Angst is an active sniffer, based on libpcap and libnet. It dumps into a file the payload of all the TCP packets received on the specified ports. It implements two methods for active sniffing. Angst is able to monitor ARP requests, and after enabling IP forwarding on the local host, it sends ARP replies mapping all IPs to the local MAC address. Also, it can flood the local network with random MAC addresses (like macof), causing switches to send packets to all ports.
Astaro Portscan Detection is a netfilter target which will attempt to detect TCP and UDP port scans and log them to syslog. This target is based upon Solar Designer's scanlogd. It suppports mutliple levels of logging, custom prefixes for entries, weighted total port scan detection, and port scan temporal spread detection.
audio-entropyd feeds the /dev/random device with entropy data read from an audio device. The audio data is not copied as is, but first 'de-biased' and analyzed to determine how many bits of entropy are in it. This program is useful for systems doing many cryptographic tasks like VPN endpoints or GPG clients; it helps prevent the /dev/random device from being depleted and blocking reads.
Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.
Automated Password Generator is a set of tools for random password generation including a standalone password generator, an RFC972 password generation server, and a Perl client for the password generation server. These feature a built-in X9.17 random number generator, and 35 modes of password generation, including pronounceable password generation.
BFBTester is good for doing quick, proactive security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. It can also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names.
Big Brother is a combination of monitoring methods. Unlike SNMP where information is just collected and devices polled, Big Brother is designed in such a way that each local system broadcasts its own information to a central location. Simultaneously, Big Brother also polls all networked systems from a central location. This creates a highly efficient and redundant method for proactive network monitoring.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.
CDSA stands for Common Data Security Architecture. It provides a security framework that includes cryptographically signed modules to present an abstracted unified API to the application developer to perform cryptographic and security related operations. It also includes hardware support for cryptographic tokens and biometric devices, such as thumbprint scanners. Intel has implemented the CDSA 2 specification and released it as open source.