b915f89b5a84dcbc1c06ae |
|
| /// File Name: |
Pantera_Release_0.1.2.zip |
Description:
|
OWASP Pantera Web Assessment Studio (WAS) is a mix between a pentest proxy, an application scanner and an intelligence analysis framework. Pantera leaves the analysis and automatic (repetitive) stuff to the engine, leaving only the important decisions to the security expert. It has been designed by professionals with many years of experience in the application security industry to offer users the necessary features required for them to create secure code. Pantera uses an improved version of SpikeProxy to provide a powerful web application analysis engine.
| | Author: | Pantera Proxy | | Homepage: | http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project | | Changes: | Tons of changes - See changelog. | | File Size: | 1207676 | | Last Modified: | Nov 30 13:23:57 2006 |
| MD5 Checksum: | 8ac3928d4351c9f49819ffc2d3e1a274 |
|
| /// File Name: |
modsecurity-apache_2.0.4.tar.gz |
Description:
|
Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
| | Homepage: | http://www.modsecurity.org/ | | Changes: | Fixed some bugs. | | File Size: | 303477 | | Last Modified: | Nov 30 02:01:50 2006 |
| MD5 Checksum: | b63f093c7a24b766e6e8c9c8ffc13084 |
|
| /// File Name: |
GSI.zip |
Description:
|
Google Site Indexer (GSI) is a program designed to create a directory listing when a site has turned directory listing off. It sends requests to google using the site operator. Also it gets the sites robots.txt file.
| | Author: | Jeffball55 | | File Size: | 96906 | | Last Modified: | Nov 26 21:22:58 2006 |
| MD5 Checksum: | 66d7f970fce9ebc6ef0044f3f8e8f290 |
|
| /// File Name: |
mod_securid-2.0.3.tar.gz |
Description:
|
The mod_securid Apache module implements RSA SecurID authentication for the Apache Web server. It allows administrators to restrict access to Web sites (or parts of Web sites) to users authenticated using a SecurID token and an ACE server.
| | Author: | Erwan Legrand | | Homepage: | http://www.deny-all.com/mod_securid/v2/ | | Changes: | Added configure script. Added process maintenance. Fixed a few bugs. | | File Size: | 164545 | | Last Modified: | Nov 26 20:46:44 2006 |
| MD5 Checksum: | 789f3705c9b6609d22e880cc0acceea1 |
|
| /// File Name: |
GoogleCall.zip |
Description:
|
GoogleCall uses Google's Click-to-Call service to send a number with a forged Caller ID. It automates the process of sending multiple calls to someone with multiple forged Caller IDs.
| | Author: | Jeffball55 | | File Size: | 97490 | | Last Modified: | Nov 21 21:45:29 2006 |
| MD5 Checksum: | ecc5f5cdd45cdbf9167e4bdba6c87bd4 |
|
| /// File Name: |
modsecurity-apache_2.0.3.tar.gz |
Description:
|
Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
| | Homepage: | http://www.modsecurity.org/ | | Changes: | Version 2.0 is a major rewrite and includes XML support, event correlation, transaction scoring, anomaly detection, data persistence, wealth of anti-evasion functions, regex back-references, support for sessions, and much more. | | File Size: | 302451 | | Last Modified: | Nov 1 17:26:25 2006 |
| MD5 Checksum: | 7993fd01121c6562cc4e3829ba343f94 |
|
| /// File Name: |
Pantera_Release_0.1.1.zip |
Description:
|
OWASP Pantera Web Assessment Studio (WAS) is a mix between a pentest proxy, an application scanner and an intelligence analysis framework. Pantera leaves the analysis and automatic (repetitive) stuff to the engine, leaving only the important decisions to the security expert. It has been designed by professionals with many years of experience in the application security industry to offer users the necessary features required for them to create secure code. Pantera uses an improved version of SpikeProxy to provide a powerful web application analysis engine.
| | Author: | Pantera Proxy | | Homepage: | http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project | | File Size: | 1786718 | | Last Modified: | Oct 30 15:52:50 2006 |
| MD5 Checksum: | f6c29bb2d28ad6f0cbaab6d51bcd2b84 |
|
| /// File Name: |
GoogleRower.zip |
Description:
|
Google Rower was created to automate google searches and retrieve the links. It can brute force searches to get more results by adding a letter or number to the end of each search. It then combines all the results found into one html file and removes the duplicates. It can be used to search an ip range using google's site operator, thus looking for backup/old http servers.
