Contribuez à SecuObs en envoyant des bitcoins ou des dogecoins.
Nouveaux articles (fr): 1pwnthhW21zdnQ5WucjmnF3pk9puT5fDF
Amélioration du site: 1hckU85orcGCm8A9hk67391LCy4ECGJca

Contribute to SecuObs by sending bitcoins or dogecoins.

Chercher :
Newsletter :  


Revues :
- Presse
- Presse FR
- Vidéos
- Twitter
- Secuobs





Sommaires :
- Tendances
- Failles
- Virus
- Concours
- Reportages
- Acteurs
- Outils
- Breves
- Infrastructures
- Livres
- Tutoriels
- Interviews
- Podcasts
- Communiques
- USBsploit
- Commentaires


Revue Presse:
- Tous
- Francophone
- Par mot clé
- Par site
- Le tagwall


Top bi-hebdo:
- Ensemble
- Articles
- Revue
- Videos
- Twitter
- Auteurs


Articles :
- Par mot clé
- Par auteur
- Par organisme
- Le tagwall


Videos :
- Toutes
- Par mot clé
- Par site
- Le tagwall


Twitter :
- Tous
- Par mot clé
- Par compte
- Le tagwall


Commentaires :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS/XML :
- Articles
- Commentaires
- Revue
- Revue FR
- Videos
- Twitter


RSS SecuObs :
- sécurité
- exploit
- windows
- attaque
- outil
- microsoft


RSS Revue :
- security
- microsoft
- windows
- hacker
- attack
- network


RSS Videos :
- curit
- security
- biomet
- metasploit
- biometric
- cking


RSS Twitter :
- security
- linux
- botnet
- attack
- metasploit
- cisco


RSS Comments :
- Breves
- Virus
- Failles
- Outils
- Tutoriels
- Tendances
- Acteurs
- Reportages
- Infrastructures
- Interviews
- Concours
- Livres
- Communiques


RSS OPML :
- Français
- International











Revue de presse francophone :
- Appaloosa AppDome nouent un partenariat pour accompagner les entreprises dans le déploiement et la protection des applications mobiles
- D-Link offre une avec un routeur VPN sans fil AC
- 19 mai Paris Petit-Déjeuner Coreye Développer son business à l'abri des cyberattaques
- POYNTING PRESENTE LA NOUVELLE ANTENNE OMNI-291, SPECIALE MILIEU MARITIME, CÔTIER ET MILIEU HUMIDE
- Flexera Software Les utilisateurs français de PC progressent dans l'application de correctifs logiciels, mais des défis de tailles subsistent
- Riverbed lance SD-WAN basé sur le cloud
- Fujitsu multi-récompensé VMware lui décerne plusieurs Partner Innovation Awards à l'occasion du Partner Leadership Summit
- Zscaler Private Access sécuriser l'accès à distance en supprimant les risques inhérents aux réseaux privés virtuels
- QNAP annonce la sortie de QTS 4.2.1
- Une enquête réalisée par la société de cyber sécurité F-Secure a décelé des milliers de vulnérabilités graves, potentiellement utilisables par des cyber criminels pour infiltrer l'infrastru
- Trouver le juste équilibre entre une infrastructure dédiée et cloud le dilemme de la distribution numérique
- 3 juin - Fleurance - Cybersécurité Territoires
- Cyber-assurances Seules 40 pourcents des entreprises françaises sont couvertes contre les violations de sécurité et les pertes de données
- Des étudiants de l'ESIEA inventent CheckMyHTTPS un logiciel qui vérifie que vos connexions WEB sécurisées ne sont pas interceptées
- Les produits OmniSwitch d'Alcatel-Lucent Enterprise ALE gagnent en sécurité pour lutter contre les cyber-attaques modernes

Dernier articles de SecuObs :
- DIP, solution de partage d'informations automatisée
- Sqreen, protection applicative intelligente de nouvelle génération
- Renaud Bidou (Deny All): "L'innovation dans le domaine des WAFs s'oriente vers plus de bon sens et d'intelligence, plus de flexibilité et plus d'ergonomie"
- Mises à jour en perspective pour le système Vigik
- Les russes ont-ils pwn le système AEGIS ?
- Le ministère de l'intérieur censure une conférence au Canada
- Saut d'air gap, audit de firmware et (in)sécurité mobile au programme de Cansecwest 2014
- GCHQ: Le JTRIG torpille Anonymous qui torpille le JTRIG (ou pas)
- #FIC2014: Entrée en territoire inconnu
- Le Sénat investit dans les monnaies virtuelles

