| Written by David Reguera García |
| Sunday 12 August 2007 |
| Name |
Description |
| phook |
phook - The PEB Hooker: new versions of the tools of the paper published in phrack 65, the paper talks about a method
for 'hooking' Windows DLLs using PEB and other tools.
Original link:
http://phrack.org/issues.html?issue=65
&id=10#article
|
| Jointrooter |
Routers pen-test tool through TELNET and soon SSH; for this purpose uses dictionaries and a file with different router model prompts, to be able to audit more routers, just new prompts have to be added.
|
LO/LS/
OT_SC +
STDEINSU_GV |
Tool created to exchange and escalate privileges in GNU/Linux, infecting ELF's with writting permissions from other users, also uses the tool LOCATE to obtain file names that wouldn't be able to get them due to directory permissions. Includes desinfector and scripts to work in an comfortable and fast way.
|
| piathook |
IAT Hooker Process- Able to redirect an entry that allready exists in the IAT to a new one implemented inside a DLL. |
| pebtry |
Able to read the PEB structure and show useful information to the user only using ReadProcessMemory to read the fields and/or structures. |
| enyelkm |
Loadable Kernel Module - Rootkit for Linux 2.6. kernels. |
| fr33disasm |
Disassembler for x86, incomplete. |
| getprocaddress |
GetProcAddress made with MASM32 adapted to be used with viral technology. |
| karping |
Infected ARP detector for Linux. |
| pe32analyzer |
Analyzer programmed with ANSI C for Microsoft's PE32. |
|
Last update (Sunday, 12 August 2007) |