Sources to the GPLed vmware's vmplayer kernel modules encapsulated in the dkms framework to allow the automatic rebuild of the 3rd party drivers to match the currently running kernel version.

John the Ripper is a fast password cracker. This package compiles it with the jumbo11 patch to add many password formats.

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

Identify content management systems (CMS), blogging platforms, stats/analytic packages, JavaScript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the web-server is set up and what software is delivering the web-page. Some of these hints are obvious, ex. “Powered by XYZ” and others are more subtle. WhatWeb recognizes these hints and reports what it finds.
Review Request 587978 to add whatweb to Fedora.

nmbscan scans the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. It is useful for acquiring information on a local area network for such purposes as security auditing.
Review Request 566405 to add nmbscan to Fedora.

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is independent on used file-system and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery.
Review Request 581181 to add scalpel to Fedora.

The W3AF, is a Web Application Attack and Audit Framework. The W3AF core and it's plug-ins are fully written in python. The project has more than 130 plug-ins, which check for SQL injection, cross site scripting (XSS), local and remote file inclusion and much more.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently gathers A, NS, MX records, performs axfr queries, gets extra names and subdomains via google scraping, bruteforces subdomains from file, calculate C class domain network ranges and perform whois queries on them, perform reverse lookups on netranges, writes to domain_ips.txt file ip-blocks.

Dnsmap is a small C based tool that performs brute force search/query of domains. The tool can use an internal wordlist, or work with an external dictionary file.
Request 566403 from Nikolay Ulyanitsky to include dnsmap to Fedora.

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

Identify content management systems (CMS), blogging platforms, stats/analytic packages, JavaScript libraries, servers and more. When you visit a website in your browser the transaction includes many unseen hints about how the web-server is set up and what software is delivering the web-page. Some of these hints are obvious, ex. “Powered by XYZ” and others are more subtle. WhatWeb recognizes these hints and reports what it finds.
Review Request 587978 to add whatweb to Fedora.

nmbscan scans the shares of a SMB/NetBIOS network, using the NMB/SMB/NetBIOS protocols. It is useful for acquiring information on a local area network for such purposes as security auditing.
Review Request 566405 to add nmbscan to Fedora.

Scalpel is a fast file carver that reads a database of header and footer definitions and extracts matching files from a set of image files or raw device files. Scalpel is independent on used file-system and will carve files from FATx, NTFS, ext2/3, or raw partitions. It is useful for both digital forensics investigation and file recovery.
Review Request 581181 to add scalpel to Fedora.

The W3AF, is a Web Application Attack and Audit Framework. The W3AF core and it's plug-ins are fully written in python. The project has more than 130 plug-ins, which check for SQL injection, cross site scripting (XSS), local and remote file inclusion and much more.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently gathers A, NS, MX records, performs axfr queries, gets extra names and subdomains via google scraping, bruteforces subdomains from file, calculate C class domain network ranges and perform whois queries on them, perform reverse lookups on netranges, writes to domain_ips.txt file ip-blocks.

Dnsmap is a small C based tool that performs brute force search/query of domains. The tool can use an internal wordlist, or work with an external dictionary file.
Request 566403 from Nikolay Ulyanitsky to include dnsmap to Fedora.

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.

Request 562467 closed in bugzilla to add openvas-libraries 3.0 to Fedora.
Request 562469 closed in bugzilla to add openvas-scanner 3.0 to Fedora.
Request 562470 closed in bugzilla to add openvas-client 3.0 to Fedora.

A fully automated, active web application security reconnaissance tool. Key features:
* High speed: pure C code, highly optimized HTTP handling, minimal CPU footprint - easily achieving 2000 requests per second with responsive targets
* Ease of use: heuristics to support a variety of quirky web frameworks and mixed-technology sites, with automatic learning capabilities, on-the-fly wordlist creation, and form autocompletion.
* Cutting-edge security logic: high quality, low false positive, differential security checks, capable of spotting a range of subtle flaws, including blind injection vectors.
Request 576431 in bugzilla to add skipfish to Fedora.

dcfldd is an enhanced version of GNU dd with features useful for forensics and security.
Request 583251 to add dcfldd to Fedora repository.

THC Amap is a next-generation tool for assistingnetwork penetration testing. It performs fast and reliable application protocol detection, independant on the TCP/UDP port they are being bound to.
Request 1035 in bugzilla to add package to the RPMFusion.

Nikto is a web server scanner which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated (if desired).
Request 575605 to update nikto package to new version.

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes preferred ciphers of the SSL service, the certificate and is in Text and XML formats.
Request 556161 in bugzilla to add package to the Fedora.

Metagoofil is an information gathering tool designed for extracting meta-data of public documents (pdf,doc,xls,ppt,odp,ods) availables in the target/victim websites.
Request 575504 in bugzilla to add package to the Fedora.

The purpose of Dnsenum is to gather as much information as possible about a domain. The program currently gathers A, NS, MX records, performs axfr queries, gets extra names and subdomains via google scraping, bruteforces subdomains from file, calculate C class domain network ranges and perform whois queries on them, perform reverse lookups on netranges, writes to domain_ips.txt file ip-blocks.

Dnsmap is a small C based tool that performs brute force search/query of domains. The tool can use an internal wordlist, or work with an external dictionary file.
Request 566403 from Nikolay Ulyanitsky to include dnsmap to Fedora.

Burp suite allows an attacker to combine manual and automated techniques to enumerate, analyse, attack, and exploit Web applications. The various burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another. Numerous interfaces are implemented between the different tools, designed to facilitate and speed up the process of attacking a Web application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting, and extensibility. Burp suite is extensible via the IBurpExtender interface.

NTLM Authorization Proxy Server' (APS) is a proxy software that allows you to authenticate via an MS Proxy Server using the proprietary NTLM protocol. Since version 0.9.5 APS has an ability to behave as a standalone proxy server and authenticate http clients at web servers using NTLM method. It can change arbitrary values in your client's request header so that those requests will look like they were created by MS IE. It is written in Python v1.5.2 language.

You can get great rpm package with nvidia binary drivers for Fedora Core 8 on www.freshrpms.net. These drivers work with dkms - means it will rebuild automatically for you with each update of kernel.

This is not a real player - it is just a wrapper to play movies with subtitles. It finds files which are named with the same name, but different extension as a .avi file and runs your favourite media player with subtitles. One of the main features is aimed on Central European users - it can automaticaly detect windows-1250 encoding and transform it to your encoding using the iconv. Subplay associates in GNOME to most common movie extensions. It's last feature is that is switches to-and-back to some video mode when playing movie. Please send me feedback if you are using this script.

This is a Tetris Attack like game. When you put three cubes with the same colour aline, they will disapear. If it sounds to you bit boring and in lack of action you are wrong. It is really worth of trying. I bet your girlfriend will love this game (at least my does :). Binary rpms for crack-atack are now available in Fedora even with the sound patch which makes it more fun to play-

Author: Daniel Nelson
Homepage: http://aluminumangel.org/attack/

This is small utility to update dynamic DNS at no-ip.com. This is valuable tool especially if you would like to drive ftp, mail or webserver, but your ISP gives you only dynamic IP adress via DHCP.

It can be run once during boot or as a daemon periodically monitoring your IP on external interface and updating the DNS.