SDT Cleaner

The SDT Cleaner allows you to clean hooks installed by Anti-Virus and Firewalls.
    iPhoneDbg Toolkit

A set of tools to delve into iPhone Binary Debugging.
    HeapDraw

HeapDraw/HeapTracer is a tool to visualize the evolution of the heap during the life of an application. We internally use this tool when writing exploits for heap corruption vulnerabilities.
    PSH Toolkit

This toolkit contains tools to list and modify windows logon sessions stored by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also to change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH ON Windows!).
    UHooker

A tool to intercept and manipulate execution of programs. It enables the user to insert hooks in function calls and arbitrary addresses within the executable file in memory. The hooks handlers are written in Python and can be changed at runtime without the need to restart the inspected process.
    Pcapy

Capture network packets from your Python programs on UNIX and Windows platforms.
    Impacket

Easily dissect and build network protocols in object-oriented Python.
    InlineEgg

A platform independent toolbox for writing assembly code in Python.
    MSyslog

A replacement for the traditional syslog daemon featuring cryptographic log protection, database backends.

Subscribe me to the announce mailing list!

 



What is Pcapy?

 

Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets.



Source code


Win32 binaries: Pick the appropriate Python or WinPcap version.

  • Latest release (0.10.5), updated on March 27, 2007 – windows installer – Python 2.5 and WinPcap 4.0.
  • 0.10.4, updated on Sep 14, 2005 – windows installer – Python 2.4 and WinPcap 3.1.

Advantages of Pcapy

  • Works with Python threads.
  • Functions in both UNIX with libpcap and Windows with WinPcap.
  • Provides a simpler Object Oriented API.


Setup

 

Quick start: Click the following link to get the latest stable release. Once you have done that, unpack it and run the python setup.py install from the directory where you placed it.

Requirements

  • A Python interpreter. Versions 2.1.3 and higher.
  • A C++ compiler. GCC G++ 2.95, as well as Microsoft Visual Studio 6.0 or MSVC 2003 depending on the Python version.
  • A Libpcap 0.9.3 or newer. Windows users should have installed WinPcap 4.0 or newer.

Compiling the source and installing

As this extension is written in C++ it needs to be compiled for the host system before it can be accessed from Python. In order to compile and install the source, execute python setup.py install from the directory where Pcapy's distribution has been unpacked. This will install the extension into the default Python modules path (you might need special permissions to write there). For more information on what commands and options are available from setup.py, run: python setup.py --help-commands.

 

 

This extension has been tested on Linux and Windows 2000 and XP systems and is known to work there. However, it should work on any box where Python and libpcap are available.



Documentation

 

Click the following link for an online copy of the bundled documentation.

 


Known issues

 

Some functions that are part of the pcap API have not been wrapped.

 

Licensing

 

This software is provided under a slightly modified version of the Apache Software License. Feel free to review it here and compare it to the official Apache Software License.

 

Contact Us

 

Whether you want to report a bug, send a patch or give some suggestions on this package, drop us a few lines at oss@coresecurity.com.

 

 

 

 

Core Security Technologies © 1998-2008  |  All rights reserved