JunkieTheSniffer V1.5.0 released

Junkie is a real-time packet sniffer and analyzer. It is modular enough to accomplish many different tasks. It can be a helpful companion to the modern network administrator and analyst. Compared to previously available tools, junkie lies in between tcpdump and wireshark. Unlike tcpdump, its purpose is to parse protocols of any depth; unlike wireshark, though, it is designed to analyze traffic in real-time and so cannot parse traffic as completely as wireshark does. In addition, its design encompasses extendability and speed. It has a plug-in system and high-level extension language that eases the development and combination of new functionalities; threaded packet capture and analysis for handling of high bandwidth networks; and a modular architecture to ease the addition of any protocol layer. It is based on libpcap for portability, and well-tested on professional settings.

 
Release Notes V1.5.0 : Compiled packet filters (much faster than tshark filters, but with a somewhat more complex syntax). This release can forward traffic information to another junkie for easier parallelism.

Download Version:

Windows : Zipball  |  Linux : tarball

Read More in here : https://www.ohloh.net/

Advertisements

SSH Bruteforce [Penetration testing tools]

A small application built to try passwords against sshd

Options currently supported are

Usage: ./brute-ssh.exe [<options>]

-h Print this help and exit
-v Verbose. Repeat for more info
-t <host> host to try
-p <port> port to connect on
-n <num> number of threads to use

Note: usernames / password will be read from stdin
The format for this is username:password

Download Source script : Brute_force.c

Fake sshd – [Penetration testing tools]

This is a fake sshd which can be used to log common login attempts which are typically used by scammers / spammers / script kiddies to attempt to gain access to servers. Here are a few reason why this one is different.

Does not modify OpenSSH. It uses libssh instead.
There is no valid way to login to a shell.
Can be used to tarpit / delay attackers.
Can be used to “steal” the dictionary’s of the attacks.

To get this to work you will need a recent copy of libssh. The one that ships on debian lenny isn’t recent enough. Then compile it using something like this assuming that libssh is installed correctly. Or you will need to add the include dir’s using -I and the lib dir’s using -L

gcc -Wall fake-sshd.c -o fake-ssh -lssh

Options currently supported are

Usage: ./fake-sshd.exe [<options>]

-a <secs> Failed Auth delay
-b <str> Set the banner
-h Print this help and exit
-m <n> Max attempts per connection
-p <port> Port to listen on
-r <file> Path to rsa key
-d <file> Path to dsa key
-s Log to syslog
-t <secs> Timeout
-v Verbose. Repeat for more info
-w <secs> Delay after connection

Download Source Script :  fake-sshd.c

IPCop Firewall

The IPCop Firewall is a Linux firewall distribution. It is geared towards home and SOHO users. The IPCop web-interface is very user-friendly and makes usage easy.

  • Provide a stable Linux Firewall Distribution.
  • Provide a secure Linux Firewall Distribution.
  • Provide an opensourced Linux Firewall Distribution.
  • Provide a highly configurable Linux Firewall Distribution.
  • Provide an easily maintained Linux Firewall Distribution.
  • Provide an easily configured Linux Firewall Distribution.
  • Provide reliable Support to the IPCop Linux user base.
  • Provide an enjoyable environment for the Public to discuss and request assistance.
  • Provide stable, secure, and easy to implement upgrades/patches for IPCop Linux.
  • Develop an appreciation for both the Linux and Opensource movements in our user base.
  • Develop a long lasting relationship with our userbase.
  • Strive to adapt IPCop to meet the needs of the Internet of Tomorrow.
  • Further develop the Linux Knowledge base of all Project Members and Users.
OS platform : Linux & BSD

DownloadLatest installation ISO (63.3 MB)

or read more in here : http://www.ipcop.org/