|
(Page 1 of 3) 1 2 3 Next > Category: Auditing » Backdoors Helios Added 2006-07-14 Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation. BobCat Added 2006-02-04 BobCat is a tool to aid a security consultant in taking full advantage of SQL injection vulnerabilities. It is based on a tool named "Data Thief" that was published as PoC by appsecinc. BobCat can exploit SQL injection bugs/opportunities in web applications, independent of language, but dependent on MS SQL as the back end DB. Iwar Added 2005-11-13 A Unix Based (Linux/OpenBSD/Etc) full featured "war dialer". MySQL/ASCII Flat file logging, tone/silence location, banner detection, "curses" front end. Rkdscan Added 2004-11-19 Rkdscan is able to remotely detect if NT based Computers are compromised With "Hacker Defender" Rootkit IDA Pro - Freeware Edition Added 2003-12-15 The freeware version of the Interactive Disassembler Pro. Supports 80x86 binaries and FLIRT, a unique Fast Library Identification and Recognition Technology that automagically recognizes standard compiler library calls. Widely used in COTS validation and hostile code analysis. StMichael LKM Added 2003-09-23 StMichael, is a LKM that detect sand divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes key kernel areas. chkrootkit Added 2003-06-24 chkrootkit is a tool to locally check for signs of a rootkit. It contains a chkrootkit: shell script that checks system binaries for rootkit modification. The following tests are made: aliens, asp, bindshell, lkm, rexedcs, sniffer, wted, z2, amd, basename, biff, chfn, chsh, cron, date, du, dirname, echo, egrep, env, find, fingerd, gpm, grep, hdparm, su, ifconfig, inetd, inetdconf, identd, killall, login, ls, mail, mingetty, netstat, named, passwd, pidof, pop2, pop3, ps, pstree, rpcinfo, rlogind, rshd, slogin, sendmail, sshd, syslogd, tar, tcpd, top, telnetd, timed, traceroute, and write. ifpromisc.c checks whether the interface is in promiscuous mode, chklastlog.c checks for lastlog deletions, chkwtmp.c checks for wtmp deletions, check_wtmpx.c checks for wtmpx deletions (Solaris only), and chkproc.c checks for signs of LKM trojans. Vision Added 2002-02-26 Vision, Foundstone's newest forensic product, is an essential part of a computer security professional's tool-kit. Vision maps all of a host's executables to corresponding ports, allowing you to identify and investigate suspicious services. Vision enables you to interrogate suspect services to identify backdoors and Trojan applications. If a malicious service is identified, Vision allows you to immediately kill it. BlackList Scanner Added 2001-10-22 The advantages of automated blacklist scanning include: -New lists can be incorporated immediately -Many NT servers can force a scan for the attaching system at logon -extraordinary flexibility, e.g. either scan all drives or just C: at the drop of a had (or editing a batch file). -Very high speed Very compact for wide distribution -Component testability, not just a magic package that may work and often fails. -Extensibility into other areas/applets with River Techniques (tm) PassDump Added 2001-10-22 Dump the logging user's crypted password from memory to a file Browse by category |
|
|
Privacy Statement |