| | Author: | Jeffball55 | | File Size: | 13095 | | Last Modified: | Oct 27 16:51:53 2006 |
| MD5 Checksum: | 8ee131d92b371022c11a9cada4409072 |
|
| /// File Name: |
AttackAPI.zip |
Description:
|
AttackAPI provides simple and intuitive web programmable interface for composing attack vectors with JavaScript and other client (and server) related technologies. The current release supports several browser based attacking techniques, simple but powerful JavaScript console and powerful attack channel and associated API for controlling zombies.
| | Author: | petko d. petkov | | Homepage: | http://www.gnucitizen.org/projects/attackapi/ | | File Size: | 66859 | | Last Modified: | Oct 20 18:12:30 2006 |
| MD5 Checksum: | a3b5bf02dada5efadfcde71310e5503f |
|
| /// File Name: |
httprox.txt |
Description:
|
Httprox is a perl-based HTTP proxy that modifies or adds an HTTP header for all outgoing HTTP traffic. It can handle multiple connections and is useful for Web-application penetration testing, such as modification of the Cookie, User-Agent and Referrer fields, or adding HTTP headers that would normally not be present.
| | Author: | Craig Heffner | | Homepage: | http://www.craigheffner.com/security | | File Size: | 4552 | | Last Modified: | Oct 13 20:23:14 2006 |
| MD5 Checksum: | e10a97075e3d43e3d85baada44328db1 |
|
| /// File Name: |
Pound-2.1.tgz |
Description:
|
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
| | Author: | roseg | | Homepage: | http://www.apsis.ch/pound/index.html | | Changes: | Added support for PCRE and Hoard libraries. Various rewrites and bug fixes. | | File Size: | 136877 | | Last Modified: | Aug 17 02:31:24 2006 |
| MD5 Checksum: | d51fefbaef369c94b87785400e52120f |
|
| /// File Name: |
bulletins.txt |
Description:
|
This is an article discussing some dangers of Myspace bulletins. It includes proof of concept code that can be used to download hundreds of thousands of bulletins that most users assume to be only accessible by friends.
| | Author: | stderr | | Homepage: | http://stderr.linuxinit.net/ | | File Size: | 8645 | | Last Modified: | Jul 2 05:34:00 2006 |
| MD5 Checksum: | ca8ab8c1de038f57e1ef013f912f5ae6 |
|
| /// File Name: |
tinyurlfuckery.c |
Description:
|
The tinyurlfucker utility encodes data in base64 chunks and lets it get moved using tinyurl.com as a transit.
| | Author: | lazy-xo of xoc | | Homepage: | http://xoc-staff.com/ | | File Size: | 10895 | | Last Modified: | May 22 00:56:21 2006 |
| MD5 Checksum: | 0b9124f92507c41d4058abed01024d99 |
|
| /// File Name: |
proxytest.pl |
Description:
|
proxytest.pl is a perl script that reads in a list of proxies from a text file and checks their state.
| | Author: | Andrea Purificato | | Homepage: | http://rawlab.altervista.org | | File Size: | 2952 | | Last Modified: | Apr 28 20:05:21 2006 |
| MD5 Checksum: | 98163d1a3063701248933a04275bbb1e |
|
| /// File Name: |
Pound-2.0.tgz |
Description:
|
Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.
| | Author: | roseg | | Homepage: | http://www.apsis.ch/pound/index.html | | Changes: | See the changelog. | | File Size: | 143345 | | Last Modified: | Feb 2 06:29:43 2006 |
| MD5 Checksum: | ddbd39a9f2beaf625ec7e7a9a2379801 |
|
| /// File Name: |
modsecurity-apache-1.9.1.tar.gz |
Description:
|
Mod Security is an intrusion detection and prevention engine for Web applications which operates as an Apache module or Java Servlet filter. Its purpose is to increase Web application security, protecting Web applications from known and unknown attacks. It is flexible and easy to configure, monitors HTTP traffic (including POST payload), enhances logging, performs automatic built-in checks, and simultaneously allows administrators to create custom rules for their individual needs.
| | Homepage: | http://www.modsecurity.org/ | | Changes: | Some small security improvements, and improvements, also some enhancements. | | File Size: | 395659 | | Last Modified: | Dec 1 01:51:54 2005 |
| MD5 Checksum: | d648ba26b1dba708a06344072bea984c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
