Panda SM Manager versions 2.0.10 and below fail to verify the SSL certificate they receive when connecting to a secure site.
dfe5300d2107330ced841e180c483ee653bc38ee91c0e0d2ee0ee149d923f6e8
The Dell SecureWorks iOS application versions 2.0.6 and below do not validate the SSL certificate they receive when connecting to a secure site.
e14bb5ea2c56a96650327f66aa9280d786bba3fbf57df445d93d940bb0c67386
Webroot SecureAnywhere Business versions 1.10.316 and below fail to validate SSL certificates.
6616ed1138b3c82afa9932a56e43ce8c705fd7242b264fe7a0bc7e78411b3522
Avira Mobile Security versions 1.5.7 and below send credentials in the clear over HTTP.
07268a63a10e9e04ee38ecd991fda216994295c0b1d633261d7e59f97a112f35
Thycotic Password Manager Secret Server suffers from a man-in-the-middle SSL certificate verification vulnerability.
ca0c577c1b40652ec6da8907fc9e9a09da168ae5fa678784033520dabc1f55de
McAfee Advanced Threat Defense suffers from sandbox fingerprinting and bypass vulnerabilities.
2624fb2773fbb3eb3d8992461ab80c9bd568b23d1658a54e5724fd69b9e9c767
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
f2dd6d877e15363bbb90325683e06abdd781aa3fa18b4e97de95fd0b8d904817
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
ae853ced1e0f3446f86a75db60b1aa28e2344aae92002f1ae7860e5b0620124e
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
b1b3a50167e875ae8a49b1069e893267ee5dd2ab3c6ef6b733760e63b4bdc904
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
dd38a277cf5f75bd141c92c52d4a943be4377fb60f3ec5a8fd8b6e6d380f4122
p0f performs passive OS detection by watching SYN packets with tcpdump. Additionally, it is able to determine distance to the remote host, and can be used to determine the structure of a foreign or local network. When running on the gateway of a network it is able to gather huge amounts of data and provide useful statistics. On a user-end computer it could be used to track which operating systems are making each connection. p0f supports full tcpdump-style filtering expressions, and has an easily modified fingerprinting database. Note that this version is the win32 compiled version. Original code by Michal Zalewski, compiling by David Coomber.
e5665aaef9dea1dbdd6c08e7f76453874a605f513f2c431e34a940104a886c8e
macgen is a small utility designed to produce a random MAC address.
e555731bf84423b4d1422136dd8ec47eb0c099ac47a16eb1ca81e690071bf489