SOLDIERX.COM Nobody Can Stop Information Insemination

A Debian based boot disc with various packages including gpart, partimage, parted and others. GParted supports a variety of filesystems including popular Windows and *nix based filesystems

a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool, that is capable of:
1. Send sequentially (i.e., ALMOST on the same time) the following protocols:
- ICMP: Internet Control Message Protocol
- IGMP: Internet Group Management Protocol
- TCP: Transmission Control Protocol
- UDP: User Datagram Protocol

2. Send an (quite) incredible amount of packets per second, making it a “second to none” tool:
- More than 1,000,000 pps of SYN Flood (+50% of the network’s uplink) in a 1000BASE-T Network (Gigabit Ethernet).
- More than 120,000 pps of SYN Flood (+60% of the network’s uplink) in a 100BASE-TX Network (Fast Ethernet).

3. Perform “Stress Testing” on a variety of network infrastructure, network devices and security solutions in place.

4. Simulate Denial-of-Service attacks, validating the Firewall rules and Intrusion Detection System/Intrusion Prevention System policies.

Cert grabber for DOCSIS modems. Not sure how up to date it is but I know it makes getting certs for modded modems much easier.

This is a variation of FastSnmp, it scans for modems with factory mode enabled and when it finds one it retrieves the serial, the model, the mac, and all the certs it can and saves it to a file.

It retrieves HFC, Downstream and upstream rates, Ethernet and USB macs along with serial and cmFactoryBigRSAPublicKey, cmFactoryBigRSAPrivateKey, cmFactoryCMCertificate, cmFactoryManCertificate, cmFactoryRootCertificate certificates.
This is the compiled for windows version of FastCert, ive included the perl script as well

In the wake of the recent compromise of the ProFTPd distribution
server and the subsequent root-level backdoor that was placed into
the source[0], we are proud to announce a cutting edge source code
scanner that will help you detect backdoors in your code. This code
is free to use for 30 days, after which time you must pay for it.

- ------------- el8 Vuln Scan v.0.1 -------------

#!/bin/bash

###################################################################
#
# Place this script inside the top level directory of your
# source code repo.
#
# Please delete this after 30 days, or purchase a copy from our
# online store.
#
# 50% of all proceeds will go to the victims that have been
# owned by ACIDBITCHES within the past 6 years.
#
###################################################################

# main

export PATH=/bin

grep -r ACIDBITCHES *

- ------------- el8 Vuln Scan v.0.1 -------------

Thank you for helping us to help you make the Internet a safer
place.

[0] http://permalink.gmane.org/gmane.comp.security.ids.snort.emerging-sigs/7965

"The goal of Xplico is extract from an Internet traffic capture the applications data contained.
For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT)."

In a nut shell, it's like Wireshark on crack. Rather than digging through the individual packets and putting them back together this will dissect and parse the individual protocols and traffic back out to human readable. Anyone who has ever reassembled emails like this can vouch for the pita it is.

Anyone who works in a industry where captures live from the wire, or from cap file can see the use and abuse of such a product. You can select specific dissectors for the traffic of interest.

I found a good bit of info on configuring this at the link below.
http://wiki.xplico.org/doku.php/tutorial:0.5.2

I'd highly advise checking out some screen shots at the following link, the interface is very nice. I like the geomap!
http://www.xplico.org/screenshot

HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility.

It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer. HTTrack arranges the original site's relative link-structure. Simply open a page of the "mirrored" website in your browser, and you can browse the site from link to link, as if you were viewing it online. HTTrack can also update an existing mirrored site, and resume interrupted downloads. HTTrack is fully configurable, and has an integrated help system.

WinHTTrack is the Windows 2000/XP/Vista/Seven release of HTTrack, and WebHTTrack the Linux/Unix/BSD release.

Just what is stated. A HUGE dictionary file I found while surfing the interwebs.

Hydra is a tool that can guess/crack valid login/password pairs extremely quickly. It supports a great deal of protocols. Variant exist both for Windows and Unix.

Currently Hydra supports attack against the following services:

TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS,

SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres,

Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA

Installation:

./configure

make

make install

Pre-requisites:

libssh2

libssh2.so may need to be linked from its installed location to /lib so Hydra detects it when trying to crack ssh.

creddump is a python tool to extract various credentials and secrets from Windows registry hives. It currently extracts:

* LM and NT hashes (SYSKEY protected)
* Cached domain passwords
* LSA secrets

It essentially performs all the functions that bkhive/samdump2, cachedump, and lsadump2 do, but in a platform-independent way.

It is also the first tool that does all of these things in an offline way (actually, Cain & Abel does, but is not open source and is only available on Windows).

What this tool does, although numerous online resources are available, is enable you to submit MD5 and other hashes to be cracked. This & other tools also exist that allow submission of hashes to multiple resources simultaneously in the hope you will obtain the requisite match to allow you to log in with the broken password.