Send mail to Michal Ambroz.

Tips & tricks Blog

RPMS Packages for Fedora 16 (Verne)
vmplayer 4.0.0 kernel modules

Sources to the GPLed vmware's vmplayer kernel modules encapsulated in the dkms framework to allow the automatic rebuild of the 3rd party drivers to match the currently running kernel version.

 vmplayer-kmod.spec
 vmplayer-kmod-4.0.0-1.fc16.src.rpm  vmplayer-kmod-4.0.0-1.fc16.noarch.rpm
Fedora Security Spin
FE-SECSPIN bugzilla tracker


 
 
RPMS Packages for Fedora 14 (Laughlin)
john 1.7.6 + jumbo patch 11

John the Ripper is a fast password cracker. This package compiles it with the jumbo11 patch to add many password formats.

 john.spec
 john-1.7.6-jumbo11.3.fc14.src.rpm
burpsuite 1.3.03

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

 burpsuite.spec
 burpsuite.in  burpsuite_v1.3.03.zip
whatweb

Identify content management systems (CMS), blogging platforms, stats/analytic packages, JavaScript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the web-server is set up and what software is delivering the web-page. Some of these hints are obvious, ex. “Powered by XYZ” and others are more subtle. WhatWeb recognizes these hints and reports what it finds.
Review Request 587978 to add whatweb to Fedora.

 whatweb-0.4.5-2.fc13.src.rpm
 whatweb.spec
nmbscan

nmbscan scans the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. It is useful for acquiring information on a local area network for such purposes as security auditing.
Review Request 566405 to add nmbscan to Fedora.

yum -y install nmbscan
scalpel

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is independent on used file-system and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery.
Review Request 581181 to add scalpel to Fedora.

yum -y install scalpel
w3af

The W3AF, is a Web Application Attack and Audit Framework. The W3AF core and it's plug-ins are fully written in python. The project has more than 130 plug-ins, which check for SQL injection, cross site scripting (XSS), local and remote file inclusion and much more.

 w3af.spec
 w3af-1.0-0.1.rc3.fc12.src.rpm
sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

 sqlmap.spec
 sqlmap-0.8-1.fc12.src.rpm  sqlmap-0.8-1.fc12.noarch.rpm
dnsenum

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently gathers A, NS, MX records, performs axfr queries, gets extra names and subdomains via google scraping, bruteforces subdomains from file, calculate C class domain network ranges and perform whois queries on them, perform reverse lookups on netranges, writes to domain_ips.txt file ip-blocks.

 dnsenum-1.2-1.fc12.src.rpm
 dnsenum.spec
dnsmap

Dnsmap is a small C based tool that performs brute force search/query of domains. The tool can use an internal wordlist, or work with an external dictionary file.
Request 566403 from Nikolay Ulyanitsky to include dnsmap to Fedora.

Obsolete
 dnsmap-0.24-1.fc12.src.rpm
 dnsmap.spec
burpsuite

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

 burpsuite.spec
 burpsuite.in  burpsuite_v1.3.zip
ntlmaps

NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

 
 
Fedora Security Spin
FE-SECSPIN bugzilla tracker


 
 
RPMS Packages for Fedora 13 (Goddard)
whatweb

Identify content management systems (CMS), blogging platforms, stats/analytic packages, JavaScript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the web-server is set up and what software is delivering the web-page. Some of these hints are obvious, ex. “Powered by XYZ” and others are more subtle. WhatWeb recognizes these hints and reports what it finds.
Review Request 587978 to add whatweb to Fedora.

 whatweb-0.4.5-2.fc13.src.rpm
 whatweb.spec
nmbscan

nmbscan scans the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. It is useful for acquiring information on a local area network for such purposes as security auditing.
Review Request 566405 to add nmbscan to Fedora.

yum -y install nmbscan
scalpel

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is independent on used file-system and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery.
Review Request 581181 to add scalpel to Fedora.

yum -y install scalpel
w3af

The W3AF, is a Web Application Attack and Audit Framework. The W3AF core and it's plug-ins are fully written in python. The project has more than 130 plug-ins, which check for SQL injection, cross site scripting (XSS), local and remote file inclusion and much more.

