Update netsniff-ng v0.5.7 – The packet sniffing beast

netsniff-ng is a high performance Linux network sniffer for packet inspection. It is similar to analyzers like tcpdump, but without the need to perform system calls for fetching network packets. A memory-mapped area within kernelspace will be used for accessing packets, so there is no requirement for copying them to userspace (a ‘zero-copy’ mechanism). For this purpose, netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying, and performing offline analysis of pcap dumps. The project is focused on building a robust, clean, and secure analyzer and utilities that complete netsniff-ng as a support for penetration testing. netsniff-ng can be used for protocol analysis, reverse engineering, and network debugging.

Release Notes V0.5.7: This release fixes a number of bugs, cleans the code, and adds new features, including raw 802.11 support and a new packet configuration language for trafgen.
Platform : Unix/Linux
Download Read more in here

Our post beforehttps://seclist.wordpress.com/2012/03/31/netsniff-ng-v0-5-6-the-packet-sniffing-beast/

UpFTP 2 allows you to share files through FTP with ease

Inspired by the Upload Manager of Linux Mint, UpFTP 2 is a Windows program that allows to upload and share files using an FTP server in just a few clicks.

Download right Here | Read more in here

TraceMAC – Traceroute for MAC addresses

TraceMAC is a command-line tool that allows you to trace a specific MAC address thru Cisco switches.
It works by connecting to a switch using SSH, SNMP, Telnet, HTTP or HTTPS and do some “show commands” and later process the output, this will happen recursively until it finds the switch where that MAC address (PC/Printer/Etc) is directly connected.

Note: In order to work properly the switches must have CDP enabled between trunks links!
Tested with Cisco SW: 2960, 3560, 3750, 4948, 6509, Express 500


  • Supports multiple protocols: SSH, SNMP, Telnet, HTTP, HTTPS
  • Has no limit for the maximum number of hops identified in the path
  • Does not require a source MAC address

Download Right Here
Read more in here

T50 – Experimental Packet Injector Tool

Multi-protocol packet injector tool for *nix systems, actually supporting 15 protocols.

– Flooding
– CIDR support
– TCP Options.
– High performance.
– Can hit about 1.000.000 packets per second.

Download in here
Read more right Here

TeemIp – an IPAM (IP Address Management) solution

TeemIp is an open source IP Adress Management (IPAM) tool that provides comprehensive IP Management capabilities. It allows you to manage your IP space through a simple and powerful user interface: track user requests, allocate IPs, manage your IP plan and your subnet space in accordance with best in class IP Management practices.

TeemIp can be installed as a standalone application (default download) or as an additional module of open source iTop product: http://sourceforge.net/projects/itop


  • IP Registration
  • Subnet Management
  • IP Ranges Management
  • IP Plan Management
  • Change Management
  • User Portal
  • Capacity Planning
  • Proactive Notifications
  • CSV import tool for all data
  • Data synchronization (data federation)

Download in here
Read more right here : http://www.teemip.com/

WinAppDbg Debugger – Windows application debugger engine written in Python

The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.

Download in here |

For Installation, How To Usage, Read more Right Here

pev – the PE analysis toolkit

pev is a multiplatform PE analysis toolkit that includes tools to retrieve and parsing information about Windows PE files.

Features :
– supports PE32 and PE32+ (64-bits) files
– written in pure C, compatible with ISO C99
– implements PE handling functions from scratch, so we don’t need Windows API

core (all pev tools)
– text and csv output, making pev tools highly scriptable

– parse all PE file headers
– show information about PE sections
– show data directories
– list imported functions

– detecs MEW packer onlypacker detection

– disassembly entire functions
– disassembly entire sections
– supports Intel and AT&T syntax

– alert zero sized sections
– alert sections with non-printable characters in name
– alert PE with no sections
– find TLS callbacks functions and fake TLS
– detect fake entrypoint (out of code section)
– detect DOS stub modification

– detect presence of ASLR and DEP/NX bits
– detect SEH capable binary
– detect stack cookies / canary for MVS 2010 (experimental)

rva2ofs and ofs2rva
– converts from RVA to raw file offset and vice-versa

 Download In here | Read more Right Here