This program intends to detect a malicious file in two ways; online and offline. It calculates the md5 hash of a specified file and searches it in its current hash set (offline) or on virustotal site (online) and show the result.
It has http proxy support and update (for hash set) feature.
Note: For http proxy support you have to edit malware_check.py and modify the required fields as shown below. proxy_info =
’user’ : ’username’, # proxy username
’pass’ : (...)
Home > Security Tools
Security Tools
-
Malware Check Tool v1.0 released
7 April 2010, by Tools Tracker Team -
Focus on Zero Wine Tryouts Malware Analyzer Alpha 2 release
3 April 2010, by Tools Tracker TeamZero Wine Tryouts is an open source malware analysis tool. Just upload your suspicious file (e.g. Windows executable file, PDF file) through the web interface and let it analyze.
Changes for 20100325 Version Alpha 2 Update Wine. (1.1.41) Update TrIDDefs.TRD. (3911 file types, 25/03/10) Improvement view/download function. Partial rewrite of the calls.py. Makes the signature more readable. Refactoring some code. Some minor change. Fix dump download problem. (Regression) Some minor fix. (...) -
CUPP Common User Passwords Profiler v3 released
3 April 2010, by Tools Tracker TeamPeople spend a lot of time preparing for effective dictionary attack. Common User Passwords Profiler (CUPP) is made to simplify this attack method that is often used as last resort in penetration testing and forensic crime investigations. A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a (...)
-
(update) Skipfish Active web application scanner v1.29b released
2 April 2010, by Tools Tracker TeamSkipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks.
Key Features: High performance: 500+ requests per second against responsive Internet targets, 2000+ requests per second on LAN / MAN networks, and 7000+ requests against local (...) -
OSSEC v2.4 released
2 April 2010, by Tools Tracker TeamOSSEC is a scalable, multi-platform, open source Host-based Intrusion Detection System (HIDS). It has a powerful correlation and analysis engine, integrating log analysis, file integrity checking, Windows registry monitoring, centralized policy enforcement, rootkit detection, real-time alerting and active respons
The following is the changelog for OSSEC version 2.4.
Changelog: Added more options to filter by user and srcip on reportd. Fixed init script for gentoo that was failing if OSSEC (...) -
Kon-Boot "root a box" on the fly v1.1 in the wild
2 April 2010, by Tools Tracker TeamKon-Boot is an prototype piece of software which allows to change contents of a Linux kernel (and now Windows kernel also!!!) on the fly (while booting). In the current compilation state it allows to log into a linux system as ’root’ user without typing the correct password or to elevate privileges from current user to root.
Our first article on kon-boot
For Windows systems it allows to enter any password protected profile without any knowledge of the password. It was acctually started as (...) -
CMS Explorer v1.0 released - Discover the CMS components behind the site -
2 April 2010, by Tools Tracker TeamCMS Explorer is designed to reveal the the specific modules, plugins, components and themes that various CMS driven web sites are running.
Additionally, CMS Explorer can be used to aid in security testing. While it performs no direct security checks, the "explore" option can be used to reveal hidden/library files which are not typically accessed by web clients but are nonetheless accessible. This is done by retrieving the module’s current source tree and then requesting those file names (...) -
Metasploit 3.3.3-Tokamac Released
1 April 2010, by Tools Tracker TeamThe Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.
The latest release of the Metasploit Cyber Warfare Framework has (...) -
WireShark 1.2.7 released
1 April 2010, by Tools Tracker TeamWireshark is the world’s most popular network protocol analyzer. It has a rich and powerful feature set and runs on most computing platforms including Windows, OS X, Linux, and UNIX. Network professionals, security experts, developers, and educators around the world use it regularly. It is freely available as open source, and is released under the GNU General Public License version 2
Wireshark 1.2.7 (stable) has been released. Installers for Windows, Mac OS X 10.5.5 and above (Intel and (...) -
SAINT® v7.3.2 Released
1 April 2010, by Tools Tracker TeamSAINT is the Security Administrator’s Integrated Network Tool. It is used to non-intrusively detect security vulnerabilities on any remote target, including servers, workstations, networking devices, and other types of nodes. It will also gather information such as operating system types and open ports. The SAINT graphical user interface provides access to SAINT’s data management, scan configuration, scan scheduling, and data analysis capabilities through a web browser. Different aspects of (...)