A network security analysis and monitoring toolkit Linux distribution.
Network Security Toolkit (NST) is a bootable ISO image (Live DVD/USB Flash Drive) based on Fedora 26 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86_64 systems. The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.
Web Security Dojo is a preconfigured, stand-alone training environment for Web Application Security. Virtualbox and VMware versions for download. See "View all files" for VMware version.
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization
Xplico is a Network Forensic Analysis Tool (NFAT)
Xplico is a Network Forensic Analysis Tool (NFAT). The goal of Xplico is extract from an internet traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP, MGCP, MEGACO, RTP), IRC, WhatsApp... Xplico is able to classify more than 140 (application) protocols. Xplico cam be used as sniffer-decoder if used in "live mode" or in conjunction with netsniff-ng. Xplico is used also in CapAnalysis: http://www.capanalysis.net
[[We are in the progress of moving to github]] Metalinks is a project to facilitate data distribution over mirrors and P2P networks. It does so by defining an XML format and the tools to handle these. The metalink files contain all the information needed to download and verify files.
A web interface for various penetration testing tools
Penetration-Testing-Toolkit is a web based project to automate Scanning a network,Exploring CMS, Generating Undectable metasploit payload, DNS-Queries, IP related informations, Information Gathering, Domain related info etc
Videovigilancia, Control de Acceso y Carnetización
Sistema Integrado de Protección Venezolano con capacidades de Videovigilancia, Control de Acceso y Carnetización para el resguardo físico de instalaciones.
Thief Hunter is a simple utility that helps you to track your MacBook in case of theft.
A.I. security app. Development ceased.
An alternative Identification system that is a replacement for Microsoft's Passport and the Liberty Alliance. Its a simple architecture that is setup so anyone can run a server and thereby have control over their online identification.
Yokoso is a project geared toward fingerprinting infrastructure. Yokoso will determine what web interfaces are available on a specific network.
A collection of python scripts which maintain a small linux distribution for a web-managed VPN endpoint providing distributed authentication, roaming profiles, and PKI services. All management is done via encrypted http. Uses LDAP, Kerberos, Apache, Pyth
A flexible, extendable content filter
Archangel is meant to be a sort of 'improved' version of dansguardian and uses the same default lists as dansguardian. It is basically dansguardian rewritten in python as an ICAP server as opposed to a proxy front-end. The benefits of archangel over dansguardian include: 1. Because it is an ICAP filter, it interfaces with squid and can do HTTPS filtering as well as regular HTTP. 2. Because it uses blocking modules and is written in python, it is extremely easy to write new modules for very complex, intensive blocking. I have already written a module that does content-based blocking of youtube videos. Archangel uses the pyicap library to implement the ICAP functionality. The blockpage requires use of the PHP 5.4.x CLI. In order to do HTTPS filtering, you must first install squid compiled with SSL support and configure it to talk to archangel.
This is a apache v2.0 authentication module. Based on html form authentication and cookie authentication session. Cookie session are stored in memcache deamon. Can be used has an simple "Single Signe-On" (SSO). All the code source and the bug tracking has migrated to github: https://github.com/ZenProjects/Apache-Authmemcookie-Module All the documentation are here: https://zenprojects.github.io/Apache-Authmemcookie-Module/
The projects of ChiNvo Studio
The projects of ChiNvo Studio
This project is intended to host developer clients for openhuman.org web services - free collaborative protection system against userbase contamination by disposable email addressing (DEA) and public accounts.
CogniSec Enterprise Firewall is a project designed to create an entirely open source, feature-rich, enterprise firewall and VPN gateway.
This is a community effort to study and improve security of WPA protected WiFi networks.
GuerillaTactics is an effort to bring "Computer Education Through Security Analysis". We aim to create a security education "lab kit" including management software and a curriculum framework.
Network/Software vulnerability scanner with a PHP-based web interface and robust compliance and reporting features.
An open source data leak prevention solution
NetSV is part of the management/supervision plane and its role is to assist the network administrator when performing an IPv6 network renumbering by supervising the procedure and making diagnostics on the monitore hosts.
Open Source Security Assessment Management System
As information security professionals, we conduct security assessments for companies. One of the biggest problems we have is after all the data is collected, how can we correlate the data accurately. So we decided to start a project to solve this problem, and we are calling it Open Source Security Assessment Management System (OSSAMS). OSSAMS is a framework for putting configuration files, security scan data files (like Nessus), and other data collected, during a security assessment or penetration test, into a RDBMS. The framework is going to be designed in a fashion similar to Metasploit, SNORT, or other systems that allow the security community to create plugins for new tasks as needed. The primary goal of OSSAMS is to normalize the data, there by allowing the security professional to better assess the current state of security for an organization.
Download code, Learn code, Share code. The Ongoing Object-oriented Perl Project. scripts, tutorials, modules, case studies, anything OOPerl --not excluding contributions of OO discipline in other programming languages.