These tools have been released under the GNU Public License by Immunity. By releasing tools, such as these, we hope to demonstrate our knowledge leadership, and give back to the security community as a whole.
DR RootKit
An IA32 Debug Register based rootkit (last updated: 9/4/2008 SHA1: 2048f537ab3459b21150c2d0b09a042737758d39)
Download Current Tarball
UpPriv 1.0
A Windows utility for letting users run programs as a high privilege if it matches a certain hash.
Download source and binaries
Ply 1.4 C
A modified version of ply version 1.4 (current is 2.2) used internally by MOSDEF.
Download current source tree
Unmidl
A Python utility for recovering typelib data, similar to Matthew Chapman's "muddle" program. Especially useful when a contractor has delivered a server but forgotten to include the interface file.
Download Current Tarball
libdisassemble
A Python library that will disassemble X86.
Download Current Tarball
SPIKE
When you need to analyze a new network protocol for buffer overflows or similar weaknesses, the SPIKE is the tool of choice for professionals. While it requires a strong knowledge of C to use, it produces results second to none in the field. SPIKE is available for the Linux platform only.
Download Current Tarball | Papers on SPIKE | Access SPIKE Mailing List
SPIKE Proxy
Not all web applications are built in the same ways, and hence, many must be analyzed individually. SPIKE Proxy is a professional-grade tool for looking for application-level vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL Injection and cross-site-scripting, but it's completely open Python infrastructure allows advanced users to customize it for web applications that other tools fall apart on. SPIKE Proxy is available for Linux and Windows.
Note: that SPIKE Proxy requires a working install of Python and pyOpenSSL on Linux. This is included in the Windows distribution
Download for Linux | Download for Windows | Access SPIKE Mailing List
Unmask
Unmask was released in 2002 as a demonstration of how to fingerprint users based only on their emails or IRC postings.
Download
MOSDEF
MOSDEF is a next generation exploitation tool. As a pure-Python C compiler, it offers advantages other techniques don't.
Download | Papers | Mailing List
Sharefuzz
The original environment variable fuzzer for Unixes that support loading a shared library. (AUTHOR: Dave Aitel. License: GPL)
Download
No comments:
Post a Comment