Revue de presse internationale :
- VEHICLE CYBERSECURITY DOT and Industry Have Efforts Under Way, but DOT Needs to Define Its Role in Responding to a Real-world Attack
- Demand letter served on poll body over disastrous Comeleak breach
- The Minimin Aims To Be The Simplest Theremin
- Hacking group PLATINUM used Windows own patching system against it
- Hacker With Victims in 100 Nations Gets 7 Years in Prison
- HPR2018 How to make Komboucha Tea
- Circuit Bender Artist bends Fresnel Lens for Art
- FBI Director Suggests iPhone Hacking Method May Remain Secret
- 2016 Hack Miami Conference May 13-15, 2016
- 8-bit Video Wall Made From 160 Gaming Keyboards
- In An Era Of Decline, News Sites Can t Afford Poor Web Performance
- BeautifulPeople.com experiences data breach 1m affected
- Swedish Air Space Infringed, Aircraft Not Required
- Why cybercriminals attack healthcare more than any other industry
- Setting the Benchmark in the Network Security Forensics Industry

Annuaire des videos
- FUZZING ON LINE PART THREE
- Official Maltego tutorial 5 Writing your own transforms
- Official Maltego tutorial 6 Integrating with SQL DBs
- Official Maltego tutorial 3 Importing CSVs spreadsheets
- install zeus botnet
- Eloy Magalhaes
- Official Maltego tutorial 1 Google s websites
- Official Maltego tutorial 4 Social Networks
- Blind String SQL Injection
- backdoor linux root from r57 php shell VPS khg crew redc00de
- How To Attaque Pc With Back Track 5 In Arabique
- RSA Todd Schomburg talks about Roundup Ready lines available in 2013
- Nessus Diagnostics Troubleshooting
- Panda Security Vidcast Panda GateDefender Performa Parte 2 de 2
- MultiPyInjector Shellcode Injection

Revue Twitter
- RT @fpalumbo: Cisco consistently leading the way ? buys vCider to boost its distributed cloud vision #CiscoONE
- @mckeay Looks odd... not much to go on (prob some slideshow/vid app under Linux)
- [SuggestedReading] Using the HTML5 Fullscreen API for Phishing Attacks
- RT @BrianHonan: Our problems are not technical but cultural. OWASP top 10 has not changed over the years @joshcorman #RSAC
- RT @mikko: Wow. Apple kernels actually have a function called PE_i_can_has_debugger:
- [Blog Spam] Metasploit and PowerShell payloads
- PinkiePie Strikes Again, Compromises Google Chrome in Pwnium Contest at Hack in the Box: For the second time thi...
- @mikko @fslabs y'all wldn't happen to have lat/long data sets for other botnets, wld you? Doing some research (free/open info rls when done)
- RT @nickhacks: Want to crash a remote host running Snow Leopard? Just use: nmap -P0 -6 --script=targets-ipv6-multicast-mld #wishiwaskidding
- An inexpensive proxy service called is actually a front for #malware distribution -

Mini-Tagwall
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone

+ de mots clés pour la revue de presse

Annuaires des videos : curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit

+ de mots clés pour les videos

Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall

+ de mots clés pour la revue Twitter

Top bi-hebdo des articles de SecuObs
- [Ettercap – Partie 2] Ettercap par l'exemple - Man In the Middle et SSL sniffing
- [Infratech - release] version 0.6 de Bluetooth Stack Smasher
- [IDS Snort Windows – Partie 2] Installation et configuration
- [Infratech - vulnérabilité] Nouvelle version 0.8 de Bluetooth Stack Smasher
- Mises à jour en perspective pour le système Vigik
- USBDumper 2 nouvelle version nouvelles fonctions !
- EFIPW récupère automatiquement le mot de passe BIOS EFI des Macbook Pro avec processeurs Intel
- La sécurité des clés USB mise à mal par USBDUMPER
- Une faille critique de Firefox expose les utilisateurs de Tor Browser Bundle
- Installation sécurisée d'Apache Openssl, Php4, Mysql, Mod_ssl, Mod_rewrite, Mod_perl , Mod_security

