Cross-platform smart fuzzer
Peach Community 3 is a cross-platform fuzzer capable of performing both dumb and smart fuzzing. Peach includes a robust monitoring system allowing for fault detection, data collection, and automation of the fuzzing environment. Peach does not target one specific class of target, making it adaptable to fuzz any form of data consumer. Peach is commonly used to fuzz file formats, network protocols, and APIs. With targets ranging from web browsers and network services through mobile devices, industrial control systems (SCADA) and even down at the silicon level. All features of Peach are designed to be easily extended. This include mutation algorithms, data types, I/O adapters, monitoring modules, etc. Extensions to Peach are typically written in the C# language as assembly modules that are identified through reflection. Peach has been in active development since 2004. The first version of Peach was written while drinking beer at PH-Neutral in Berlin.
An alarm for your MacBook.
iAlertU is an alarm system for your Apple MacBook that uses the built in motion detection to trigger the alarm and the iSight to capture the image of the thief. Among many other features, it incorporates the ability for users with iPhone, iPad, or iPod Touch to connect to and control iAlertU remotely.
UFONet - DDoS Botnet via Web Abuse
UFONet - is a free software tool designed to test DDoS attacks against a target using 'Open Redirect' vectors on third party web applications like botnet. See this links for more info: - CWE-601:Open Redirect: http://cwe.mitre.org/data/definitions/601.html - OWASP:URL Redirector Abuse: https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2 UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc. FAQ: http://ufonet.03c8.net/FAQ.html UFONet-v0.9(.zip) (md5:7540f45eb8e2d3881f8d17e9a638987a)
Libnids - NIDS E-component, based on Linux kernel. This library provides IP defragmentation, TCP reassembly and port scan detection.
RetroShare is a cross-platform, secured and decentralized communication system. It lets you to securely chat, share photos, videos, and more with family and friends, using OpenPGP to authenticate peers and OpenSSL to encrypt all communication.
Windows tool to read SIM card information and content
SIMCardManager is Windows tool that can read a SIM card information (ICCID, IMSI, Pin states) and SIM card content : phone book (ADN), Fixed dialing (FDN) and SMS messages. It also enables you to authenticate with PIN when activated and export SIM card content to text files. You need to have a PC/SC compatible smart card reader or dongle with SIM slot. You can find other useful tools on my website http://www.idrix.fr
LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach linux,apache,php,mysql security.
Free-SA is report generating tool for web, proxy and mail log files
Free-SA is logs processor and report generating tool. It can be used to control traffic usage, to evaluate conformance to the Internet access security policies, to investigate security incidents, to evaluate web server efficiency and to detect troubles with server configuration.
Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org
Tool kit for building highly secure special-purpose operating systems
The Genode OS Framework is a tool kit for building highly secure special-purpose operating systems. It scales from embedded systems with as little as 4 MB of memory to highly dynamic general-purpose workloads. Genode is based on a recursive system structure. Each program runs in a dedicated sandbox and gets granted only those access rights and resources that are needed for its specific purpose. Programs can create and manage sub-sandboxes out of their own resources, thereby forming hierarchies where policies can be applied at each level. The framework provides mechanisms to let programs communicate with each other and trade their resources, but only in strictly-defined manners. Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems.
Motion monitors the video signal from one or more cameras (video4linux interface) and is able to detect if a significant part of the picture has changed. Features: interval snapshots, live streaming webcam, mpeg generation, database interface, OSD etc. For the latest releases and deb packages go to the Motion home page
A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net
A utility for detecting and resisting BIDIRECTIONAL ARP spoofing. It can anti-spoof for not only the local host, but also other hosts in the same subnet. It is as well a handy helper for gateways which don't work well with ARP.
SilentEye is a cross-platform application design for an easy use of steganography. It provides a pretty nice interface and an easy integration of new steganography algorithm and cryptography process.
MUTE is a secure, anonymous, distributed communications framework. Node-to-node connections are encrypted, and messages are routed using an ant-inspired algorithm. The first MUTE-based app supports anonymous file sharing.
MitM pentesting opensource toolkit
Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)
Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. mercurial repo: http://hg.code.sf.net/p/tboot/code.
This is a module that allows PAM aware applications to authenticate users through a MySQL database. Now configurable in terms of which host the database reside upon, which table and username and password column to interrogate.
Steghide UI is a nifty GUI written by Drunken.Canadian for the console application steghide as the name suggests. It allows the user to everything steghide can but with a nice user friendly GUI. Now, steghide UI has a new options panel.
Formerly known as DotNetOpenId, this library brings easy and flexible OpenID, OAuth and InfoCard to the .NET platform. Official web site is at http://www.dotnetopenauth.net/, which includes source code downloads.
Foremost is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file
The Powerful Protection for PC Against Viruses from Removable Drives
Shiela USB Shield is a powerful first line defense against virus from infected removable drives. * It locks autorun.inf and associate executable files in multiple instance * Delete/Freeze the shortcut file or clone file, and restores the original automatically. * It is free and open source. System Requirements 1) Windows 2000 or later 2) 256Mb RAM or higher 3) 1GHz Processor or faster 4) .NET Framework 2.0 or later must be installed
Summary goes here.
Base64 Encoder/Decoder is a tool that allows you to encode/decode in base64. Commonly template designers and authors will encode their copyright footer in to their work to help prevent people from finding and removing it. With this tool you can use it to modify the base64 encoded text. This tool can also create an MD5 hash of ASCII text.
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits / LKMs or by another hiding technique.