Chaosmap is an information gathering tool and DNS, Whois, and Web server scanner. It can be used to look up DNS names with a dictionary with or without using a salt. Salting for DNS means it will append numbers from 1-9 to the name in the dictionary with or without a - and _ or a leading 0. Salting for Web stuff will try double slashes and some directory traversal tricks. It performs reverse DNS lookups of a whole IP range (with optional Whois lookup) and dictionary scans for hidden paths on one Web server or a range of IP addresses. Optionally you can encode a path with URL encoding use Google dict lookup mode to find the path on Google and only query the Webserver if there are no search results. It can also extract email addresses from domains using a Google search or perform a list of Google Hacking queries on your domain.
GraphInsight is visualization software that lets you explore graph data through high quality interactive representations. Data exploration and knowledge extraction from graphs is of great interest nowadays: knowledge is disseminated in social networks, and services are powered by cloud computing platforms. Data miners deal with graphs every day. Humans are extremely good at identifying patterns and outliers. Interacting visually with your data can give you better intuition and higher confidence in what you are looking for.
JavaCrontab is a local area network scanning tool. It scans for operating systems, MAC address, IP address, open ports, et cetera for all devices in your LAN and saves the data in a local MySQL database. It is meant to be automatically started by the crontab software every evening.
Xtract attempts to demonstrate how Wireshark's powerful network traffic analysis capabilities can be combined with the file carving capabilities of programs such as Foremost and NetworkMiner in a manner that is portable and extensible (hence the choice of Perl). Specifically, it offers automated extraction of network stream sessions; visualization of networks via GraphViz; and integration of file carving capability. The scripts are intended as a proof-of-concept for how tedious tasks of reassembling TCP/UDP streams from network capture files and file carving based on these streams can be automated.
Nfsight is a Netflow processing and visualization application designed to offer a comprehensive network awareness solution. Developed as a Nfsen plugin, it constructs bidirectional flows from unidirectional flows and leverages these bidirectional flows to provide client/server identification.
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.