Collaboration and reporting tool for InfoSec teams.
Combine the output of multiple tools, add your own manual findings and screenshots and generate a report. Everyone on the same, working better, together.
Platform for risk analysis of security critical IT systems using UML, based on the CORAS model-based risk assessment methodology. Contains an XML and UML repository, facilitating management and reuse of analysis results.
The Inside Security Rescue Toolkit is a multi-purpose disaster recovery and network analysis system. It runs from a credit card-sized CD-ROM for convenient transport or download. It has read-write support for NTFS-partitions, full partition handling supp
The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you.
This project provides a java implementation of the Captcha project ( see http://www.captcha.net ). A CAPTCHA is a program that can generate and grade tests that: -Most humans can pass. -Current computer programs can't pass.
Motion monitors the video signal from one or more cameras (video4linux interface) and is able to detect if a significant part of the picture has changed. Features: interval snapshots, live streaming webcam, mpeg generation, database interface, OSD etc. For the latest releases and deb packages go to the Motion home page
The Safe C Library provides bound checking memory and string functions per ISO/IEC TR24731. These functions are alternative functions to the existing standard C library that promote safer, more secure programming. The ISO/IEC Programming languages — C spec, C11, now includes the bounded APIs in Appendix K, "Bounds-checking interfaces". This latest upload supports building static library, a shared library and a linux kernel module.
Open1X is an open source implementation of the IEEE 802.1X protocol. This project includes support for the supplicant, while other projects (e.g., FreeRADIUS) provide support for the authentication server.
The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, OOXML and MRTD (ePassport DS).
ANts P2P realizes a third generation P2P net. It protects your privacy while you are connected and makes you not trackable, hiding your identity (ip) and crypting everything you are sending/receiving from others.
Adobe Flash SWF file reader, editor
Adobe Flash SWF editor which can read and edit bytecode.
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by rootkits / LKMs or by another hiding technique.
Add security to your desktop by automatically locking and unlocking the screen when you and your phone leave/enter the desk. Think of a proximity detector for your mobile phone via bluetooth.
Output spool reader for Snort! This program decouples output overhead from the Snort network intrusion detection system and allows Snort to run at full speed. It takes input and output plugins and can therefore be used to convert almost any spooled fil
A utility for detecting and resisting BIDIRECTIONAL ARP spoofing. It can anti-spoof for not only the local host, but also other hosts in the same subnet. It is as well a handy helper for gateways which don't work well with ARP.
continuation of the famous proxychains project by netcreature
proxychains is a hook preloader that allows to redirect TCP traffic of existing dynamically linked programs through one or more SOCKS or HTTP proxies.
msfvenom shellcode generator/compiler/listenner
The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ), injects the shellcode generated into one funtion (example: python) "the python funtion will execute the shellcode in ram" and uses compilers like: gcc (gnu cross compiler) or mingw32 or pyinstaller to build the executable file, also starts a multi-handler to recibe the remote connection (reverse shell or meterpreter session). -- 'shellcode generator' tool reproduces some of the technics used by Veil-Evasion framework, unicorn.py, powersploit, etc,etc,etc.."P.S. some payloads are undetectable by AV soluctions yes!!!" one of the reazons for that its the use of a funtion to execute the 2º stage of shell/meterpreter directly into targets ram.
axTLS is a TLSv1 SSL library designed specifically for embedded devices, with a highly configurable interface for small memory footprints.
A Steganographic Tool that lets u hide any file into any file. It is based on Image, Audio, Video Steganography that hides any file or message into an image(BMP,JPG,GIF), Audio/Video(MPG, WAV, etc) or any other file format(PDF,EXE,CHM etc..)
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.
Log Management Solution
Logs Analyzer, Alerter & Reporter with a Web Interface
Mod_auth_kerb is a module that provides Kerberos user authentication to the Apache web server. It allows to retrieve the username/password pair, and also supports full Kerberos authentication (also known as Negotiate or SPNEGO based authentication).
Copfilter is a easy to install addon for the opensource firewall IPCop. It filters POP3, SMTP, HTTP, and FTP traffic for viruses and spam using various open source programs.
Tabbed notebook with RichText editor, multi-level notes and strong encryption