 w3af.spec
 w3af-1.0-0.1.rc3.fc12.src.rpm
sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

 sqlmap.spec
 sqlmap-0.8-1.fc12.src.rpm  sqlmap-0.8-1.fc12.noarch.rpm
dnsenum

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently gathers A, NS, MX records, performs axfr queries, gets extra names and subdomains via google scraping, bruteforces subdomains from file, calculate C class domain network ranges and perform whois queries on them, perform reverse lookups on netranges, writes to domain_ips.txt file ip-blocks.

 dnsenum-1.2-1.fc12.src.rpm
 dnsenum.spec
dnsmap

Dnsmap is a small C based tool that performs brute force search/query of domains. The tool can use an internal wordlist, or work with an external dictionary file.
Request 566403 from Nikolay Ulyanitsky to include dnsmap to Fedora.

Obsolete
 dnsmap-0.24-1.fc12.src.rpm
 dnsmap.spec
burpsuite

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

 burpsuite.spec
 burpsuite.in  burpsuite_v1.3.zip
ntlmaps

NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

 
 
Fedora Security Spin
FE-SECSPIN bugzilla tracker


 
 
RPMS Packages for Fedora 12 (Constantine)
sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

 sqlmap.spec
 sqlmap-0.8-1.fc12.src.rpm  sqlmap-0.8-1.fc12.noarch.rpm
openvas

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

Request 562467 closed in bugzilla to add openvas-libraries 3.0 to Fedora.
Request 562469 closed in bugzilla to add openvas-scanner 3.0 to Fedora.
Request 562470 closed in bugzilla to add openvas-client 3.0 to Fedora.

yum -y install openvas-libraries
yum -y install openvas-scanner
yum -y install openvas-client
skipfish

A fully automated, active web application security reconnaissance tool. Key features:
* High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets
* Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
* Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.
Request 576431 in bugzilla to add skipfish to Fedora.

yum -y install skipfish
dcfldd

dcfldd is an enhanced version of GNU dd with features useful for forensics and security.
Request 583251 to add dcfldd to Fedora repository.

yum -y install dcfldd
amap

THC Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.
Request 1035 in bugzilla to add package to the RPMFusion.

yum -y install amap --enablerepo=rpmfusion-nonfree-updates
nikto

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Request 575605 to update nikto package to new version.

yum -y install nikto --enablerepo=updates-testing
sslscan

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes preferred ciphers of the SSL service, the certificate and is in Text and XML formats.
Request 556161 in bugzilla to add package to the Fedora.

yum -y install sslscan
metagoofil

Metagoofil is an information gathering tool designed for extracting meta-data of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
Request 575504 in bugzilla to add package to the Fedora.

yum -y install metagoofil
dnsenum

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently gathers A, NS, MX records, performs axfr queries, gets extra names and subdomains via google scraping, bruteforces subdomains from file, calculate C class domain network ranges and perform whois queries on them, perform reverse lookups on netranges, writes to domain_ips.txt file ip-blocks.

 dnsenum-1.2-1.fc12.src.rpm
 dnsenum.spec
dnsmap

Dnsmap is a small C based tool that performs brute force search/query of domains. The tool can use an internal wordlist, or work with an external dictionary file.
Request 566403 from Nikolay Ulyanitsky to include dnsmap to Fedora.

Obsolete
 dnsmap-0.24-1.fc12.src.rpm
 dnsmap.spec
burpsuite

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

 burpsuite.spec
 burpsuite.in  burpsuite_v1.3.zip
ntlmaps

NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

 
 
Fedora Security Spin
FE-SECSPIN bugzilla tracker


 
 
RPMS Packages for Fedora Core 8 (Werewolf)
nVidia binary drivers for Fedora Core 8

You can get great rpm package with nvidia binary drivers for Fedora Core 8 on www.freshrpms.net. These drivers work with dkms - means it will rebuild automatically for you with each update of kernel.

www.freshrpms.net
Subplay

This is not a real player - it is just a wrapper to play movies with subtitles. It finds files which are named with the same name, but different extension as a .avi file and runs your favourite media player with subtitles. One of the main features is aimed on Central European users - it can automaticaly detect windows-1250 encoding and transform it to your encoding using the iconv. Subplay associates in GNOME to most common movie extensions. It's last feature is that is switches to-and-back to some video mode when playing movie. Please send me feedback if you are using this script.

