Search Results for "file analysis"

AWStats is a free powerful and featureful server logfile analyzer that shows you all your Web/Mail/FTP statistics including visits, unique visitors, pages, hits, rush hours, os, browsers, search engines, keywords, robots visits, broken links and more

readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones.

Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.

ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture...

Chords is strings on steroids. Is able to extract strings from files just like strings, but it also supports windows wide string, base64 and hexadecimal strings (with decoding support) and automatic recognition of Indicators of Compromise (IOCs). It has been developed to support the malware analysis process, but is a general purpose tool.

ansvif, or A Not So Very Intelligent Fuzzer, suited to find bugs in code by throwing garbage arguments, files, and environment variables at the target program, that you may or may not have the source code to. It supports many features, such as buffer size, randomization of the buffer size, random data injection, templates, and much more. The purpose of this project is to identify bugs in software, specifically bugs that can induce a segmentation fault under various conditions. This aids...

The Password Guessing Framework is an open source tool to provide an automated and reliable way to compare password guessers. It can help to identify individual strengths and weaknesses of a guesser, its modes of operation or even the underlying guessing strategies. Therefor, it gathers information about how many passwords from an input file (password leak) have been cracked in relation to the amount of generated guesses. Subsequent to the guessing process an analysis of the cracked passwords...

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR...

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics...

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way.

Zero Wine is a malware's behavior analysis tool. Just upload your suspicious PE file (windows executable) through the web interface and let it analyze the behaviour of the process.

The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.

REL (Research and Education Language) is a simple but very powerfull language with a compiler, an interpreter and a verifier.

ConDEnSE (Confidential Data Enabled Statistical Exploration) will be a web-based environment for statistical analysis of confidential data from various database sources, based on Plone and R, and using the Jackknife method of confidentiality protection.

The purpose of eAudit is to provide a comprehensive reporting capability relating to Electronic Auditing for various industries.

Hide your data from any scans for fingerprints at forensic analysis. Fragger is an concept to fragment files into many small files by scrambling the content of the source file.

FLAG was designed to simplify the process of log file analysis and forensic investigations. FLAG facilitates efficient analysis of large quantities of data within an interactive environment. PyFlag is the reimplementation of FLAG in Python.

Nuhe is a log monitoring system, which is capable of alarm generation and action when rules are matched against log(s) activity.

Phormat is a dataset format analysis tool to aid in the understanding and comprehension of unknown or undocumented file and protocol formats.

Nmap Log Stripper is a Bash script intended to be a way to condense all, or some, of the IPs of a "random" (-iR) nmap scan into a file for later usage.

Privale is a p2p network following the form of onion routing/mixmaster networks. But, it is an anonymous publish and retrieval medium, not a proxy system. Privale attempts to defend against denial of service attacks, Sybil attacks, and traffic analysis

Command line encryption tool for one time, daemon, or stream data processing. Data stats, check sums, conversion to/from text. Data/keys from files, pipes, standard input. In-place/diverted processing or data-analysis-only. Random, file, password keys.

Shade is a versatile LSB (least significant bit) manipulation and analysis tool used to hide/retrieve files from within other files, such as images. The goal is to make the existence of the hidden file completely undetectable, and optionally encrypted.

DNA is an open, flexible and extensible deep network analyzer software server and software architecture for gathering and analyzing network packets, network sessions and applications protocols, passively off enterprise class networks.

Java Randomness Test Suite is a gui application to run randomness tests on random stream resource (file or algorithm). Application can be run in command line. Includes general statistical tests, NIST and DIEHARD tests.