RSS 31 projects tagged "Security"

Download Website Updated 06 Jun 2013 Moscrack

Screenshot
Pop 80.50
Vit 6.02

Moscrack is a WPA cracker for use on clusters. It supports MOSIX, SSH, and RSH connectivity and works by reading a word list from STDIN or a file, breaking it into chunks, and passing those chunks off to separate processes that run in parallel. The parallel processes are then executed on different nodes in your cluster. All results are checked and recorded on your master node. Logging and error handling are taken care of. It is capable of running reliably for long periods of time, without the risk of losing data or having to restart. Moscrack uses aircrack-ng by default. Pyrit for WPA cracking and Dehasher for Unix password hashes are supported via plugins.

No download No website Updated 05 Sep 2010 TCP Input Text

Screenshot
Pop 18.87
Vit 36.41

"TCP Input Text" extracts TCP ports and fully qualified domain names (FQDN) from search results into a .csv file and individual shell scripts for nmap and nc (a.k.a. netcat) to provide assurance of a listening TCP service since the time that has passed of the last crawl performed by the search engine.

No download No website Updated 21 Nov 2010 skipfish

Screenshot
Pop 62.64
Vit 1.55

skipfish is a high-performance, easy, and sophisticated Web application security testing tool. It features a single-threaded multiplexing HTTP stack, heuristic detection of obscure Web frameworks, and advanced, differential security checks capable of detecting blind injection vulnerabilities, stored XSS, and so forth.

Download Website Updated 17 Feb 2010 htrosbif

Screenshot
Pop 23.83
Vit 1.45

htrosbif is a tool that actively probes an HTTP server. It prods the Web server in all sorts of old, new, basic, fancy, spec-compliant, and spec-breaking ways. It tries to characterize both the well-spoken educated responses and the seriously deviant babble it receives in return. Signatures contain no user data, only header names and HTTP-level quirks. As a useful side effect, this might detect reverse proxies, HTTP load balancers, intrusion prevention systems, and Web application firewalls.

Download No website Updated 11 Jan 2011 graudit

Screenshot
Pop 80.68
Vit 3.35

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Download Website Updated 05 Sep 2008 TCL2FTP

Screenshot
Pop 25.46
Vit 1.00

TCL2FTP is an extension library for Tcl scripts which allows Tcl programs to perform FTP client and gateway actions. It fully supports the FTP/FXP protocols, is ready for use with SSL/TLS, and is compatible with glFTPd. It can run simple FTP commands, and it supports 25 simultaneous FTP sessions.

Download Website Updated 13 May 2009 ratproxy

Screenshot
Pop 36.62
Vit 3.07

ratproxy is a semi-automated, largely passive Web application security audit tool optimized for accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex Web 2.0 environments.

Download Website Updated 19 Jun 2008 tmin

Screenshot
Pop 17.78
Vit 1.43

tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.

Download Website Updated 21 May 2008 Bunny the Fuzzer

Screenshot
Pop 41.86
Vit 2.09

Bunny the Fuzzer is a closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. It uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data.

Download Website Updated 04 Jan 2013 Paperkey

Screenshot
Pop 81.95
Vit 5.50

A reasonable way to achieve a long term backup of OpenPGP (GnuPG, PGP, etc) keys is to print them out on paper. Due to metadata and redundancy, OpenPGP secret keys are significantly larger than just the "secret bits". In fact, the secret key contains a complete copy of the public key. Since the public key generally doesn't need to be backed up in this way (most people have many copies of it on various keyservers, Web pages, etc), only extracting the secret parts can be a real advantage. Paperkey extracts just those secret bytes and prints them. To reconstruct, you re-enter those bytes (whether by hand or via OCR), and paperkey can use them to transform your existing public key into a secret key.

Screenshot

Project Spotlight

Mozilla Firefox

A Mozilla-based browser.

Screenshot

Project Spotlight

GNOME Commander

A GNOME based filemanager.