15kB subplay-0.0.8-1.i386.rpm
15kB subplay-0.0.8-1.src.rpm 15kB subplay-0.0.8.tgz
Crack-Attack

This is a Tetris Attack like game. When you put three cubes with the same colour aline, they will disapear. If it sounds to you bit boring and in lack of action you are wrong. It is really worth of trying. I bet your girlfriend will love this game (at least my does :). Binary rpms for crack-atack are now available in Fedora even with the sound patch which makes it more fun to play-

crack-attack screenshot Author: Daniel Nelson
Homepage: http://aluminumangel.org/attack/

8MB yum install crack-attack
PowerManga
Powermanga is an arcade 2D shoot-em-up game with 41 levels and more than 200 sprites.It runs in 320x200 or 640x400 pixels. Powermanga is now also available in Fedora.
powermanga screenshot Author: TLK Games
Homepage: http://www.tlk.fr
7MB yum install powermanga
no-ip.com dynamic DNS updater

This is small utility to update dynamic DNS at no-ip.com. This is valuable tool especially if you would like to drive ftp, mail or webserver, but your ISP gives you only dynamic IP adress via DHCP.

It can be run once during boot or as a daemon periodically monitoring your IP on external interface and updating the DNS.

Author: johna@onevista.com
Homepage: http://www.no-ip.com/downloads.php
71kB noip-2.0.12-2reb.src.rpm
Epos
Epos is a language independent rule-driven Text-to-Speech (TTS) system primarily designed to serve as a research tool. Epos is (or tries to be) independent of the language processed, linguistic description method, and computing environment.
To start epos daemon automatically run as root "chkconfig --level 345 epos".
Example: echo "Ahoj kámo!"|iconv -f utf8 -t latin2 | say - -o| play -t .wav -
Author: Jirka Hanika
Homepage: http://epos.ure.cas.cz/
831kB epos-2.5.21-1reb.src.rpm
Dictd
Dictionary client/server application. Package (in contrary to RedHat 9 package) includes both client and server for dict protocol. Program for creating dictionary database (dictfmt) is included too.
Author: Rickard E. Faith
Homepage: http://www.dict.org/
669kB dictd-1.9.7-1reb.src.rpm
GNU/FDL English-Czech dictionary for dictd
English-Czech dictionary generated from free dictionary at http://slovnik.zcu.cz/. It can be used together with dictd dictionary server from http://www.dict.org/
Author: Milan Svoboda
Homepage: http://slovnik.zcu.cz/
1.6MB dict-eng-cze-2003.12.22-1reb.src.rpm
Sherman's Aquarium
This is a wm(Window maker) applet, Gnome applet(both verison 1 and 2) and a XscreenSaver "hack" that gives you an aquarium with some randomly selected fishes that lives there. Well, to tell you the truth, you can get some other strange sea animails in your aquarium too. Some other features this program gives you, except for the part that it gives you an aquarium with fishes that takes care of itself, no feed, no cleaning and so on, is that the temperature scale on the right side shows the CPU load. It can also be configurated to display the time and show the status of numlock, capslock and scrollock. shermans screenshot
Author: Jonas Aaberg , Timecop
Homepage: http://aquariumapplet.sourceforge.net/
212kB shermans_aquarium-2.2.0-2reb.src.rpm
Airstrike
Mini-Airplane shooting game for two players at a same keyboard.
airstrike screenshot Author: Ulf Ekström
Homepage: http://icculus.org/airstrike
2MB airstrike-pre6a-2reb.src.rpm
Links
Links Fedora packaging
FedoraProject - New Package - Join
New Package - for existing contributors
Using Git
Package Database
Bodhi - Updates
Bugzilla
Links to other Fedora (RedHat) packages
Fedora http://download.fedoraproject.org
FreshRPMS http://www.freshrpms.net
Livna RPMS http://rpm.livna.org/fedora/
AtRPMS http://atrpms.physik.fu-berlin.de
NewRPMS http://newrpms.sunsite.dk/
Dag Wieers RPMS http://dag.wieers.com/home-made/apt/
Planet CCRMA http://ccrma.stanford.edu/planetccrma/software/
Thanks Grzegorz Paszka for mirroring and indexing packages on pbone.net. http://www.pbone.net
Thanks Hugo van der Kooij for mirroring packages of nvidia drivers. http://hvdkooij.xs4all.nl/software.rpm.en.cms
WebZdarma.cz

Viewed  11937 times.

Today is  28th Nov 2014.