Exploits Spy

The newest exploits, code, and pen-testing tools

nebula-0.2.2.tar.gz

May 30th, 2008

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

See the original post here:
nebula-0.2.2.tar.gz

Posted in Exploit | No Comments »

haxssl.tgz

May 29th, 2008

This Ruby code will test a specified Host’s SSL certificate against the Debian-based blacklist of keys (RSA 2048 and DSA 1024) generated during the period where openssl on Debian-based installs …

Originally posted here:
haxssl.tgz

Posted in Exploit | No Comments »

bunny-0.93.tgz

May 23rd, 2008

Bunny the Fuzzer - A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals.

Read more:
bunny-0.93.tgz

Posted in Exploit | No Comments »

ttyrpld-2.51.tar.bz2

May 20th, 2008

ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).

See the original post here:
ttyrpld-2.51.tar.bz2

Posted in Exploit | No Comments »

d3sqlfuzz.py.txt

May 20th, 2008

SQL fuzzing utility written in Python.

See more here:
d3sqlfuzz.py.txt

Posted in Exploit | No Comments »

rtpbreak-1.3a.tgz

May 20th, 2008

rtpBreak detects, reconstructs and analyzes any RTP [rfc1889] session through heuristics over the UDP network traffic. It works well with SIP, H.323, SCCP and any other signaling protocol. In particular, it does not require the presence of RTCP packets (voipong needs them) that are not always transmitted from the recent VoIP clients.

See original here:
rtpbreak-1.3a.tgz

Posted in Exploit | No Comments »

zzuf-0.11.tar.gz

May 20th, 2008

zzuf is a transparent application input fuzzer. It works by intercepting file operations and changing random bits in the program’s input. zzuf’s behavior is deterministic, making it easy to reproduce bugs.

See the rest here:
zzuf-0.11.tar.gz

Posted in Exploit | No Comments »

LockDown-1.0.tar.gz

May 20th, 2008

LockDown is an application that can be run interactively, non-interactively, or really-non-interactively to lock down a server that runs Red Hat, Fedora, CentOS, or similar systems. It sets things like umask and SGID/SUID, creates a simple firewall, and more.

See the rest here:
LockDown-1.0.tar.gz

Posted in Exploit | No Comments »

unhash-1.0.tgz

May 20th, 2008

UnHash is a program that performs a brute force attack against a given hash. The hash can be MD5 or SHA1, and the program will auto-detect which one is given.

Read more here:
unhash-1.0.tgz

Posted in Exploit | No Comments »

Symantec Altiris Client Service Local Privilege Escalation (Exploit)

May 15th, 2008

A local vulnerability in Altiris Client allows attackers to cause the program to escalate the privileges of the attacker launching the below exploit against it.

View original post here:
Symantec Altiris Client Service Local Privilege Escalation (Exploit)

Posted in Exploit | No Comments »

« Previous Entries
  • Tags

    add-to-technorati-favorites advisories advisory blogs buffer-overflow bugs computer-security crack database demo download events Exploit exploits hack hacking how to hack inclusion information security injection internet internet-security-blogs internet security last-20 last-50 linux local-file milw0rm multiple-remote network security patch php print remote reset root search security security-news server tool tools unix vulnerability windows
  • Archives

    • August 2008
    • July 2008
    • June 2008
    • May 2008
    • April 2008
    • March 2008
    • February 2008
    • January 2008
    • December 2007
  • Meta

    • Log in
    • Entries RSS
    • Comments RSS
    • WordPress.org

Exploits Spy is proudly powered by WordPress | Bob 509 Bandwidth Limit Exceeded

Bandwidth Limit Exceeded

The server is temporarily unable to service your request due to the site owner reaching his/her bandwidth limit. Please try again later.