OpenBSD, FreeBSD, Solaris, and/or other Unix variants


A secure way to access remote computers
SSH (Secure Shell) is the now ubiquitous program for logging into or executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network, replacing the hideously insecure telnet/rlogin/rsh alternatives.


Libwhisker is a Perl module geared specificly for HTTP testing.
Libwhisker has a few design principles:

- Portable: runs with 0 changes on Unix, Windows, etc (100% Perl)
- Flexible: designed with a 'no rules' approach
- Contained: designed to not require external modules when possible
- Localized: does not require installation to use


NSAT is a robust scanner which is designed for:

* Different kinds of wide-ranging scans, keeping stable for days
* Scanning on multi-user boxes (local stealth and non-priority scanning options)
* Professional-grade penetration testing and comprehensive auditing
* Easy full-scale archiving of vulnerability and version information for further purposes
* Time-less configuration - as a banner scanner for many known services and protocols
* Virtual host support, host/network exclusion support
* Flexibility and configurable scanning
* Distributed scanning (new feature; beta status)

Works on:
All BSD Platforms (FreeBSD/NetBSD/OpenBSD/Apple Mac OS X),
All POSIX (Linux/BSD/UNIX-like OSes),
Linux, Solaris


Tiger is a security tool that can be use both as a security audit and intrusion detection system. It supports multiple UNIX platforms and it is free and provided under a GPL license. Unlike other tools, Tiger needs only of POSIX tools and is written entirely in shell language.

Tiger has some interesting features that merit its resurrection, including a modular design that is easy to expand, and its double edge, it can be used as an audit tool and a host intrusion detection system tool. Free Software intrusion detection is currently going many ways, from network IDS (with Snort), to the kernel (LIDS, or SNARE for Linux and Systrace for OpenBSD, for example), not mentioning file integrity checkers (many of these: aide, integrit samhain, tripwire...) and logcheckers (even more of these, check the Log Analysis pages). But few of them focus on the host-side of intrusion detection fully. Tiger complements this tools and also provides a framework in which all of them can work together. Tiger it is not a logchecker, nor it focused in integrity analysis. It does "the other stuff", it checks the system configuration and status. Read the manpage for a full description of checks implemented in Tiger. A good example of what Tiger can do is, for example, check_findelete, a module that can determine which network servers running in a system are using deleted files (because libraries were patched during an upgrade but the server's services not restarted).

Free software Linux/*BSD distributions have a myriad of security tools to do local security checks: Debian's checksecurity, Mandrake's msec, OpenBSD's /etc/security, SUSE's Seccheck... but, even if they do similar checks they have suffered from fragmentation. Tiger is being developed in the hopes that it could substitute them at some point in the future. For a list of system security checks that Tiger provides that others do not you can read this (short) comparison.

Find more information in the project page at Savannah.

YAPH - Yet Another Proxy Hunter

YAPH is a proxy hunter for the Unix platform. It allows to find public access proxy servers on the Internet and to validate proxy lists. YAPH reveals SOCK4, SOCKS5, and HTTP (CONNECT method) proxies. HTTP proxies are tested for CONNECT method only, since only this method provides ability to tunnel TCP through HTTP proxy. YAPH utilizes the power of Nmap, a network mapper written by Fyodor. Nmap provides to YAPH the capability to find new undiscovered public proxy servers on the Internet.


CmosPwd decrypts password stored in cmos used to access BIOS SETUP. With CmosPwd, you can also backup, restore and erase/kill cmos.

Works with the following BIOSes:
* AMI WinBIOS 2.5
* Award 4.5x/4.6x/6.0
* Compaq (1992)
* Compaq (New version)
* IBM (PS/2, Activa, Thinkpad)
* Packard Bell
* Phoenix 1.00.09.AC0 (1994), a486 1.03, 1.04, 1.10 A03, 4.05 rev 1.02.943, 4.06 rev 1.13.1107
* Phoenix 4 release 6 (User)
* Gateway Solo - Phoenix 4.0 release 6
* Toshiba
* Zenith AMI


While not directly related to hacking in any fasion, this is just a cool utility, anyone and everyone should make use of.


Par2 makes parity files for various archives, primary used on newsgroups, par/par2 can greatly increase redundancy on compressed archives.

This app has many uses, some not so obvious. Particularly, when I make optical media backups I prefer to compress them, password protect, par2 the file, then burn. This has a few advantages as cd's and dvd's are prone to scratches, the par files can recover a bad rar, while still maintaining your password over the archive. This adds security and redundancy to the backup.

Olive - JUNOS on PC

Excerpt from site:

"The most common use of the Olive platform is for creative and UNIX-competent hackers to learn the JUNOS CLI on a low-cost platform. It is capable of forwarding a small amount of traffic, but does not support many of the features found on real Juniper routers. Essentially the forwarding on an Olive is the same as routing traffic via your fxp0 or em0 management interface on a real Routing Engine."

While not a Juniper FW, the above pretty much sums it up, there are some prebuilt VM's existing for folks interested in JUNOS CLI without additional hardware somewhere on the internet Wink

There is no support. Juniper says it doesn't exist. See page for more info.

--Said all OS's since you can vm it.

Gerix Wifi Cracker NG

Gerix Wifi Cracker NG is a pretty nice GUI for the Aircrack Suite.

#-- There is litterally a Grandma holding a pistol grip cantenna cracking wifi on thier main page!.

Site Exceprt:

0×01 - Introduction

Here we are to present the new version of Gerix Wifi Cracker NG (New Generation), a really complete GUI for Aircrack-NG which includes useful extras.
Completely re-written in Python + QT, automates all the different techniques to attack Access Points and Wireless Routers (but not only ..)
Who has never wanted to say something like: “This software is so simple to use, that even my grandmother can use it for cracking wireless networks!”… So, we have really tried this test.


Driftnet: One of the funnest ways to watch your userland web traffic with no text!

Excerpt from the page:

"Inspired by EtherPEG [...], Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.

In an experimental enhancement, driftnet now picks out MPEG audio streams from network traffic and tries to play them. You can also now use driftnet with Jamie Zawinski's webcollage, so that it can run as a screen saver."

Syndicate content