I finally updated my TCP/IP options fuzzer 'fuzzball2'. I was quite embarassed when I had to realize that the checksums for many of the packets were bad in older versions. The new release fixes all of these. Happy fuzzing!
It took me way too long, but finally I have a new release of my portscanner Poison. Here's the changelog from 1.5.3:
-- Added code to automatically save every single scan into ~.poison/poison-scans.csv
- Open ports won't be reported twice when banner grabbing is enabled
- Http banner only collects useful information
- Http banner grabbing now speaks HTTP/1.1 instead of HTTP/1.0
- Added portmapper support for banner grabbing. Now shows which services a portmapper offers
- Made OS fingerprinting a flag. Removes a lot of clutter from the output if disabled (-o)
- Added daemon mode (-d)
- Improved telnet banner grabbing
- Updated the random IP exclude list (random.c)
- Added country (top level domain) display to the scans
- Removed option -I
- Removed option -t
- Added flag to allow logging to a remote host (-z)
- Improved OS fingerprint handling
Even the most well-encrypted harddrive with the best chosen password may fall for a very simple, very low-tech attack employing a hardware keylogger. This paper shows a potential way to defend against these devices.
Find the paper in the respective section or download it here.
Description: Creates pcaps showing input files being downloaded from the web.
This handy utility takes any sort of input file and creates a pcap showing this file being downloaded from a remote web server. The pcap is a full tcp stream from syn to fin and all the sequence numbers and checksums and all that are correct.