Snaked Net Check – Version 1.0.7.0 released

Snaked Net Check is windows 7 application that has as a main purpose to check your internet connectivity and repair your internet connection in case it fails. You can use it on any case it is important for your personal computer to remain connected at all times without requiring your attention


Features :

  •     Automatic or manual check and repair of Windows 7 internet connectivity issues.
  •     Automatic log of actions, connectivity failures and repairing attempts.
  •     Silent State – Use the “Snaked Net Check” application just from the system tray.
  •     Use in Monitoring Mode in order to simply monitor your server’s online presence.

Download right here : http://sourceforge.net/projects/snakednetcheck/files/
Read more in here : http://snaked-bytes.blogspot.com/2012/04/snaked-net-check-get-rid-of.html

Advertisements

update OPHCRACK 3.4.0 (Time-Memory-Trade-Off-Crack)

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.


Features :

  •     Cracks LM and NTLM Windows hashes
  •     Free tables available for Windows XP, Vista and 7
  •     Brute-force module for simple passwords
  •     Audit mode and CSV export
  •     Real-time graphs to analyze the passwords
  •     LiveCD available to simplify the cracking
  •     Loads hashes from encrypted SAM recovered from a Windows partition

Download Latest Version :
Windows :  ophcrack-win32-installer-3.4.0.exe (5.9 MB)
Unix/Linux :  ophcrack-3.4.0.tar.bz2 (279.8 kB)
For Installation And Other Version Please read here :
http://sourceforge.net/projects/ophcrack/files/ophcrack/3.4.0/

Update FakeNet V-0.91

FakeNet is a tool that aids in the dynamic analysis of malicious software. The tool simulates a network so that malware interacting with a remote host continues to run allowing the analyst to observe the malware’s network activity from within a safe environment. The goal of the project is to:

  • Be easy to install and use; the tool runs on Windows and requires no 3rd party libraries
  • Support the most common protocols used by malware
  • Perform all activity on the local machine to avoid the need for a second virtual machine
  • Provide python extensions for adding new or custom protocols
  • Keep the malware running so that you can observe as much of its functionality as possible
  • Have a flexible configuration, but no required configuration

The tool is in its infancy of development. We started working on the tool in January 2012 and we intend to maintain the tool and add new and useful features. If you find a bug or have a cool feature you think would improve the tool please contact us.

Features :

  • Supports DNS, HTTP, and SSL
  • HTTP server always serves a file and tries to serve a meaningful file; if the malware request a .jpg then a properly formatted .jpg is served, etc. The files being served are user configurable.
  • Ability to redirect all traffic to the localhost, including traffic destined for a hard-coded IP address.
  • Python extensions, including a sample extension that implements SMTP and SMTP over SSL.
  • Built in ability to create a capture file (.pcap) for packets on localhost.
  • Dummy listener that will listen for traffic on any port, auto-detect and decrypt SSL traffic and display the content to the console.

Download Recent Released : FakeNet0.91.zip (8.0 MB)
Find other version |
Read more in here : http://practicalmalwareanalysis.com/

firefox-cache-forensics : Tools for forensic analysis of Firefox Cache

The goal of this project is to publish tools and discussion about forensic recovery of the firefox cache in order to contribute to the forensic community.

Although there are free tools to browse and recover Firefox cache out there, they (almost) all seem to be Windows-based GUI tools. Nothing against GUIs, but I needed source code in order to write a forensic timeline module for Kristinn Gudjonsson’s log2timeline utility (http://log2timeline.net/). I found there to be few sources of reliable information about the Firefox cache (other than the source code – but I was hoping for a cheat sheet). So I dug around and found a few sources, plus read Firefox code, until I understood how things work and could code against them.

I plan to publish tools and papers in this space to bring the Firefox cache structure into better public understanding and make tools available for re-use.
Documentation

Pages I’ve written to describe the Firefox cache and forensics issues to do with it.

Reading and Extracting the Firefox Cache – A general description of how to read and extract data from the Firefox Cache.

Firefox Cache Format – Detailed description of the Firefox cache format and structure.

