Honeysnap is designed to be a command-line tool for parsing single or multiple pcap data files and producing a ‘first-cut’ analysis report that identifies significant events within the processed data. This presents security analysts with a pre-prepared menu of high value network activity, aimed at focusing manual forensic analysis and saving significant incident investigation time. [...]

It’s been a while since the last update of Technitium back in June 2008, the latest release is v5 R2 with support for Windows 7 RC.
Technitium MAC Address Changer allows you to change Media Access Control (MAC) Address of your Network Interface Card (NIC) irrespective to your NIC manufacturer or its driver. It has a [...]

The Interceptor is a wireless wired network tap. Basically, a network tap is a way to listen in to network traffic as it flows past. Most tools are designed to pass a copy of the traffic onto a specified wired interface which is then plugged into a machine to allow a user to monitor the [...]

This is an interesting development in router security, Cisco bugs have been popping up now and then – not that often – but usually when they do they are quite serious.
The problem with them was you needed so many variations unless you were just targeting one specific router, with that specific version of IOS and [...]

You might remember the Sony BMG Rootkit fiasco back in 2006 when the whole Internet was up in arms about Sony installing a rootkit in the name of Digital Restriction Rights Management.
Another piece of malware has been uncovered that has been linked to Sony and their Fingerprint reader.

Researchers have unearthed rootkit-like functionality in an enterprise [...]

ike-scan is a command-line tool for discovering, fingerprinting and testing IPsec VPN systems. It constructs and sends IKE Phase-1 packets to the specified hosts, and displays any responses that are received.

ike-scan allows you to:

Send IKE packets to any number of destination hosts, using a configurable output bandwidth or packet rate. (This is useful for VPN [...]

This tool has been around for a LONG time in some form or another, some of you old-skool guys may remember a package called SATAN, this was the best semi-automatic security analysis tool around back then. From SATAN and it’s development came SARA, which is now in it’s 3rd generation.

Advanced Research’s philosophy relies heavily on [...]

This is another oldskool tool, but still relevant! TCP and UDP still work in the same way and firewalls/edge devices are still often configured wrongly.
Firewalk is an active reconnaissance network security tool that attempts to determine what layer 4 protocols a given IP forwarding device will pass. Firewalk works by sending out TCP or [...]

Another one from the old school, this tool has been around forever since way before wardriving was fashionable and when people still used pringles cans for antenna boosting.
It’s a favourite amongst Windows users, although it can’t do any real hacking (like breaking a WEP key) – it’s extremely fast and effecient in the detection of [...]

This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each.
Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread.

Changes for v1.3

Wrote in-a-bind shell script that [...]