Unusual firewall bypassing techniques, network and computer security.

Lewis Carroll "Alice In Wonderland"
Chinese French Russian Spanish Polish Italian
Home | Projects | Papers | Forum | Team | Links | Contributions

Tunneling and Covert Channels tools.

This category includes concepts tools which technically implement Tunneling and/or Covert Channels network bypassing methods.

Local mirroring :

BackStealth [] - BackStealth is an innovative Security Utility allowing to bypass the outbound protection of a Personal Firewall in order to establish a remote connection.
Cd00r.c [cd00r.c] - cd00r.c is a working proof-of-concept code for a non listening remote shell on UN*X systems.
CGIProxy [cgiproxy.2.0.1.tar.gz] - CGI script, that acts as an HTTP or FTP proxy. Through it, you can retrieve any resource that is accessible from the server it runs on.
CorskScrew [corkscrew-2.0.tar.gz] - a tool for tunneling SSH through HTTP proxies.
Connect-tunnel [connect-tunnel-0.03.tar.gz] - Simple Perl script allowing to connect through an HTTP proxy (manage NTLM authentication).
CryptCat [cryptcat_linux.tar] [] - TCP/IP swiss army knife extended with twofish encryption.
Dns2tcp [dns2tcp-0.3.tar.gz] is a tool for relaying TCP connections over DNS UDP packets.
DNShell - is a proof-of-concept tool that uses DNS recursion for reverse communication channel. It works by sending periodically DNS TXT queries for the server part which encapsulates the command in TXT answer packet.
FireHole [firehole.exe] - personal firewall outbound detection bypassing.
Fwprc - Firewall-Piercing Tool Kit.
Ftp-tunnel [ftp-tunnel.tgz] - Executing commands on an NACS protected box using a master located on an external located box via an FTP tunnel.
Hcovert [hcovert-0.5.tar.gz] - is a steganographic communications tool used to create a covert channel using a HTTP GET request to convey it's message to a webserver and webserver log parsing to retrieve the message.
HttpTunnel [httptunnel-3.0.5.tar.gz] - creates a bidirectional virtual data connection tunnelled in HTTP requests.
IcmpTunnel [icmptunnel.tar.gz] - encapsulates data in ICMP frames.
IcmpTX [icmptx-0.01.tar.gz] - IP over ICMP.
IcmpShell [ish-v0.2.tar.gz] - provides the capability of connecting to a remote host to open a shell using only ICMP for input and output.
Itun [itun-04-10-2005.tar.gz] - (Simple icmp tunnel) provide encapsulation of IP packets into ICMP packets.
Kernel Socks Bouncer [ksb26-] - KSB is a Linux Kernel 2.6.x patch that redirects tcp connections to follow through socks5.
MailTunnel - creates a bidirectional virtual data path tunnelled in E-Mail messages.
Mirkov4 [] - Remote administration over http for Windows 2000/XP/2003.
Monkey Shell - is a simple python application that uses extensible markup language remote procedure calls (XML-RPC) to execute remote commands through the system shell.
Netcat - simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol. THE swiss army knife...
NtlmAPS [ntlmaps098.tar.gz] - is a NTLM authorization proxy server written in python.
PingTunnel [PingTunnel-0.61.tar.gz] - is a tool for reliably tunneling TCP connections over ICMP echo request and reply packets.
ProxyTunnel - a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy.
Python Raw Covert (Pyrawcovert) [pyrawcovert-0.1.tar.gz] - an improved version of Raw Covert in Python with tun mode.
Raw Covert (Rcover) [rcovert-0.1.tar.gz] - a proof-of-concept tool that uses ACK frames to initiate a covert channel thanks to wireless raw injection and monitor mode.
Reverb - Designed to tunnel through firewalls, it can relay passive to passive, active to active, and active to passive sockets.
Reverse Remote Shell [rrs-1.70.tar.gz] - is a tool featuring full OpenSSL support, Twofish encryption, snooping, reconnection features, etc.
Revinetd [revinetd-1.0.tar.gz] - TCP gender changer. It operates in two modes, listen-listen and connect-connect.
SAdoor [sadoor-20031217.tgz] - A non listening remote shell and execution server.
Shadowinteger's Backdoor [sbd-1.36.tar.gz] - NetCat clone designed to be portable and offering strong encryption for Unix like and Win32 OS.
Socat [socat-] - a relay for bidirectional data transfer between two independent data channels. Each of these data channels may be a file, pipe, device, a socket, an SSL socket, proxy CONNECT connection, a file descriptor, the GNU line editor, a program, or a combination of two of these :).
Socks via HTTP - Socks via HTTP is a program converting SOCKS requests into HTTP requests and tunnelling them through HTTP proxies if needed.
Stegtunnel [stegtunnel-0.4.tar.gz] - provides a covert channel in the IPID and sequence number fields of any desired TCP connection.
Stunnel [stunnel-4.05.tar.gz] - allows you to use the SSL protocol for arbitrary TCP connections.
Tentun [tentun-1.0.tar.bz2] - is a tunneling project that introduces the innovative concept of modifying packet traffic to include completely transparent covert traffic to existing streams of data.
The Intruder [] - a proof of concept implementation of win32 reverse backdoor program. It is a client program that communicates with the server part through HTTP protocol.
TunnelShell [tunnelshell_2.3.tgz] - Remote shell via IPv4 fragmented packets, TCP ACK, UDP, ICMP, raw IPv4 packets.

Tunneling and Covert Channels [sets of] tools/scripts.

This category includes [sets of] tools/scripts which allow an user to build network Tunnels and/or Covert Channels.

OpenSSL, TVSG-UPS, Desproxy, Recub, URCS.

Tunneling and Covert Channels Detection.

Tcpstatflow [tcpstatflow_v1.1.tgz] - Tunnels detection into Application level protocols. Tcpstatflow analize incoming and outgoing packets of each TCP connection, generating alarms when certains thresholds are surpassed - quantity of in and out packets/bytes per connection and connection elapsed.
SNORT Covered channels detector patch [snort_covered_channels_detection.txt] - Snort patch, based on "tcpstatflow" tool and written to be compiled with snort- using stream4 preprocessor.
l7-filter - Application Layer Packet Classifier is a classifier for the Linux kernel's Netfilter subsystem that identifies packets based on application layer data (OSI layer 7).

NACS penetration tests.

Firewall Tester - The Firewall Tester is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities.


Stegdetect and OutGuess - Stegdetect is an automated tool for detecting steganographic content in images. It is capable of detecting several different steganographic methods to embed hidden information in JPEG images. OutGuess is a universal steganographic tool that allows the insertion of hidden information into the redundant bits of data sources.

Security Teams and people, that we respect.

SecuriTeam, InfoSecWriters, Duke,

Non profit organizations, that we want to support.

Fondation Aide Populaire d'Urgence.

GNU  GNU General Public License
 GNU Free Documentation License