aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
bandwidthd tracks usage of TCP/IP network subnets and builds HTML files with graphs to display network utilization. Charts are built by individual IP to show their utilization over 2, 8, 45, and 400 day periods. It color codes HTTP, HTTPS, TCP,UDP, ICMP, VPN, and P2P traffic. Unlike MRTG, it tracks each individual IP address and subnets, not the status of any particular link. Static mode is fast and easy to set up and has few dependencies. Database mode supports filtering by subnet, multiple sensors, custom reports and intervals, and can process thousands of IPs efficiently. Network utilization can be logged in CDF or a backend database.
sipsak is a command line tool for performing various tests on Session Initiation Protocol (SIP) applications and devices. It can make several different tests, send the contents of a file, and interpret and react on the responses. It supports (de-) registration with given contact URIs and digest authentication.
LBackup is a simple backup system aimed at systems administrators who require reliable backups with minimum fuss. It is configured with configuration files, and the backup is started from the command line. It has been tested for over 10 years. Backups can be to local media, or to remote media via one or more networks. The networks may be private LANs, WANs, or sets of untrusted public networks such as the Internet.
Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or "drilled-down" all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.
Weplab is a tool to review the security of WEP encryption in wireless networks from an educational point of view. Several attacks are available, so it can measure the effectiveness and minimum requirements of each one. Currently, weplab supports several methods, and it is able to crack the WEP key from 600,000 encrypted packets.
coNCePTuaL is a domain-specific programming language for rapidly generating programs that measure the performance and/or test the correctness of networks and network protocol layers. A few lines of coNCePTuaL code can produce programs that would take significantly more effort to write in a conventional programming language.
MediaTomb is a UPnP media server with a nice Web user interface. It allows you to stream your digital media through your home network and play it on a variety of UPnP compatible devices. MediaTomb implements the UPnP MediaServer 1.0 specification. The current implementation focuses on parts that are required by the specification. MediaTomb should work with any UPnP compliant MediaRenderer.
NetConnect is a command line tool for automating the login process to routers, switches, or UNIX hosts and any intermediate devices or proxies in the path. It does this by using credentials supplied within a configuration file. It also allows users to run Perl based scripts on a single device or devices in parallel to automate tasks. Although it was originally designed around Cisco routers and switches, it can be extended to work with any CLI based device by specifying custom prompts that different devices use. It works well with Cisco routers and switches as the concepts around "enable" mode and the corresponding syntax of the prompt are contained within the source. Devices can be stored within your configuration file, so you are able to connect to devices using a portion of their name (using regular expressions) as opposed to having to remember IP addresses or full DNS names.
mwcollect is an easy solution to collect worm-like malware in a non-native environment like FreeBSD or Linux. The first versions were used to collect binaries for botnet monitoring, and bots are still what it is mostly collecting. Some people consider it a next generation honeypot; however, that comparison often leads to the misunderstanding that computers running mwcollect can actually be infected with the malware, which is not the case.