Multi Threaded TCP Port Scanner allows you to scan 65535 TCP ports on an IP address. You can specify how many threads to run and the timeout. Furthermore, it will tell you the MAC address of the target and the services that are running. You can scan IP addresses on your network and find out which open ports you have.
Xtract attempts to demonstrate how Wireshark's powerful network traffic analysis capabilities can be combined with the file carving capabilities of programs such as Foremost and NetworkMiner in a manner that is portable and extensible (hence the choice of Perl). Specifically, it offers automated extraction of network stream sessions; visualization of networks via GraphViz; and integration of file carving capability. The scripts are intended as a proof-of-concept for how tedious tasks of reassembling TCP/UDP streams from network capture files and file carving based on these streams can be automated.
Nfsight is a Netflow processing and visualization application designed to offer a comprehensive network awareness solution. Developed as a Nfsen plugin, it constructs bidirectional flows from unidirectional flows and leverages these bidirectional flows to provide client/server identification.
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
Ostinato is a network packet and traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. It features custom packet crafting with editing of any field for several protocols: Ethernet, 802.3, LLC SNAP, VLAN (with Q-in-Q), ARP, IPv4, IPv6, IP-in-IP a.k.a IP Tunneling, TCP, UDP, ICMPv4, ICMPv6, IGMP, MLD, HTTP, SIP, RTSP, NNTP, etc. It is useful for both functional and performance testing.
Qosmos NI_DUMP (“Network Intelligence Dump”) is Linux-based tool inspired by the popular tcpdump, enabling you to read, print, or save packet data related to traffic traveling over your network. Qosmos NI_DUMP is a light and versatile packet capture tool that recognizes 120 of the most commonly used protocols and applications, including SMTP, HTTP, MySQL, and NFs. This represents a small but useful sample of the full Qosmos Protocol Portfolio, comprising over 300 protocols and 4000 metadata. Unlike conventional packet dump tools, Qosmos NI_Dump can identify protocols using non-standard TCP or UDP ports, and incorporates an easy-to-use advanced filter expression language that enables users to zoom in on data of most interest to them, such as FTP transfers matching a particular filename or HTTP requests containing a particular keyword.
RedWolf is a security threat simulator that tests security system effectiveness. Its threat generation capabilities include email, IM, malware, P2P, social networking, VoIP, DDoS, and many more. The guiding philosophy is that by generating realistic scenarios in a wide variety of categories, an auditor or organization can assess the effectiveness of network defenses. The scenario suite allows one to verify compliance with PCI-DSS, Sarbanes-Oxley, or HIPAA controls. RedWolf helps identify data loss risks and provides expert recommendations concerning risk mitigation. It reports present findings, recommendations, best practices, and blocking guidance in a straightforward, easily readable format. RedWolf also acts as a 'Red Team' agent, running drills to measure the readiness of your operations staff.
Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.
UDP Test is a simple UDP server and client bundled into a single script. It is designed to be used as a network testing tool, and it detects packet loss and corruption. UDP is a lossy network transport in that UDP packets may be dropped if there is not enough capacity to send them. UDP is typically used in real-time scenarios such as voice and video chat. udptest.rb is designed to be as simple as possible. It bounces small packets from the client to the server and back again. If the packet checksum is incorrect at any point, the script exits with an error. This type of script is designed to detect faulty hardware and errors in configuration, as well as network performance.