Username-Anarchy is a commandline tool for the generation of usernames based on the users' real names. This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users’ names. By attempting a few weak passwords across a large set of user accounts, user account lockout thresholds can be avoided. Common aliases (or self-chosen usernames) from forums are also included. Features include a plugin architecture, format string-style username formats, and substitutions. When only a first initial and lastname is known (LinkedIn lists users like this), it will attempt all possible first names, common first and last names from various countries (from Familypedia and PublicProfiler), and an exhaustive list of first and lastnames from Facebook. This also includes usernames scraped from forums, ordered by popularity.
StopHack is a simple to use and easy to install intrusion prevention system. It is fully adaptable and easily customized to your environment. It is built on top of proven bandwidth arbitration technology so the traffic passing through it won't be slowed down. Every packet is analyzed with regular expression-based behavior anomaly detection, and hackers are blocked immediately. It prevents reflected cross-site scripting, SQL injection, directory traversal, reflected URL redirects, login brute forcing, remote shell execution, and more.
geoipgen is an IP network tool for generating geotargeted lists of IP addresses using MaxMind's GeoLite Country database. It can randomly enumerate all IP addresses or a specified number of IP addresses in a particular country or a list of countries. For example, to get all IPs for Japan in a random order, use "geoipgen jp". For a sample of 10,000 IPs from Australia and New Zealand, use "geoipgen -n 10000 au nz".
nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. You can use it to start, stop, pause, and resume scans. It lets you watch progress and status of scans, download reports, etc. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.
PRADS is a "Passive Real-time Asset Detection System". It passively listens to network traffic and gathers information on hosts and services it sees. This information can be used to map your network, letting you know what services and hosts are alive and used. It can also be used together with your favorite IDS/IPS setup for "event to host/service" correlation. It can help you make sure that your inventory database is up to date. PRADS commes in two versions. One written in Perl, and one written in C. Some features might only be found in one of the versions.