Open Source OpenBSD Security Software

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Development has been moved to GitHub, https://github.com/Ettercap/ettercap

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

HPN-SSH is a series of performance patches for OpenSSH. By addressing network limitations and CPU limitations significant throughput performance can be realized. Gains of close to two orders of magnitude are possible on long fat network paths. The official git repo is now available at http://github.com/rapier1/openssh-portable. The Sourceforge repository should not be seen as the canonical repository for HPN-SSH. We will update it as we can but users should look to github to generate patches We also support Ubuntu packages. Add them to your package manager with `sudo add-apt-repository ppa:rapier1/hpnssh` Fedora RPMs can be added with, `sudo dnf copr enable rapier1/hpnssh`

kaos.theory's Anonym.OS LiveCD is a bootable live cd based on OpenBSD that provides a hardened operating environment whereby all ingress traffic is denied and all egress traffic is automatically and transparently encrypted and/or anonymized.

The Neighbor Discovery Protocol Monitor (NDPMon) is used by Internet Protocol version 6 network administrators for monitoring ICMPv6 packets. NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration. When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection. NDPMon also maintains up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits to track the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enable (default behavior in Ubuntu and Windows for example).

Calypso is a file sharing client using the anonymous network MUTE. Developped using C++ and Qt. For windows and linux, portable to other environments.

GoldBug is a decentralized & secure communication suite that offers an integrated e-mail client, an instant messenger & a file transfer. Also included is an URL-RSS-DB & a p2p web search. Current vers. w/ McEliece Algorithm. GoldBug has been 2013 - 2023 ten years just another Graphical User Interface of the Spot-On Encryption Suite. Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ● https://sourceforge.net/p/goldbug/wiki/compiling As Spot-On implemented the minimal GB-concept & Nuvola Icons, GoldBug has now been fully integrated into Spot-On Win64: Just choose Tabs at East & Mini-View in Options - w/ Nuvola Icons of course! Voilá! & Many Thanks, Pro-Files can be found archived at ● current source: https://github.com/textbrowser/spot-on ● EN Manual: https://www.amazon.com/dp/3749435065 ● DE: https://compendio.github.io/goldbug-manual-de/ ● Study: https://www.amazon.com/asin/dp/3750408971

This script is capable of cracking multiple hashes from a CSV-file like e.g. dumps from sqlmap. Over 17.000 md5-hashes in a CSV-file get cracked with a 14.300.000 lines wordlist in less then 1 min. Lines wich cant get cracked with the wordlist get stored in a .leftToCrack-File to further process with another Wordlist or the bruteforce-tool. In addition to the wordlist-cracker I created also a bruteforce-tool named CSVHashBrutforcer.

Introduction Sudoscriptd/sudoshell are a pair of Perl scripts that provide an audited shell using sudo(8) and script(1).

The WendzelNNTPd is a IPv6-ready NNTP usenet-server with the main goal to be as easy to use as possible. It is portable (Linux/*BSD/*nix), supports AUTHINFO authentication, contains ACL as well as role based ACL and supports invisible newsgroups. It currently supports MySQL and SQLite backends.

A simple DOS attack tool based on the public resources response time.

This is a list of advertising domains that can be used with a proxy server to remove unwanted advert traffic from the network. This list is directly compatible with tinyproxy, but may also work with other proxy servers.

Servlet container extensions that help web developers write full featured Java web applications.

IMPORTANT -- This is an old project that is no longer supported and should not be relied upon for serious applications. If your looking for encryption software, I suggest OpenSSL or GnuPG which are better equipped.

Snort2Pf is a small Perl daemon which greps Snort's alertfile and blocks the "naughty" hosts for a given amount of time using pfctl.

Gobbler: A tool to audit DHCP networks Includes DHCP rogue server detection, DHCP DoS, distributed spoofed port scanner using DHCP to obtain many source IP addresses, mulitple arp scans, filtered port detection, spoofed OS detection (nmap + port 0)

“garuda” is an intrusion detection system against wireless threats. It is a progressive proof of concept project to ward off wireless threats such as war-drivers, rogue AP, wifi DoS and MAC spoofing attacks. Please enjoy and we welcome your volunteerism.

Honeytrap is a network security tool written to observe attacks against network services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and uses plugins for automated analysis.

A resource-conscientious, flexible, modular, platform-independent, scalable and robust server based on ircd-ratbox.

sud is a daemon to execute interactive and non-interactive processes with special (and customizable) privileges in a nosuid environment It is based on a client/server model and on the ability to pass file descriptors between processes.

Anoubis is a Security Suite which implements a secured environment for applications. The core of the suite is an Application Firewall alongside with a Sandbox. Mechanisms to assure the authenticity of files, directories and applications are provided.

A set of tools, many written in C, to deal with BRO (www.bro.ids.org). and its working environment.

A Bash script for downloading and installing additional Clamav definition files.