Top bi-hebdo de la revue de presse
- StackScrambler and the Tale of a Packet Parsing Bug

Top bi-hebdo de l'annuaire des videos
- DC++ Botnet. How To DDos A Hub With Fake IPs.
- Comment creer un server botnet!!!!(Réseau de pc zombies)
- Defcon 14 Hard Drive Recovery Part 3

Top bi-hebdo de la revue Twitter
- RT @secureideas: I believe that all the XSS flaws announced are fixed in CVS. Will test again tomorrow if so, release 1.4.3. #BASESnort
- Currently, we do not support 100% of the advanced PDF features found in Adobe Reader... At least that's a good idea.
- VPN (google): German Foreign Office Selects Orange Business for Terrestrial Wide: Full
- @DisK0nn3cT Not really, mostly permission issues/info leak...they've had a couple of XSS vulns but nothing direct.
- Swatting phreaker swatted and heading to jail: A 19-year-old American has been sentenced to eleven years in pris..
- RT @fjserna You are not a true hacker if the calc.exe payload is not the scientific one... infosuck.org/0x0035.png

Top des articles les plus commentés
- [Metasploit 2.x – Partie 1] Introduction et présentation
- Microsoft !Exploitable un nouvel outil gratuit pour aider les développeurs à évaluer automatiquement les risques
- Webshag, un outil d'audit de serveur web
- Les navigateurs internet, des mini-systèmes d’exploitation hors de contrôle ?
- Yellowsn0w un utilitaire de déblocage SIM pour le firmware 2.2 des Iphone 3G
- CAINE un Live[CD|USB] pour faciliter la recherche légale de preuves numériques de compromission
- Nessus 4.0 placé sous le signe de la performance, de l'unification et de la personnalisation
- [Renforcement des fonctions de sécurité du noyau Linux – Partie 1] Présentation
- [IDS Snort Windows – Partie 1] Introduction aux IDS et à SNORT
- Origami pour forger, analyser et manipuler des fichiers PDF malicieux

New arsenal files for May 23rd, 2009

Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]

