Search Results for "binary analysis tool"

Visual Figaro is an integrated environment to develop component libraries for the dependability modeling tool KB3 used by EDF (http://www.edf.fr/recherche/codes-de-calcul/kb3). KB3 is based on the FIGARO reliability modeling language, suitable for describing CTMC (continuous time Markov chains), DES (discrete event simulation) models, and for automatic generation of fault trees. FIGARO is objet oriented, close to natural language and enables building libraries of reusable components...

...WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities. The output of the tool is: - shows the vulnerabilities found and how they are corrected - new files with the corrections

AppSec Labs recently developed the AppUse Virtual Machine. This system is a unique, free, platform for mobile application security testing in the android environment, and it includes unique custom-made tools created by AppSec Labs. AppUse Pro v3 is now available in AppUse website:

The Security Workflow Analysis Tool (SWAT) is a platform for modelling and analyzing workflows. It comes with ananlysis approaches to search for data leaks in workflows.

PHParser 1.2 generates a pure Java parser for PHP programs. Invoking this parser yields an explicit parse tree (AST) and a tree walker suitable for further analysis. This tool package is based upon: - ANTLR 3.2 or higher (www.antlr.org). - JDK 1.6 or higher (java.sun.com). - Grammar specifications of PHP 5.3.

cravlAndBlock is simple java application that cravl error log file of Your web server and add all attacker IPs. I.E. All Modsecure entries, scans and so on. Every bad IP will be added to hosts.deny file with ALL prefix. For sure it will not block all atacks but it will help. How it works: use cron to start java cravlAndBlock.jar in the same folder add properties.xml (I addes sample properties.xml file). And thats all. Program will start from cron, read properties file and make...

At the moment NeSSi² is not actively maintained anymore since we are planning a successor project. NeSSi² is a network simulation tool suite addressing in particular network security aspects. Sample capabilities are profile-based attack generation, traffic analysis and support for attack/malware detection algorithm plugins.

CesTa (Code Enhancing Security Transformation and Analysis) is a tool for enhancing security by program transformations. Focused on Smart Cards (Java Card in particular), powered by Ant, ANTLR and StringTemplates.

DAD is a Windows event log and syslog management tool that allows you to aggregate logs from hundreds to thousands of systems in real time. DAD requires no agents on the servers or workstations. Correlation and analysis is driven through a web front end.

Black scalpel is an advanced graphical (Swing gui) security and analysis tool written in Java, C and Assembler (platform independent). Current stage is early alpha, many features are still missing. Use SVN!

A very simple file encryption tool. Release 1 is a text editor that saves encrypted files. Release 1.1 will include the ability to convert any file, even binary, to a GEF (Gulosh Encrypted File). Release 2.0 brings the strong encryption into play.

A suite of source and binary programs to test the capabilities of code analysis tools. A reference implementation of x86 binary analysis in C# is also included.

The High Interaction Honeypot Analysis Toolkit (HIHAT) allows to transform arbitrary PHP applications into a web-based Honeypot. A semi-automatic user interface supports the analysis process, scans for attacks etc.

This project provides a simple Java-based steganography tool that can hide a message inside a 24-bit colour image so that knowing how it was embedded, or performing statistical analysis, does not make it any easier to find the concealed information.

epacrypt is a tool to encrypt and decrypt plaintext and binary data using different encryption algorithms which can be chosen from a list.

Simple and Useful set of software and hardware that monitors ScanLog and Network activity (LAN/WAN)

Uberviewer is a java/swt log processor for Uberlogger (a kernel-based observatory). It allows real-time analysis of a remote OS, including process and I/O monitoring. This tool is intended to be helpful for security researchers and malware analysts.

GPP is a General Purpose Proxy Java graphical application intended mainly for packet inspection and modification. It's main idea is to be a little user-friendly portable man-in-the-middle tool for security analysis. Later, some protocols should be added

Web Server Protection and Analysis Tool

WEBsent is a web service test and performance tool. It offers the user, via a client site hypertext browser, some tools and tests to check the performance and validity of his/her web server. WEBsent is designed to monitor webpages, content accessibility

KF Checker infers information flow rules from source code. The rules obtained in this way are used to create a theory which it then exploited to prove that information flow policies are respected.