|--- [ Projects ] ---
Ncrack is a high-speed network authentication cracking tool with a
modularized architecture, a dynamic, highly-configurable and
optimized timing engine and a lot of other unique features. I started
developing it from scratch during the Google Summer of Code 2009 for the
Nmap project under the mentorship of Fyodor. I
continued extending and improving it in Google Summer of Code 2010
and in my spare time. The project is under constant development.
Nkiller2 is a major expansion of Nkiller which exploits the TCP Persist Timer
to perform a generic DoS attack, completely statelessly and with almost no
memory overhead, using packet-parsing techniques and virtual states. The analysis
of the exploitation attack was published at
Phrack #66 in the article
Exploiting TCP and the Persist Timer Infiniteness.
Nkiller is a tcp exhaustion/stressing tool that is based on
posted long ago at bugtraq but which still works more or less.
It is actually an improvement of the demonstration tool used
there, since it combines both the exploitation of the
vulnerability inherent in all tcp implementations and the speed
by using reverse syn cookies, an idea first introduced by
Dan Kaminsky's scanrand.
pknf is a loadable kernel module which implements
a port knocking mechanism for linux kernel >= 2.6.25 using
TAP - Tcpdump Analysing Parser is a parser to be used in
conjunction with tcpdump's -X option (which prints the data
of each packet along with all the headers, except for the
link-layer one). It parses tcpdump's output and constructs
a visualization of the headers, according to the RFC defined
appearance. Colorised output is available too. It is a handy
tool when your eye isn't trained enough to be able to quickly
discern which field is which just from the raw hex data.
CC - Covert Client is a simple program which demonstrates
the idea of sending data through a covert chanel - cloaking
the data inside the custom made fields of a TCP/IP packet.
It uses raw sockets to implement the above. Note that by itself
is easily detectable since the data is not encoded. You can
however make some minor changes in the source and get a fairly
robust masking ability.
Creeper is a minimalistic port scanner which implements the syn
stealth mode in a simple way using libpcap and raw sockets.
It has been written mainly for educational purposes and the
code is easy to study since it doesn't get over 600 sloc.
It would be best to read the source along with the paper
Coding a Syn Scanner which
explains everything in detail.