*NOTE* Migrated to http://github.com/cracklib/cracklib Next generation version of libCrack password checking library. As of Oct 2008 (reflected in 2.8.15 code release), licensed under LGPL.
deletes junk files to free disk space and improve privacy
BleachBit frees disk space and maintains privacy. Cleans cache, Internet history, temporary files, logs, cookies, Firefox, Google Chrome, Flash, Windows, Linux, and more. Downloads are at www.bleachbit.org and source code is at GitHub.
The New Robolinux 9.1 LTE (2021) with automated wifi & video drivers
Announcing "The New Robolinux 9.1 LTE (2021) with automated wifi & video driver installers & much more!" Robolinux has really listened carefully to its User base and is extremely excited to release its first Robolinux 64 bit 9 series version Mate 3D which is based upon the 4.13 Linux kernel. Plus Stealth VM, C Drive to VM & our Apps Installers are all FREE! This first of many Robolinux 9 series versions with a focus on Privacy was built with a flawless crash free balance of the best current but highly stable Debian & Ubuntu source code, delivering exactly what our Users wanted in a Linux OS tht runs Windows XP, 7 & 10 natively inside it, with blazing fast speeds which is a hallmark of all Robolinux Operating Systems built since 2011. Please see the Readme.txt file for complete Robolinux V9.1 details For all downloads click on the "Browse All Files" button above. Thank you John Martinson Founder Robolinux.org
A network security analysis and monitoring toolkit Linux distribution.
Network Security Toolkit (NST) is a bootable ISO image (Live DVD/USB Flash Drive) based on Fedora 26 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems. The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.
Pyton GnuPGInterface is meant to be a filehandle-concentrating Python interface to GnuPG, the GNU Privacy Guard. It has an API similar to the Perl module GnuPG::Interface.
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections... It use the Python programming language.
The Desktop Webcam Widget
CamDesk is a free, open source, desktop webcam widget, that was created as home surveillance application. Although others have used it for demonstrations even with CamStudio, and QuickTime Player for screen casting.
Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you.
Automatic SQL Injection Exploitation Tool
Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
A protocol agnostic application layer denial of service attack.
PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.
Web Security Dojo is a preconfigured, stand-alone training environment for Web Application Security. Virtualbox and VMware versions for download. See "View all files" for VMware version.
Anomos is an anonymous, encrypted multi-P2P file sharing protocol, originally based on BitTorrent. See our homepage for more details.
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization
A simple keylogger written in python. It is primarily designed for backup purposes, but can be used as a stealth keylogger, too. It does not raise any trust issues, since it is a set of [relatively] short python scripts that you can easily examine.
Tool kit for building highly secure special-purpose operating systems
The Genode OS Framework is a tool kit for building highly secure special-purpose operating systems. It scales from embedded systems with as little as 4 MB of memory to highly dynamic general-purpose workloads. Genode is based on a recursive system structure. Each program runs in a dedicated sandbox and gets granted only those access rights and resources that are needed for its specific purpose. Programs can create and manage sub-sandboxes out of their own resources, thereby forming hierarchies where policies can be applied at each level. The framework provides mechanisms to let programs communicate with each other and trade their resources, but only in strictly-defined manners. Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems.
A port scanner, password cracker, DDOS tool, Web spider, for hacking.
DDOS Tool: To take down small websites with HTTP FLOOD. Port scanner: To know the open ports of a site. FTP Password Cracker: To hack file system of websites.. Banner Grabber: To get the service or software running on a port. (After knowing the software running google for its vulnerabilities.) Web Spider: For gathering web application hacking information. Email scraper: To get all emails related to a webpage IMDB Rating: Easy way to access the movie database. Both .exe(compressed as zip) and .py versions are available in files. The video above is unofficial and not in English. If some one wants to support the development please make a youtube video for Dark fantasy - hack tool. Post link in review or email me at email@example.com. I will add facebook hacking(phishing method) to the tool if you guys help me.
w3af, is a Web Application Attack and Audit Framework. The w3af core and it's plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross site scripting (xss), local and remote file inclusion and much more. This project has been migrated to github! See details in our project site: http://w3af.org/
UFONet - DDoS Botnet via Web Abuse
UFONet - is a free software tool designed to test DDoS attacks against a target using 'Open Redirect' vectors on third party web applications like botnet. See this links for more info: - CWE-601:Open Redirect: http://cwe.mitre.org/data/definitions/601.html - OWASP:URL Redirector Abuse: https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2 UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using; GET/POST, multithreading, proxies, origin spoofing methods, cache evasion techniques, etc. FAQ: http://ufonet.03c8.net/FAQ.html UFONet-v0.9(.zip) (md5:7540f45eb8e2d3881f8d17e9a638987a)
MitM pentesting opensource toolkit
Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net
Add security to your desktop by automatically locking and unlocking the screen when you and your phone leave/enter the desk. Think of a proximity detector for your mobile phone via bluetooth.
The Sentry tools provide host-level security services for the Unix platform. PortSentry, Logcheck/LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis.
[[We are in the progress of moving to github]] Metalinks is a project to facilitate data distribution over mirrors and P2P networks. It does so by defining an XML format and the tools to handle these. The metalink files contain all the information needed to download and verify files.