|
(Page 1 of 1) Category: Intrusion Detection » Evasion Open Leak Prevention Test Tool Added 2006-06-15 The Open Leak Prevention Test Tool is an open source, freely distributed tool and methodology that were developed and maintained by PortAuthority Technologies Inc in order to measure the accuracy, effectiveness and detection capabilities of content filtering technologies used by Information Leak Prevention and Content Monitoring and Filtering products to prevent information leaks and ensure corporate and regulatory compliance. tripp Added 2006-03-01 TRIPP is a utility to rewrite incoming and outgoing IP packets. Since it can rewrite both headers and payload, it can be used to configure the tcp/ip stack behavior in order to perform various tasks mainly intended for network tests, simulations and development. It is configured via a small rule-based language, which allows the user to intercept packets, set arbitrary header values, increment or decrement numeric header fields, set an arbitrary payload, rewrite parts of the payload, or fragment, multiply, or drop packets. It is totally user-level and doesn't require any kernel module. Travesty Added 2005-03-07 Travesty is an interactive program for managing the hardware addresses (MAC) of ethernet devices on your computer. It supports manually changing the MAC, generating random addresses, and applying different vendor prefixes to the current address. It also allows the user to import their own lists of hardware addresses and descriptions that can be navigated from within the Travesty interface. Travesty is written in Python, and is very simple to add functionality to, or modify. PHP_Sec (Wasp Project) Added 2004-10-07 PHP_Sec is a library for PHP, designed to detect possible Web attacks, use encryption and log information quickly and easily. The library acts as an IDS but at script level detecting possible SQL Injection, Cross Site Scripting, Directory Traversal, Evasion Techniques and various other vulnerabilties. By adding 2 lines of code we can protect any application PHP application in an easy way. Bait and Switch Honeypot System Added 2003-10-01 The Bait and Switch Honeypot System combines the snort Intrusion Detection System (IDS) with honeypot technology to create a system that reacts to hostile intrusion attempts by marking and then redirecting all "bad" traffic to a honeypot that partially mirrors your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data, while your clients and/or users are still safely accessing the real system. Life goes on, your data is safe, and you get to learn about the bad guy as an added benefit. Stick Added 2001-10-22 Stick uses the Snort rule set and produces a C program via lex that when compiled will produce an IP packet capable of triggering that rule from a spoofed IP range (or all possible IP addresses) into a target IP range. A function is produced for each rule and a loop then executes these rules in a random order. The tool currently produces these at about 250 alarms per second. Snot Added 2001-10-22 Snot is an arbitrary packet generator, that uses snort rules files as its source of packet information. It attempts at all times to randomise information that is not contained in the rule, to hamper the generation of 'snot detection' snort rules. It can be used as an IDS evasion tool, by using specific decoy hosts, or just something to keep your friendly IDS monitoring staff busy. Mendax Added 2001-10-22 Mendax is a "TCP de-synchronizer" that injects overlapping segments in randomly generated order. It's not a router but a stand-alone TCP client program. It can inject a simple attack signature or lines typed in. Although using general socket functions to receive data from the target host, it can send TCP segments not via TCP/IP stack. It's sort of "Own-Hijack"? Browse by category |
|
|
Privacy Statement |
