Open Source Python Security Software - Page 15

Kojoney is an easy of use, secure, robust and powerfull Honeypot for the SSH Service written in Python. With the kojoney daemon are distributeds other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log fi

Konfidi is a trust framework that uses topical trust values from a social network of authenticated people. When you receive an email from someone you do not know, but he/she is in the network, Konfidi will compute an inferred trust value for you.

Because of my diplom thesis now, i wont update my little project very often :(

Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies. Furthermore, it comprises the ability to see some components of Kubernetes infrastructure and provides visualized attack paths of how hackers can advance their attacks.

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

A Python/Gtk application to manage groups of users stored in an LDAP database, using data from X509 certificates imported from files or LDAP servers maintained by certificate authorities. These groups are used to create grid-map files used by the Globus

Get Control of your LAN from Linux. Control unauthorized WIFI access. Attacks available to unauthorized hosts. Works from Linux Console.

This is a steganogric program that uses images last bits to hide information ( files ). It can crypt data with a rotation and a xor key.

libgcrypt-py is a Python wrapper around the libgcrypt cryptographic library. It supports functionality/algorithms that are supported by libgcrypt, including Symetric Ciphers (3DES, AES, Twofish, Blowfish), Cryptographic Hashing (MD5, SHA1, RIPE-MD160), P

lshell is a shell coded in Python, that lets you restrict a user's environment to limited sets of commands, choose to enable/disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restriction, and more.

LinSIeVe is a System Integrity Verifier for Linux kernel code and read-only data.

Linux Security related programs, scripts and utilities that will hopefully help you secure and keep secure your Linux System(s).

LinuxSA is a Python project that scans a remote or a local Linux machine for security vulnerabilities and then creates a report of the findings. The scan is read-only and no modifications are made to the target system.

This is a program that watches your system log files, looking for hack attempts. It instanty reacts to potential security breaches by (for instance) adding firewall rules to cut off the attacker.

Development area for GNU/Linux 2.6.x for the KS8695 ARM SoC. Covers kernel patches, drivers for serial, Ethernet, PCI, GPIO, watchdog subsystems, and drivers for optional PCI based devices such as USB, WiFi, WiMAX, IPSec, SSL, and RSA devices.

MINI is a secure service discovery protocol for the M2MI ad-hoc networking library and written in Java (and soon, Python).

MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely rewritten from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what better filters did, only better), allowing users to modify any type of traffic or protocol. The configuration file can be edited on-the-fly while MITMf is running, the changes will be passed down through the framework.

There are many password management applications out there, but they all lack a password generator which can create passwords a human can remember easily. PassGen fills this gap with a wide variety of possible password it can create. Among passwords consisting of random letters, numbers and punctuations it can also generate mnemonic passwords consisting of words, numbers and punctuations. These kind of password are also hard to guess, but much more easy to remember for a human brain.

MailCleaner Open Source Edition is now discontinued but will continue under the spamtagger project https://github.com/SpamTagger [antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine templates.. - fully compatible with any SMTP mail server (Exchange, Zimbra, O365,...)

Mailchecker will (in time) check mail for 'safe' content. 'unsafe' content (e.g. attachments that may contain viruses) will be stopped or converted to 'safe' formats.

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs).

Malware Analysis Network in Taiwan <Man in Taiwan, MiT> Welcome to contact us (TonTon@TWMAN.ORG) if you are interested in collaborating with us. This project is open source and distributed under the GNU General Public License version 3. Please feel free to add to or modify this source and propose changes or new converters. Developer & Copyrighted by : TonTon Hsien-De Huang Prompter: Jazz Yao-Tsung Wang, Figaro Chen-Ho Yang | Logo Desinger:Temaki Guo Community on Google+：http://X.TWMAN.ORG/Community/ SourceForge: https://sourceforge.net/projects/twmanplus/files/ FaceBook: https://www.facebook.com/TWMAN.PLUS

Adobe Malware Classifier is a command-line tool that lets antivirus analysts, IT administrators, and security researchers quickly and easily determine if a binary file contains malware, so they can develop malware detection signatures faster, reducing the time in which users' systems are vulnerable. Malware Classifier uses machine learning algorithms to classify Win32 binaries – EXEs and DLLs – into three classes: 0 for “clean,” 1 for “malicious,” or “UNKNOWN.” The tool was developed using models resultant from running the J48, J48 Graft, PART, and Ridor machine-learning algorithms on a dataset of approximately 100,000 malicious programs and 16,000 clean programs. The tool extracts seven key features from an unknown binary, feeds them to one of the four classifiers or all of them, and presents its classification of the unknown binary.

Malybuzz is a multiprotocol and stateful network fuzzer to check the security of applications. Thanks to Malybuzz some new vulnerabilities have been discovered.

A reverse HTTP shell to execute commands on remote machines behind firewalls. Once you run the script on the target machine, it periodically polls its designated server for commands to execute. Traffic traverses firewall as outgoing GET/POST requests.