Search Results for "kernel"

...Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

...No firewall and routing rules to manually mess with. Doesn't leak between reconnects if the network doesn't change. Blocks IPv6 on the client to prevent IPv6 leaks. Works on Linux (kernel >= 3.17), macOS and OpenBSD, as well as DragonFly BSD, FreeBSD and NetBSD in client and point-to-point modes. Adding support for other operating systems is trivial.

Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. mercurial repo: http://hg.code.sf.net/p/tboot/code.

stegfs is a steganographic file system in userspace. It uses the FUSE module which allows it to be incorporated into more than just the Linux Kernel, i.e. it's also known to work in FreeBSD :) For more details visit: https://albinoloverats.net/projects/stegfs

ttyrpld is a multi-OS kernel-level TTY keylogger and screenlogger with (a)synchronous replay support. It runs on Linux, Solaris, FreeBSD, NetBSD and OpenBSD.

GoldBug is a decentralized & secure communication suite that offers an integrated e-mail client, an instant messenger & a file transfer. Also included is an URL-RSS-DB & a p2p web search. Current vers. w/ McEliece Algorithm. GoldBug has been 2013 - 2023 ten years just another Graphical User Interface of the Spot-On Encryption Suite. Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ●...

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is...

...It is a tool for detecting changes in filesystem and reporting it immediately.It uses a simple config file in XML format and is based on inotify, a file change notification system in the Linux kernel.

Seriously entertaining dolphins on echo networks. The official source repository is located at https://github.com/textbrowser/spot-on. Downloads are located at https://github.com/textbrowser/spot-on/releases.

...It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS. >>Based on Ubuntu 12.04.2 LTS (32bit ) user/pass : root/toor >>Kernel version 3.5.0-45 (little modified to make some of unsupported tools to work, but still will able to get Ubuntu updates ) >>2 Desktop environment : Gnome3, Docky Desktop for different test >>Final release >> Around 300 tools for all-round pentest performance User friendly, all important plugins such as video codec, audio plugins added Above all, this is Ubuntu, specially Hackers Ubuntu. ...

.... *** IMPORTANT *** We uploaded the very first experimental implementation of DogoIDS (still alpha), so expect to find bugs. The Documentation is sadly not yet fully done. So far, we did experiments using a IEEE 802.11s network (open80211s kernel 3.10.0-rc4-wl). We are happy to receive comments.

...The ISO/IEC Programming languages — C spec, C11, now includes the bounded APIs in Appendix K, "Bounds-checking interfaces". This latest upload supports building static library, a shared library and a linux kernel module.

This is a C source code scanner based on symbolic logic. It analyses C source code (especially that of the Linux kernel, at which it is aimed) for programming errors and vulnerabilities. The tests are defined by the user.

Kernel drivers and support ports to use "Trusted Platform Modules" on FreeBSD and OpenBSD

Libnids - NIDS E-component, based on Linux kernel. This library provides IP defragmentation, TCP reassembly and port scan detection.

A PHP based auto Local Exploit trigger. It detects kernel version ,gcc and auto pwn it for specific vulnerabilities. A standard proof of concept.This PHP based script, when allows to upload on vulnerable server .

The kernel network stack may behave not as expected, especially in the case of receiving packets. With Ianus it is possible to bypass the kernel network stack and to develop your own network stack in user space or other tools.

The BigFish Firewall is a suite PHP5 scripts for generate iptables scripts extremely customisables and flexibles. Here are some of the standout features of Bigfish Firewall: Kernel Vars adjust: Tunning the linux kernel proc variables to securing your sys

The Saint Jude Project is a Project to develop Kernel-Level IDS mechinisms to protect the integrity of host systems.

Uberviewer is a java/swt log processor for Uberlogger (a kernel-based observatory). It allows real-time analysis of a remote OS, including process and I/O monitoring. This tool is intended to be helpful for security researchers and malware analysts.

Linsec is a shell script firstly designed for slackware linux 10 and now supports most of linux distros. Linsec improves security of Linux systems (kernel parameters, network behaviour, iptables, critical files permissions)

This project aims to pool together as many kernel projects as possible, ironing out conflicts where possible, so that experimental kernel projects can get greater exposure, safely, and so that those projects can be tested under much more varied conditions

PSeudo terminal Intrusion Detection System. The kernel part plugs into terminal processing subsystem and logs hashed terminal lines. The user part reads these, consults a list of allowed entries, and takes appropriate action upon unexpected lines.

The dude is a UNIX debugging package independent of the ptrace() system call; it consists of a kernel module [the_dude.o], a library to interface with the module [libduderino.so], and an ncurses client [ddbg] .

A linux kernel implementation of a distributed protocol to provide pro-active defence against Distributed Denial of Service (DDoS) attacks.