Forensic Findings – Research results and forensic implications for the way Firefox handles its cache.
Tools

Currently this list is short:

ff_cache_find.pl – started as a proof-of-concept tool and morphed into something functional. Searches, displays and extracts Firefox cache entries and metadata from the command line.

ff_cache.pm – log2timeline module to integrate Firefox cache dates into the “super timeline” forensic tool.

Download right here : http://code.google.com/p/firefox-cache-forensics/downloads/list

swet (sustained workload & efficiency test)

swet (sustained workload & efficiency test) is a portable benchmark for POSIX and BSD operating systems with multi-thread and multi-process capabilities and flexible, powerful report options.


Features  :

  • Uniform performance/efficiency unit across platforms
  • multi-process (daemon) capability
  • multi-thread capability
  • nanosecond / microsecond precision option
  • flexible detail selection
  • floating-point tests
  • integer tests
  • math / logic / bitwise / branch tests
  • 8-, 16-, 32-, 64-, and 128-bit tests
  • flexible test class selection
  • test sets definable by list and/or range
  • test sets may be read from file or as command-line argument
  • flexible output formatting – CSV / HTML / Framed-Table

Recent Release Notes 1.4.57 Stable 24 Apr 2012 : This release includes intereg-64 bits, and floating-point-64 and -128 bits basic arithmetic tests.

Download Latest version : http://sourceforge.net/projects/swet/files/
Read more in here : http://swet.sourceforge.net/

MailWatch for MailScanner V1.2.0 – Beta3 released

MailScanner is an e-mail security and anti-spam package for e-mail gateway systems. It is not designed to be run on Microsoft Windows desktop PCs. Instead, it is designed to be run on mail servers operated by companies and internet service providers (ISPs) so that all their users and customers can be protected from one place. This avoids the need for any software to be installed on individual desktop PCs at all.

The software works with any Unix-based system and is compatible with a wide range of mail transports. It comes with support for any combination of 25 different virus scanner packages, including the free ClamAV scanner, and its design allows the use of multiple virus scanners in parallel to increase the level of security.

Protection against spam is mostly based on the widely acclaimed SpamAssassin package, which again is free and open source. It is supplemented with fast blacklist lookups that can be used to reject a large proportion of messages with minimal overhead.

Protection against malware is provided by a very wide selection of checks and tests, ranging from simple filename rules to content-based file type detection. It also incorporates one of the most sophisticated phishing detectors available anywhere. Many other checks and tests can also be run against messages, far too many to list here.

MailScanner is highly configurable using a very easy-to-use system of rulesets. Virtually every configuration option can, for example, be controlled on a per-user, per-domain or per-IP basis.

MailScanner is extremely easy to integrate into your existing mail transport system, requiring no modification of existing sendmail configurations. Other MTAs require only minor modifications to configuration files, and these are all well documented both online and in the MailScanner book, available direct from the MailScanner web site.

MailScanner is completely free of charge, requiring no licence, installation or subscription fees. Free assistance is provided through mailing lists and instant support is available through a dedicated IRC channel, which is monitored 24 hours per day. A range of companies also provide commercial tailor-made support contracts. It is currently used by a very large selection of organisations around the world, from small companies and ISPs to the US Government and Military.

Changelog 1.2.0 – Beta3

:: Fix for XSS issue

Download Latest version : mailwatch-1.2.0-beta-3.tar.gz (4.3 MB)
Find other Version |
Read more in here : http://www.mailscanner.info/

Port Scan Attack Detector V2.2

The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults), verbose alert messages, email alerting, DShield reporting, and automatic blocking of offending IP addresses. Psad incorporates many of the packet signatures included in Snort to detect various kinds of suspicious scans, and implements the same passive OS fingerprinting algorithm used by p0f.

 
Release Notes Version 2.2: This release adds detection of IPv6 attacks and malicious traffic by parsing ip6tables logs, validation of ICMP6 type/code combinations, a new comprehensive test suite in the test/ directory, a 15% speedup over previous psad releases, a bugfix for the &LOG_DAEMON() error noticed by a few users, and a bugfix for the “qw() used as parentheses” warning for recent versions of Perl

Download Right Here :  http://www.cipherdyne.org/psad/download/
Read more in here : http://www.cipherdyne.org/