Open Source Security Software - Page 6

[IMPORTANT] Retroshare is now distributed on Github. Please go to http://retroshare.net to find the latest releases and sources. RetroShare is a cross-platform, secured and decentralized communication system. It lets you to securely chat, share photos, videos, and more with family and friends, using OpenPGP to authenticate peers and OpenSSL to encrypt all communication.

Libnids - NIDS E-component, based on Linux kernel. This library provides IP defragmentation, TCP reassembly and port scan detection.

See http://silcnet.org/ for detailed information. SILC provides common chat and conferencing services like private messages, instant messages, channels and groups, and video and audio conferencing. The main difference to other protocols is that SILC has been designed with security as its main feature. All packets and messages sent in SILC network are always encrypted. Private messages are encrypted end-to-end, channel message are encrypted with channel-wide secret key and secure file transfer is protected peer-to-peer.

pyscard is a python module adding smart cards support (PC/SC) to python.

This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons Gökhan Muharremoğlu

QPass is easy to use, open source password manager application with built-in password generator. You can store in it's database such data as passwords and logins which will be encrypted using AES-256 with PBKDF2(number of iterations set by user). Each entry can include additional information about entry such as name, url adress and description.

Logsurfer is a program for monitoring system logs in real-time, and reporting on the occurrence of events. It is capable of grouping information together to enhance loganalysis and create automatic reports.

UFONet - Is a set of hacktivist tools that allow launching coordinated DDoS and DoS attacks and combine both in a single offensive. It also works as an encrypted DarkNET to publish and receive content by creating a global client/server network based on a direct-connect P2P architecture. + FAQ: https://ufonet.03c8.net/FAQ.html -------------------------------------------- -> UFONet-v1.8 [DPh] "DarK-PhAnT0m!" (.zip) -> md5 = [ c8ab016f6370c8391e2e6f9a7cbe990a ] -> UFONet-v1.8 [DPh] "DarK-PhAnT0m!" (.tar.gz) -> md5 = [ 8a4cd86c21db2ad657eb75e6ac0e52d5 ] --------------------------------------------

The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, PGP, OOXML and MRTD (ePassport DS).

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

Add security to your desktop by automatically locking and unlocking the screen when you and your phone leave/enter the desk. Think of a proximity detector for your mobile phone via bluetooth.

The Safe C Library provides bound checking memory and string functions per ISO/IEC TR24731. These functions are alternative functions to the existing standard C library that promote safer, more secure programming. The ISO/IEC Programming languages — C spec, C11, now includes the bounded APIs in Appendix K, "Bounds-checking interfaces". This latest upload supports building static library, a shared library and a linux kernel module.

Open1X is an open source implementation of the IEEE 802.1X protocol. This project includes support for the supplicant, while other projects (e.g., FreeRADIUS) provide support for the authentication server.

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

pam_mount is a Pluggable Authentication Module that can mount volumes for a user session (login). Supports mounting local filesystems of any kind the normal mount utility supports, with extra code to better support CIFS, FUSE, various crypto, and more.

w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/

Output spool reader for Snort! This program decouples output overhead from the Snort network intrusion detection system and allows Snort to run at full speed. It takes input and output plugins and can therefore be used to convert almost any spooled fil

Zebedee is a simple program to establish an encrypted, compressed "tunnel" for TCP/IP or UDP data transfer between two systems.

Intended for Developers to highlight their security weak coding and show them how attackers can abuse these weaknesses. Refer to the following web sites for directly viewing training movies online. http://yehg.net/lab/#training http://core.yehg.net/lab/#training

Logs Analyzer, Alerter & Reporter with a Web Interface

Development of libwhisker (a full-featured Perl library used for HTTP-related functions, including vulnerability scanning and exploitation).

IKECrack is an IKE/IPSec crack tool designed to perform Pre-Shared-Key [password] analysis of RFC compliant aggressive mode authentication.

Oinkmaster is a simple yet powerful Perl script to update and manage Snort signatures.

Black Mamba is a Command and Control (C2) that works with multiple connections at same time. It was developed with Python and with Qt Framework and have multiple features for a post-exploitation step.

DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN. Runs on TCP. Works pretty much everywhere, including on public WiFi where only TCP/443 is open or reliable. Uses only modern cryptography, with formally verified implementations. Small and constant memory footprint. Doesn't perform any heap memory allocations. Small (~25 KB), with an equally small and readable code base. No external dependencies. Works out of the box. No lousy documentation to read. No configuration file. No post-configuration. Run a single-line command on the server, a similar one on the client and you're done. No firewall and routing rules to manually mess with. Doesn't leak between reconnects if the network doesn't change. Blocks IPv6 on the client to prevent IPv6 leaks. Works on Linux (kernel >= 3.17), macOS and OpenBSD, as well as DragonFly BSD, FreeBSD and NetBSD in client and point-to-point modes. Adding support for other operating systems is trivial.