Search Results for "log analysis tools"

al-khaser is an open-source proof-of-concept security tool that deliberately implements techniques commonly used by real-world malware to test and evaluate the effectiveness of antivirus and endpoint detection and response (EDR) systems. It’s written in C/C++ and designed to execute a wide range of anti-analysis, anti-debugging, anti-virtualization, timing-based evasion, and sandbox detection routines so security researchers and defenders can see how well their tools detect or ignore these behaviors. The project includes checks for debugger presence, stealthy anti-dumping measures, various VM and sandbox artifacts, and process injection techniques, giving you a broad view of how defensive tools respond under stress. al-khaser isn’t malicious by intent — its purpose is to help security teams identify gaps in their detection logic and harden defenses by simulating evasive behaviors without actual payloads.

X-Itools: eXtended Internet Tools. Suite of tools composed of several collaboration modules. Old and initial project born in 1999, 1st published in 2001 on Sourceforge. X-Itools E-mail management module (log analysis) initiated in 2004 with Web 1.0 technologies (private SVN server). X-Itools development restarted since 2011, on the basis of a unique module: E-mail management module (log analysis).

Blackbone is a powerful Windows-focused memory manipulation and process interaction library intended for developers needing deep access to system internals, reverse engineering, or dynamic analysis tools. It provides a comprehensive API in C++ that allows allocation and management of virtual memory in local and remote processes, reading and writing remote process memory, enumerating loaded modules, creating and controlling threads, and performing complex pattern searches—all with support for both 32-bit and 64-bit architectures. ...

What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...

...https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture regardless of third party developers. In fact, the agnostic nature allows it to bridge gaps between multiple SIEM implementations across business units. For more on use cases, check out the Intersect Alliance website. https://www.snaresolutions.com/ Snare Enterprise’s premium features include: - Regulatory Compliance - TLS Encryption - Log Simulcasting - TCP – Guaranteed Log Delivery - USB Device Monitoring - And more! ...

VoIP Honey project provides a set of tools for building an entire honeynet, thus includes honeywall and honeypot emulating VoIP environments such as Asterisk PBX or OpenSer with fully configurable connections. Voip Honey runs on GNU/Linux and Windows Systems. It can be compiled for Mac OSX as well.

A suite of source and binary programs to test the capabilities of code analysis tools. A reference implementation of x86 binary analysis in C# is also included.

SpyOS represents the evolution of ProcessMemoryDumper, presents extended functionalities in process analysis, memory monitoring, kernel and network monitoring with extended log production and diffing mechanisms.

SpyOS represents the evolution of ProcessMemoryDumper, presents extended functionalities in process analysis, memory monitoring, kernel and network monitoring with extended log production and diffing mechanisms.

libapache2-mod-scramble-ip encrypts IPs in the apache-server in a way, that you can still work with them (for analytics etc.) but its not possible to find out the original IP.

Cnc's IP Data Volume Report: Logs IP to IP contact, number of packets, bytes, time of contact, Ethernet too! View via local web interface. Very simple for those who want to view who your computer is contacting the most!

Command line encryption tool for one time, daemon, or stream data processing. Data stats, check sums, conversion to/from text. Data/keys from files, pipes, standard input. In-place/diverted processing or data-analysis-only. Random, file, password keys.

Panoptis plans to create a network security tool (N-IDS) to detect and block DoS and DDoS attacks. The programming language is C++, and the input is being provided by routers.

Snort KDE Alerter - this application analyzes snort (+acid) logs (from file or from DB) and in case of new alert displays it in a popup window. It can be integrated into KDE (minimize in the KDE tray). Application permits setting filters, and various sett

M-ICE is a modular hostbased intrusion detection framework. It is used as middleware to close the gap between IDS research and IDS development. M-ICE consists of various parts that can be connected together by using network-or interprocess-communication

This is a multiplatform general utility suite for use with existing network stumbling software, such as Kismet or NetStumbler. The program will convert between multiple output logs, including the popular wi-scan format, between platforms.

Live Security/Forensics Linux Distribution, built from scratch and packed full of tools useful for vulnerability analysis, penetration tests, and forensic analysis.

The Secure Remote Log Monitor (SRLM) project provides client and server utilities that collect application or system log files from multiple systems over an untrusted network onto a central server for analysis and action.

Packet2sql will convert any text file/log file which contains ipchains packet logs into a stream of SQL inserts which can be used as the base for a firewall-analyzing database application.

PHP packet2sql is a spawn of xant's packet2sql program. This program provides a PHP frontend to packet2sql and also enables packet2sql to work with both iptables and ipchains network filters (instead of just ipchains).

A command line tool written in C++ that analyzes the source files of a C program to represent the pattern of its system calls in terms of a LALR(1) grammar.