S'abonner au fil RSS global de la revue de presse



New arsenal files for May 23rd, 2009

Par kinqpinz.info
Le [2009-05-24] à 04:46:33



Présentation : * Alpine 2.00 o alpine-2.00.tar.bz2 + Alpine is a fast, easy to use email client that is suitable for both the inexperienced email user as well as for the most demanding of power users. Alpine is based on the Pine Message System, which was also developed at the University of Washington. Alpine can be learned by exploration and the use of context-sensitive help. The user experience is highly customizable through the use of the Alpine Setup command. Alpine is released under the Apache License, Version 2.0. All of the source needed to build Unix, Windows, and Web-based mail user agents is included. * Kindle Mobilepocket Tools 0.2 o azw-0.2.tar.bz2 + Linked archive includes two Python scripts: kindlepid.py generates Mobi PID from Kindle serial number. You can then add this PID at a Mobipocket vendor site and redownload books with Kindle's PID enabled. It's possible that some vendors will refuse this PID, as it has an asterisk in place of the traditional dollar sign (Fictionwise works fine); kindlefix.py "fixes" a Mobi book so that it can be read on Kindle. It should already include Kindle's PID (which you need to specify too). The script will output the fixed book with .azw extension. * Beautiful Soup 3.1.0.1 o beautifulsoup-3.1.0.1.tar.bz2 + Beautiful Soup is a Python HTML/XML parser designed for quick turnaround projects like screen-scraping. Three features make it powerful: 1) Beautiful Soup won't choke if you give it bad markup. It yields a parse tree that makes approximately as much sense as your original document. This is usually good enough to collect the data you need and run away. 2) Beautiful Soup provides a few simple methods and Pythonic idioms for navigating, searching, and modifying a parse tree: a toolkit for dissecting a document and extracting what you need. You don't have to create a custom parser for each application. 3) Beautiful Soup automatically converts incoming documents to Unicode and outgoing documents to UTF-8. You don't have to think about encodings, unless the document doesn't specify an encoding and Beautiful Soup can't autodetect one. Then you just have to specify the original encoding. Beautiful Soup parses anything you give it, and does the tree traversal stuff for you. You can tell it "Find all the links", or "Find all the links of class externalLink", or "Find all the links whose urls match "foo.com", or "Find the table heading that's got bold text, then give me that text." Valuable data that was once locked up in poorly-designed websites is now within your reach. Projects that would have taken hours take only minutes with Beautiful Soup. * Burp Suite 1.2.01 o burpsuite-1.2.01.tar.bz2 + Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, persistence, authentication, downstream proxies, logging, alerting and extensibility. Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, scan, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Key features unique to Burp Suite include: detailed analysis and rendering of requests and responses; one-click transfer of interesting requests between tools; ability to "passively" spider an application in a non-intrusive manner, with all requests originating from the user's browser; FIPS-compliant statistical analysis of session token randomness; utilities for decoding and comparing application data; support for custom client and server SSL certificates; extensibility via the IBurpExtender interface; centrally configured settings for downstream proxies, web and proxy authentication, and logging; tools can run in a single tabbed window, or be detached in individual windows; and, runs in both Linux and Windows. * ClientForm 0.2.10 o clientform-0.2.10.tar.bz2 + ClientForm is a Python module for handling HTML forms on the client side, useful for parsing HTML forms, filling them in and returning the completed forms to the server. ClientForm was developed from a port of Gisle Aas' Perl module HTML::Form, from the libwww-perl library, but the interface is not the same. * Corkscrew 2.0 o corkscrew-2.0.tar.bz2 + Corkscrew is a tool for tunneling SSH through HTTP proxies. Corkscrew has been compiled on AIX, HPUX, Solaris, FreeBSD, OpenBSD, NetBSD, Linux, Win32 (Cygwin), and Mac OS X. Corkscrew has been tested with the following HTTP proxies: Gauntlet, CacheFlow, JunkBuster, Squid, and Apache's mod_proxy. * Dns2tcp 0.4.3 o dns2tcp-0.4.3.tar.bz2 + Dns2tcp is a network tool designed to relay TCP connections through DNS traffic. Encapsulation is done on the TCP level, thus no specific driver is needed, i.e., TUN/TAP. Dns2tcp client doesn't need to be run with specific privileges. Dns2tcp is composed of two parts: a server-side tool and a client-side tool. The server has a list of resources specified in a configuration file. Each resource is a local or remote service listening for TCP connections. The client listens on a predefined TCP port and relays each incoming connection through DNS to the final service. * Durzosploit N/A o durzosploit.tar.bz2 + Durzosploit is a JavaScript exploit generation framework that works through the console. The goal of this project is to quickly and easily generate working exploits for cross-site scripting vulnerabilities in popular web applications or websites. Durzosploit does not find browser vulnerabilities; it only is an framework containing exploits you can use. * dvd::rip 0.98.10 o dvdrip-0.98.10.tar.bz2 + dvd::rip is a full featured DVD copy program written in Perl. It provides an easy to use but feature-rich Gtk+ GUI to control almost all aspects of the ripping and transcoding process. It uses the widely known video processing swissknife transcode and many other open source tools. dvd::rip itself is licensed under GPL/Perl Artistic License. * eAccelerator 0.9.5.3 o eaccelerator-0.9.5.3.tar.bz2 + eAccelerator is a free open source PHP accelerator, optimizer, and dynamic content cache. It increases the performance of PHP scripts by caching them in their compiled state, so that the overhead of compiling is almost completely eliminated. It also optimizes scripts to speed up their execution. eAccelerator typically reduces server load and increases the speed of your PHP code by 1-10 times. eAccelerator was born in December 2004 as a fork of the Turck MMCache project. Turck MMCache was created by Dmitry Stogov and much of the eAccelerator code is still based on his work. eAccelerator stores compiled PHP scripts in shared memory and executes code directly from it. It creates locks only for a short time, while searching for a compiled PHP script in the cache, so one script can be executed simultaneously by several engines. Files that can't fit in shared memory are cached on disk only. eAccelerator is still under development. The latest release, 0.9.5.3, supports PHP 4 and all PHP 5 releases including 5.2. In older releases, the encoder will only work with PHP versions from the 4.x.x branch. eAccelerator will not work with any other versions of PHP. * Erlang R13B o erlang-r13b.tar.bz2 + Erlang is a programming language designed at the Ericsson Computer Science Laboratory. Open source Erlang is being released to help encourage the spread of Erlang outside Ericsson. * Fast-Track 4.0 o fasttrack-4.tar.bz2 + For those of you new to Fast-Track, Fast-Track is a Python-based open source project aimed at helping penetration testers in an effort to identify, exploit, and further penetrate a network. Fast-Track was originally conceived when David Kennedy was on a penetration test and found that there was generally a lack of tools or automation in certain attacks that were normally extremely advanced and time consuming. In an effort to reproduce some of David's advanced attacks and propagate it down to the team at SecureState, David ended up writing Fast-Track for the public. Many of the issues Fast-Track exploits are due to improper sanitizing of client-side data within web applications, patch management, or lack of hardening techniques. Fast-Track arms the penetration tester with advanced attacks that in most cases have never been performed before. Sit back relax, crank open a can of jolt cola and enjoy the ride. * FreeTDS 0.82 o freetds-0.82.tar.bz2 + FreeTDS is a set of libraries for Unix and Linux that allows your programs to natively talk to Microsoft SQL Server and Sybase databases. Technically speaking, FreeTDS is an open source implementation of the TDS (Tabular Data Stream) protocol used by these databases for their own clients. It supports many different flavors of the protocol and three APIs to access it. Additionally FreeTDS works with other software such as Perl and PHP, providing access from those languages as well. If you are looking for a Java implementation, we refer you to the jTDS project on SourceForge. FreeTDS has many possible uses. It has been used by Unix/Linux webservers to present data stored in SQL Server to the web, to port SQL Server database code from NT to Unix, to import data into SQL Server from a Unix source, and to provide database access on platforms (such as real-time systems) that have no native drivers. The FreeTDS C libraries are available under the terms of the GNU LGPL license; consult the COPYING.LIB file in the distribution for details. * fzem 02.25.2009 o fzem-02.25.2009.tar.bz2 + fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME e-mail headers as well as how clients handle SMTP, POP and IMAP responses. fzem's purpose is to fuzz MUAs as they process e-mail content and handle server reponses. * httptunnel 3.0.5 o httptunnel-3.0.5.tar.bz2 + httptunnel creates a bidirectional virtual data connection tunnelled in HTTP requests. The HTTP requests can be sent via an HTTP proxy if so desired. This can be useful for users behind restrictive firewalls. If WWW access is allowed through a HTTP proxy, it's possible to use httptunnel and, say, telnet or PPP to connect to a computer outside the firewall. * K9Copy 1.2.4 o k9copy-1.2.4.tar.bz2 + K9Copy is a small utility which allows copying DVD's on Linux. Its features include: the video stream is compressed to make the video fit on a 4.7GB recordable DVD; DVD burning; creation of ISO images; choosing which audio and subtitle tracks are copied; title preview (video only); and, the ability to preserve the original menus. * Libnet 1.1.2.1 o libnet-1.1.2.1.tar.bz2 + Libnet is a generic networking API that provides access to several protocols. It is not designed as an all-in-one solution to networking. Currently many features that are common in some network protocols are not available with Libnet, such as streaming via TCP/IP. We feel that Libnet should not provide specific features that are possible in other protocols. If we restrict Libnet to the minimal needed to communicate (datagram/packets), then this allows it to support more interfaces. Libnet supports the following platforms and compilers: Unix (gcc) -- tested with Linux, FreeBSD and OSF/1, DOS (djgpp), and Windows (djgpp+RSXNTDJ, Mingw32, or MSVC). Other platforms should be fairly easy to support, especially if GNU CC and GNU Make will run on them. Libnet supports UDP/IP on Unix, Windows, and, provided the Winsock is not version .0 or greater, in a DOS box under Windows. It supports IPX in DOS, Windows, and Unix, and serial linking in DOS, Windows, Unix, and BeOS. On all platforms there is a "localhost" driver which is a sort of internal loopback device (not for communicating between processes though). * md6sum 2008-11-2 o md6sum-2008-11-2.tar.bz2 + A C implementation of the MD6 hashing algorithm, written by Jayant Krishnamurthy and Ronald Rivest. * Medusa 1.5 o medusa-1.5.tar.bz2 + Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC, and a generic wrapper module. * Nikto 2.03 o nikto-2.03.tar.bz2 + Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 3,500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired). * pexpect 2.3 o pexpect-2.3.tar.bz2 + Pexpect is a Python module for spawning child applications and controlling them automatically. Pexpect can be used for automating interactive applications such as ssh, ftp, passwd, telnet, etc. It can be used to a automate setup scripts for duplicating software package installations on different servers. It can be used for automated software testing. Pexpect is in the spirit of Don Libes' Expect, but Pexpect is pure Python. Other Expect-like modules for Python require TCL and Expect or require C extensions to be compiled. Pexpect does not use C, Expect, or TCL extensions. It should work on any platform that supports the standard Python pty module. The Pexpect interface focuses on ease of use so that simple tasks are easy. * Pine 4.64.1.i386 o pine-4.64-1.i386.tar.bz2 + Pine (a Program for Internet News and E-mail) is a tool for reading, sending, and managing electronic messages. Pine was developed by UW Technology at the University of Washington. Though originally designed for inexperienced email users, Pine has evolved to support many advanced features, and an ever-growing number of configuration and personal-preference options. Pine is available for Unix as well as for personal computers running a Microsoft operating system (PC-Pine). * ppp-pam 0.2 o ppp-pam-0.2.tar.bz2 + A Pluggable Authentication Module (PAM) implementing Gibson Research's Perfect Paper Passwords (PPP). * Psyco 1.6 o psyco-1.6.tar.bz2 + Psyco is a Python extension module which can massively speed up the execution of any Python code. * Quassel 0.4.1 o quassel-0.4.1.tar.bz2 + Quassel IRC is a modern, cross-platform, distributed IRC client, meaning that one (or multiple) client(s) can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such as WeeChat, but graphical. In addition to this uniqe feature, we aim to bring a pleasurable, comfortable chatting experience to all major platforms (including Linux, Windows, and MacOS X, as well as Qtopia-based cell phones and PDAs), making communication with your peers not only convenient, but also ubiquitous available. And the best of all: It's free - as in beer and as in speech, since we distribute Quassel under the GPL, and you are welcome to download and see for yourself! * Shell In A Box 2.7 o shellinabox-2.7.tar.bz2 + Shell In A Box implements a web server that can export arbitrary command line tools to a web-based terminal emulator. This emulator is accessible to any JavaScript and CSS enabled web browser and does not require any additional browser plugins. * Sniffdet 0.9 o sniffdet-0.9.tar.bz2 + Sniffdet is an open source implementation of a set of tests for remote sniffers detection in TCP/IP network environments. It's composed of a flexible and easy to use library and an application to run the tests. It is licensed under the GNU General Public License (GPL). Sniffdet implements various tests for the detection of machines running in promiscuous mode or with a sniffer. Besides other general use functions, libsniffdet provides the following tests: ICMP test; ARP test; DNS test; and, LATENCY test. The application has a flexible interface which allows the customization of every test by using a config file, can test multiple machines at the same execution, has a plugin interface for the reports, and runs as an unprivileged user. * sqlsus 0.2 o sqlsus-0.2.tar.bz2 + sqlsus is an open source MySQL injection and takeover tool, written in Perl. Via a command line interface that mimics a mysql console, you can retrieve the databases structure, inject SQL queries, download files from the web server, upload and control a backdoor, clone the databases, and much more. It is designed to maximize the amount of data gathered per server hit, making the best use (I can think of) of MySQL functions to optimise the available injection space. sqlsus is focused on PHP/MySQL installations, and integrates some neat features - some of them really specific to this DBMS. It is not, however, (and won't ever be) a SQL injection scanner; it starts its job on the next step. * sshpass 1.04 o sshpass-1.04.tar.bz2 + sshpass is a tool for non-interactivly performing password authentication with SSH's so called "interactive keyboard password authentication". Most users should use SSH's more secure public key authentication instead. * tcpsmash 0.3 o tcpsmash-0.3.tar.bz2 + Free and cool CLI network sniffer for Unix-like systems. * txt2regex 0.8 o txt2regex-0.8.tar.bz2 + Txt2regex is a regular expression wizard that converts human sentences to regexes. In a simple interactive console interface, the user answers questions