Unicornscan is an information gathering and correlation engine. It was designed to provide an engine that is scalable, accurate, flexible, and efficient. Unicornscan is an attempt at a user-land distributed TCP/IP stack. It is intended to provide a researcher with a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network.
SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and syncronize all sensor configurations.
Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attackers' IP addresses into the ipfw2 table, effectively blocking them. Addresses are automatically removed from the table after specified amount of time. Bruteblock uses regular expressions to parse logs, which gives it enough flexibility to be used with almost any network service. Bruteblock doesn't use any external programs and works with ipfw2 tables via the raw sockets API.
PyKCS11 is a PKCS#11 wrapper for Python. It lets you access almost all PKCS#11 functions and data types using any PKCS#11 library, such as the various modules supplied by smartcard vendors. It comes with two interfaces: a low level and very thin interface over the original PKCS#11 API, generated using the SWIG compiler (designed for library tests), and a high level interface that offers simpler access (with few limits) to the PKCS#11 APIs.
The Subukan Sensor is a complete Network Intrusion Detection System (NIDS) platform. It is not simply an application one can install on an existing operating system. Rather, Subukan is a total software solution including both an operating system and a unique compilation of security tools. It is based on a single file image or firmware that transforms almost any hardware equipment into a fully functional NIDS appliance. Appliance- based technology simplifies administration and provides the capability for remote upgrades.
OpenOTP is an implementation of the HOTP protocol using a ZeitControl Cardsystems ZC3.9 BasicCard and standalone balance reader, standalone Spyrus PAR2 (Personal Access Reader), or PCSC-Lite supported smart card reader. Included is a C library implementation of the HOTP protocol and associated user database management, HOTP PAM library, OpenVPN plug-in module, micro RADIUS server with HOTP support, and utilities for managing the smart card, Spyrus reader, and host side HOTP user database. The PCSC-Lite API provides reader support for smart card management.