Open Source C System Software - Page 2

AirSnort is a wireless LAN (WLAN) tool which cracks encryption keys on 802.11b WEP networks. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.

Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

ESP8266 firmware for performing deauthentication attacks, with ease. Wi-PWN is a firmware that performs death attacks on cheap Arduino boards. The ESP8266 is a cheap microcontroller with built-in Wi-Fi. It contains a powerful 160 MHz processor and it can be programmed using Arduino. A deauthentication attack is often confused with Wi-Fi jamming, as they both block users from accessing Wi-Fi networks. The 802.11 Wi-Fi protocol contains a so-called deauthentication frame. It is used to disconnect clients safely from a wireless network. Because these management packets are unencrypted, you just need the MAC to address of the Wi-Fi router and of the client device which you want to disconnect from the network. You don’t need to be in the network or know the password, it’s enough to be in its range. With the 802.11w-2009 updated standards, management frames are encrypted by default.

WipeFreeSpace is a program to securely erase/wipe/overwrite/shred the free space on file systems WITHOUT DESTROYING EXISTING FILES, to prevent recovery of deleted sensitive data. This allows protecting the user's privacy when e.g. selling the drive or the whole computer. The following filesystems are supported: - Ext2/3/4, - NTFS, - XFS, - ReiserFSv3/4, - FAT12/16/32, - MinixFS1/2, - JFS, - HFS/HFS+, - OCFS. The following wiping methods are supported: Gutmann-like, random, Schneier, DoD. Additionally, WipeFreeSpace can finalize wiping the filesystem by writing blocks of zeros, which is friendly for sparse files, virtual systems and other places where zeroed-out space is not physically allocated. See the project homepage https://wipefreespace.sourceforge.io and the project Wiki in the menu above. To prevent clear-text data from being left on the drive in the first place, you can use LibSecRm (https://libsecrm.sourceforge.io), which wipes the data on-the-fly.

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.

Logsurfer is a program for monitoring system logs in real-time, and reporting on the occurrence of events. It is capable of grouping information together to enhance loganalysis and create automatic reports.

The Full Stack Computer Scanner by KCJ Tech Solutions is a Windows-based diagnostic application (proprietary freeware) designed to provide broad, read-only system visibility. It uses built-in Windows capabilities to surface meaningful diagnostic information across multiple system layers. To support transparency and independent evaluation, the project includes clear documentation, architecture disclosure, and detailed explanations of each scan area. For users who want expert interpretation of the results, an optional paid written diagnostic report is available based on the scanner’s findings. This fee helps support ongoing development, maintenance, and long-term availability of the tool. Email contact is provided below for diagnostic report inquiries. Thank you, KCJ Tech Solutions Email: computerscannerapp@gmail.com

SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.

What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".

Untangle is a Linux-based network gateway with pluggable modules for network applications like spam blocking, web filtering, anti-virus, anti-spyware, intrusion prevention, bandwidth control, captive portal, VPN, firewall, and more. Visit http://untangle.com

HT is a file editor/viewer/analyzer for executables. The goal is to combine the low-level functionality of a debugger and the usability of IDEs. We plan to implement all (hex-)editing features and support of the most important file formats.

tcpick is a textmode sniffer; it tracks tcp streams, shows the status, reassembles and saves the data captured in files or displays them in the terminal in different modes (ascii, hex..). There is a color-mode. Useful to get files passively.

The GlobalPlatform card specification is a standard for the management of the contents on a smart card. Mainly this comprises the installation and the removal of applications. This project offers a C library and a command line shell. Find more information on https://kaoh.github.io/globalplatform/

srm (secure rm) is a command-line compatible rm(1) which overwrites file contents before unlinking. The goal is to provide drop in security for users who wish to prevent recovery of deleted information, even if the machine is compromised.

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.

BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners.

tcpreplay is a suite of tools to edit and replay captured network traffic.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

jpcap is a set of Java classes which provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. jpcap utilizes libpcap, a widely deployed system library for packet capture.

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

Netdiscover is a network address discovering tool that was developed mainly for those wireless networks without DHCP servers, though it also works on wired networks. It sends ARP requests and sniffs for replies.

IBM's Software Trusted Platform Module (TPM) includes a TPM 1.2 implementation, low level demo libraries and command line tools, a TPM test suite, and proxies to connect from a TCP/IP socket to a hardware TPM. tpm4769 is the latest version, with TPM side support for OpenSSL 1.1. The utilities and test suite have not been ported to OpenSSL 1.1. They remain at 1.0. For the SW TPM 2.0, see https://sourceforge.net/projects/ibmswtpm2/. TPM 1.2 and TPM 2.0 are not software compatible.

ngrep strives to provide most of GNU grep's common features,applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. SUPPORT/REPORTING BUGS: please use https://github.com/jpr5/ngrep/issues Thank you!

BitVisor is a tiny hypervisor initially designed for mediating I/O access from a single guest OS. Its implementation is mature enough to run Windows and Linux, and can be used as a generic platform for various research and development projects.