and the program builds the regexes for more than 20 programs, like Vim, Emacs, Perl, PHP, Python, Procmail, and OpenOffice.org. It is a shell script 100% written with Bash built-in commands. No compilation or extra commands are needed: just download and run. * VideoJak 1.00 o videojak-1.00.tar.bz2 + VideoJak is an IP video security assessment tool that can simulate a proof-of-concept denial-of-service against a targeted, user-selected video session and IP video phone. VideoJak is the first of its kind security tool that analyzes video codec standards such as H.264. VideoJak works by first capturing the RTP port used in a video conversation and analyzing the RTP packets, collecting the RTP sequence numbers and timestamp values used between the phones. Then VideoJak creates a custom video payload by changing the sequence numbers and timestamp values used in the original RTP packets between the two phones. After the user selects a targeted phone to attack in an ongoing video session, VideoJak delivers the payload over the learned RTP port against the target. This attack results in severely degraded video and audio quality. VideoJak is designed in consideration of today's UC infrastructure implementations in which quality-of-service requirements dictate the separation of data and VoIP/video into discrete networks or VLANs. Future versions of the tool will support more exciting features. * Vim 7.2 o vim-7.2.tar.bz2 + Vim is an advanced text editor that seeks to provide the power of the de-facto Unix editor vi, with a more complete feature set. It's useful whether you're already using vi or using a different editor. Vim is a highly configurable text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most Unix systems. Vim is often called a programmer's editor, and so useful for programming that many consider it an entire IDE. It's not just for programmers, though. Vim is perfect for all kinds of text editing, from composing e-mail to editing configuration files. Vim isn't an editor designed to hold its users' hands. It is a tool, the use of which must be learned. Vim isn't a word processor. Although it can display text with various forms of highlighting and formatting, it isn't there to provide WYSIWYG editing of typeset documents. (It is great for editing TeX, though.) Vim is charityware. Its license is GPL-compatible, so it's distributed freely, but we ask that if you find it useful you make a donation to help children in Uganda through the ICCF. The full license text can be found in the documentation. * WarVOX 1.0.0 o warvox-1.0.0.tar.bz2 + WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX works with the actual audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders. WarVOX provides the unique ability to classify all telephone lines in a given range, not just those connected to modems, allowing for a comprehensive audit of a telephone system. WarVOX requires no telephony hardware and is massively scalable by leveraging Internet-based VoIP providers. A single instance of WarVOX on a residential broadband connection, with a typical VoIP account, can scan over 1,000 numbers per hour. The speed of WarVOX is limited only by downstream bandwidth and the limitations of the VoIP service. Using two providers with over 40 concurrent lines we have been able to scan entire 10,000 number prefixes within 3 hours. The resulting call audio can be used to extract a list of modems that can be fed into a standard modem-based wardialing application for fingerprinting and banner collection. One of the great things about the WarVOX model is that once the data has been gathered, it is archived and available for re-analysis as new signatures, plugins, and tools are developed. The current release of WarVOX (1.0.0) is able to automatically detect modems, faxes, silence, voice mail boxes, dial tones, and voices. WarVOX is intended for legal security assessment, asset inventory, and research purposes only. Keep in mind that the laws regulating automated dialing can vary by location; it is your responsibility to ensure that your local laws and the laws governing the target telephone range are respected. * WeeChat 0.2.6.1 o weechat-0.2.6.1.tar.bz2 + WeeChat (Wee Enhanced Environment for Chat) is a free IRC client, fast and light, designed for many operating systems. Its main features are: multi-servers connection (with SSL, IPv6, proxy); many GUIs including Curses, wxWidgets, Gtk, and Qt; small, fast, and light; customizable and extensible with plugins and scripts; compliant with RFCs 1459, 2810, 2811, 2812, and 2813; multi-platform (GNU/Linux, *BSD, MacOS X, Windows and other); and, 100% GPL, free software.




AddThis Social Bookmark Widget



Les derniers articles du site "kinqpinz.info" :

- New world
- 8 feeds
- HTTP sploit
- The pasteybin archive
- Rollin' to July
- Re: Google optimizing PHP
- AppSecLive, Bonsai Sec, The Invisible Things, The Open Group RSS
- Phrack #66 added to library
- Re: Astalavista
- Remembering Kitty
- Local buffer overflow exploit reverse shell




S'abonner au fil RSS global de la revue de presse

Menu > Articles de la revue de presse : - l'ensemble [tous | francophone] - par mots clé [tous] - par site [tous] - le tagwall [voir] - Top bi-hebdo de la revue de presse [Voir]



Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail




SecuToolBox :

Mini-Tagwall des articles publiés sur SecuObs :

Mini-Tagwall de l'annuaire video :

Mini-Tagwall des articles de la revue de presse :

Mini-Tagwall des Tweets de la revue Twitter :