Browser for using Tor on Windows, Mac OS X or Linux
Tor Browser enables you to use Tor on Windows, Mac OS X, or Linux without needing to install any software. Tor is a software that bounces your communications around a distributed network of relays run by volunteers. This effectively prevents anyone watching your Internet connection from learning what sites you visit; it prevents the sites you visit from learning your physical location; and allows you access to sites which are blocked. Tor Browser can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable).
Metasploitable is an intentionally vulnerable Linux virtual machine
This is Metasploitable2 (Linux) Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques. The default login and password is msfadmin:msfadmin. Never expose this VM to an untrusted network (use NAT or Host-only mode if you have any questions what that means). To contact the developers, please send email to firstname.lastname@example.org
Safe Exam Browser is a webbrowser-environment to carry out online-exams safely. The software changes any computer into a secure workstation. It regulates the access to any utilities and prevents students from using unauthorised resources.
The portable software collection
winPenPack is a project that aims at collecting the most frequently used and most popular open source applications made portable, so that they can be executed without installation from any USB Flash Drive or Hard Disk. The winPenPack suites offer a wide range of portable applications like office tools, internet tools, multimedia tools, development tools, security applications and other frequently used utilities. Everything you need, completely free, open source and portable!
JSch is a pure Java implementation of SSH2. JSch allows you to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs.
X Certificate and Key management is an interface for managing asymetric keys like RSA or DSA. It is intended as a small CA for creation and signing certificates. It uses the OpenSSL library for the cryptographic operations. Please see the XCA homepage http://hohnstaedt.de/xca
Open Source PKI solutions
The OpenCA PKI Development Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide.
SharpSSH is a pure .NET implementation of the SSH2 client protocol suite. It provides an API for communication with SSH servers and can be integrated into any .NET application.
A protocol agnostic application layer denial of service attack.
PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.
A file system plugin Total Commander
This plugin allows you to combine the power of Total Commander with the security of SFTP (using SSH) and the comfort of PuTTY.
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.
Bruter is a parallel network login brute-forcer on Win32. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.
OpenAS2 is a java-based implementation of the EDIINT AS2 standard. It is intended to be used as a server. It is extremely configurable and supports a wide variety of signing and encryption algorithms. Planned enhancements in the next major release: - User interace configuration GUI - Certificate Exchange Management - OSGi deployer IMPORTANT: Read the release notes for running OpenAS2 with Java 1.6 Java 1.5 is no longer supported.
The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.
IBM's TPM 2.0 TSS
This is a user space TSS for TPM 2.0. It implements the functionality equivalent to (but not API compatible with) the TCG TSS working group's ESAPI, SAPI, and TCTI API's (and perhaps more) but with a hopefully simpler interface. It comes with over 110 "TPM tools" samples that can be used for scripted apps, rapid prototyping, education, and debugging. It also comes with a web based TPM interface, suitable for a demo to an audience that is unfamiliar with TCG technology. It is also useful for basic TPM management. See the below link for operating system, platform, and hardware support. See the companion IBM TPM 2.0 at https://sourceforge.net/projects/ibmswtpm2/ and attestation at projects/ibmtpm2acs I welcome (1) bug reports, (2) documentation requests, (3) suggestions for ECC tests, and (4) requests for features for which you have an immediate need. See the wiki for additional support - additions to the documentation.
Open1X is an open source implementation of the IEEE 802.1X protocol. This project includes support for the supplicant, while other projects (e.g., FreeRADIUS) provide support for the authentication server.
axTLS is a TLSv1 SSL library designed specifically for embedded devices, with a highly configurable interface for small memory footprints.
Shell extension for easily calculating a file's hash (MD5/SHA1/etc.)
CyoHash is a simple shell extension that is used from within Windows Explorer to calculate the MD5 hash, SHA1 hash, or CRC32 checksum of a file. (Additional SHA256, SHA384, and SHA512 algorithms are available for users of Windows XP SP3 or newer.)
This project is an implementation of the TCG TPM 2.0 specification. It is based on the TPM specification Parts 3 and 4 source code donated by Microsoft, with additional files to complete the implementation. See the wiki for additional support - additions to the documentation. See the companion IBM TSS at https://sourceforge.net/projects/ibmtpm20tss/
Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. mercurial repo: http://hg.code.sf.net/p/tboot/code.
Extensible User Folder is a Zope user folder that requires the authentication of users to be removed from the storage of properties for users. Writing new authentication or property sources requires no intimate Zope authentication knowledge.
Oinkmaster is a simple yet powerful Perl script to update and manage Snort signatures.
Mod_auth_kerb is a module that provides Kerberos user authentication to the Apache web server. It allows to retrieve the username/password pair, and also supports full Kerberos authentication (also known as Negotiate or SPNEGO based authentication).
The OVAL Interpreter is a freely available reference implementation that demonstrates the evaluation of OVAL Definitions. Based on a set of OVAL Definitions the interpreter collects system information, evaluates it, and generates a detailed OVAL Results file. Developed to demonstrate the usability of OVAL Definitions and to ensure correct syntax and adherence to the OVAL Schemas by definition writers, it is not a fully functional scanning tool nor an enterprise scanning tool. It is a simplistic, command-line application that has the ability to execute OVAL Content on an end system. To learn more about organizations that provide OVAL content and tools or otherwise support the OVAL Language, please see the OVAL Adoption Program (http://oval.mitre.org/adoption/).
pamtester is a tiny utility program to test the pluggable authentication modules (PAM) facility, specifically designed to help PAM module authors to intensively test their own modules.