Ruby Exploitation(Rex) Library for Binary Manipulation. This suite of tools
contains ElfScan, MachScan, PEScan, and BinScan. These tools are designed to
help you analyze an executable binary and search for particular instruction
sets. This is particularly useful for things like building ROP chains or SEH
exploits.
Free open-source disk encryption software
Main Features:
* Creates a virtual encrypted disk within a file and mounts it as
a real disk.
* Encrypts an entire partition or storage device such as USB flash
drive or hard drive.
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Parallelization and pipelining allow data to be read and written
as fast as if the drive was not encrypted.
* Provides plausible deniability, in case an adversary forces you
to reveal the password:
Hidden volume (steganography) and hidden operating system.
'tsshbatch' is a tool to enable you to issue a command to many servers
without having to log into each one separately. When writing scripts,
this overcomes the 'ssh' limitation of not being able to specify the
password on the command line.
'tsshbatch' also understands basic 'sudo' syntax and can be used to
access a server, 'sudo' a command, and then exit.
'tsshbatch' thus allows you to write complex, hands-off scripts that
issue commands to many servers without the tedium of manual login and
'sudo' promotion. System administrators, especially, will find this
helpful when working in large server farms.
UMIT is the new nmap frontend, intended to be cross plataform, easy to use, fast
and highly customizable. This project is developed with Python and PyGTK and run
with minimal dependencies.
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
rootkits / LKMs or by another hidden technique. It consists of two
programs: unhide and unhide-tcp.
unhide detects hidden processes through:
* Comparison of /proc vs /bin/ps output.
* Comparison of info gathered from /bin/ps with info gathered from.
* Syscalls (syscall scanning).
* Full PIDs space ocupation (PIDs bruteforcing).
unhide-tcp identifies TCP/UDP ports that are listening but not listed in
/bin/netstat by doing brute forcing of all TCP/UDP ports availables.
Provide a fast way to delete entries from OpenSSH's known_hosts
file. This is a simple automation of the things normally done by
the user when having an "offending key" in his/her known_hosts file
caused by a changing host key of the destination.
Vault is a tool for securely accessing secrets. A secret is anything that you
want to tightly control access to, such as API keys, passwords, certificates,
and more. Vault provides a unified interface to any secret, while providing
tight access control and recording a detailed audit log.
Vinetto extracts the thumbnails and associated metadata from the Thumbs.db
files.
The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails
and metadata of the picture files contained in the directories of its FAT32
or NTFS filesystems.
The thumbnails and associated metadata are stored in Thumbs.db files.
The Thumbs.db files are undocumented OLE structured files.
Once a picture file has been deleted from the filesystem, the related thumbnail
and associated metada remain stored in the Thumbs.db file. So, the data
contained in those Thumbs.db files are an helpful source of information
for the forensics investigator.
This is a utility which locks a terminal so it can only be unlocked with the
user's password (or the root password). It uses PAM authentication by default.
Framework to connect any number of virtual machines to the
tor anonymity network.