Open Source OpenBSD Security Software

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Development has been moved to GitHub, https://github.com/Ettercap/ettercap

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.

DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN. Runs on TCP. Works pretty much everywhere, including on public WiFi where only TCP/443 is open or reliable. Uses only modern cryptography, with formally verified implementations. Small and constant memory footprint. Doesn't perform any heap memory allocations. Small (~25 KB), with an equally small and readable code base. No external dependencies. Works out of the box. No lousy documentation to read. No configuration file. No post-configuration. Run a single-line command on the server, a similar one on the client and you're done. No firewall and routing rules to manually mess with. Doesn't leak between reconnects if the network doesn't change. Blocks IPv6 on the client to prevent IPv6 leaks. Works on Linux (kernel >= 3.17), macOS and OpenBSD, as well as DragonFly BSD, FreeBSD and NetBSD in client and point-to-point modes. Adding support for other operating systems is trivial.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.

Calypso is a file sharing client using the anonymous network MUTE. Developped using C++ and Qt. For windows and linux, portable to other environments.

kaos.theory's Anonym.OS LiveCD is a bootable live cd based on OpenBSD that provides a hardened operating environment whereby all ingress traffic is denied and all egress traffic is automatically and transparently encrypted and/or anonymized.

HPN-SSH is a series of performance patches for OpenSSH. By addressing network limitations and CPU limitations significant throughput performance can be realized. Gains of close to two orders of magnitude are possible on long fat network paths. The official git repo is now available at http://github.com/rapier1/openssh-portable. The Sourceforge repository should not be seen as the canonical repository for HPN-SSH. We will update it as we can but users should look to github to generate patches We also support Ubuntu packages. Add them to your package manager with `sudo add-apt-repository ppa:rapier1/hpnssh` Fedora RPMs can be added with, `sudo dnf copr enable rapier1/hpnssh`

Wraith is an open source IRC bot written in C++. It has been in development since late 2003. It is based on Eggdrop 1.6.12 but has since evolved into something much different at its core.

GoldBug is a decentralized & secure communication suite that offers an integrated e-mail client, an instant messenger & a file transfer. Also included is an URL-RSS-DB & a p2p web search. Current vers. w/ McEliece Algorithm. GoldBug has been 2013 - 2023 ten years just another Graphical User Interface of the Spot-On Encryption Suite. Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ● https://sourceforge.net/p/goldbug/wiki/compiling As Spot-On implemented the minimal GB-concept & Nuvola Icons, GoldBug has now been fully integrated into Spot-On Win64: Just choose Tabs at East & Mini-View in Options - w/ Nuvola Icons of course! Voilá! & Many Thanks, Pro-Files can be found archived at ● current source: https://github.com/textbrowser/spot-on ● EN Manual: https://www.amazon.com/dp/3749435065 ● DE: https://compendio.github.io/goldbug-manual-de/ ● Study: https://www.amazon.com/asin/dp/3750408971

Gobbler: A tool to audit DHCP networks Includes DHCP rogue server detection, DHCP DoS, distributed spoofed port scanner using DHCP to obtain many source IP addresses, mulitple arp scans, filtered port detection, spoofed OS detection (nmap + port 0)

Kernel drivers and support ports to use "Trusted Platform Modules" on FreeBSD and OpenBSD

This script is capable of cracking multiple hashes from a CSV-file like e.g. dumps from sqlmap. Over 17.000 md5-hashes in a CSV-file get cracked with a 14.300.000 lines wordlist in less then 1 min. Lines wich cant get cracked with the wordlist get stored in a .leftToCrack-File to further process with another Wordlist or the bruteforce-tool. In addition to the wordlist-cracker I created also a bruteforce-tool named CSVHashBrutforcer.

The Neighbor Discovery Protocol Monitor (NDPMon) is used by Internet Protocol version 6 network administrators for monitoring ICMPv6 packets. NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration. When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection. NDPMon also maintains up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits to track the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enable (default behavior in Ubuntu and Windows for example).

antigift could be used for encryption files & folders on USB-flash or HDD partition. Works on Linux (including Android), Windows, Mac OS X, FreeBSD, DragonFly BSD and other on OSes. Do not required installation. Include WIPE tool for wiping free space and tool for recovery forgotten key. See documentation at http://sourceforge.net/p/antigift/wiki/Home/ antigift простой и кросс-платформенный инструмент для шифрования файлов и папок(с ccrypt в качестве основы) Подробности см. на страничке с русской документацией http://sourceforge.net/p/antigift/wiki/rus/

Reveal Rootkit detects processes hidden by rootkits. It is intended to run out of cron or similar services on a regular base and avoids verbose output as long as nothing was found. It's fast and shouldn't produce false positives. Reveal RootKit is tested mainly on Linux but should work on other POSIX systems with a /proc filesystem, too.

A set of tools, many written in C, to deal with BRO (www.bro.ids.org). and its working environment.

Campagnol is a decentralized VPN over UDP tunneling. It uses UDP hole punching to open connections through NAT/firewall and OpenSSL's DTLSv1 implementation for mutual authentication and encryption.

Protection by an optimized hosts file. Over 29300 DNS entires against Tracking, Adware, Spyware, Viruses, Popups and Redirecting. For more security and privacy. Points the insecure domains to the localhost that they don't get resolved by DNS Servers

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the "naughty" hosts for a given amount of time using pfctl.

Introduction Sudoscriptd/sudoshell are a pair of Perl scripts that provide an audited shell using sudo(8) and script(1).

“garuda” is an intrusion detection system against wireless threats. It is a progressive proof of concept project to ward off wireless threats such as war-drivers, rogue AP, wifi DoS and MAC spoofing attacks. Please enjoy and we welcome your volunteerism.

pam_mount is a Pluggable Authentication Module that can mount volumes for a user session (login). Supports mounting local filesystems of any kind the normal mount utility supports, with extra code to better support CIFS, FUSE, various crypto, and more.

This is a list of advertising domains that can be used with a proxy server to remove unwanted advert traffic from the network. This list is directly compatible with tinyproxy, but may also work with other proxy servers.

Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.