AntiJOP is an anti-malware solution that recodes assembly language to remove JOP attack gadgets. JOP attacks on x86 often hinge on the availability of 0xFF bytes in preexisting code, which can be co-opted to serve as register-indirect call instructions. AntiJOP removes instances of 0xFF bytes that may exist, for example, in immediate values, MOD/RM bytes, etc.
HAVEGE (HArdware Volatile Entropy Gathering and Expansion) is a user-level software unpredictable random number generator for general-purpose computers that exploits modifications of the internal volatile hardware states as a source of uncertainty. It combines on-the-fly hardware volatile entropy gathering with pseudo-random number generation. The internal state includes thousands of internal volatile hardware states and is merely unmonitorable. It can support several hundreds of megabits per second on current workstations and PCs.
The ELF-Encrypter program suite is a collection of programs to encrypt ELF binaries using various algorithms, including the ones provided by GPG. One can choose a lot of methods to obtain the encryption key, such as hashing a list of PCI peripheals, MAC addresses of ethernet cards, file inode numbers, passphrases and passwords. The suite also contains programs to manipulate and inject plain or encrypted code into ELF binaries.
Unicornscan is an information gathering and correlation engine. It was designed to provide an engine that is scalable, accurate, flexible, and efficient. Unicornscan is an attempt at a user-land distributed TCP/IP stack. It is intended to provide a researcher with a superior interface for introducing a stimulus into and measuring a response from a TCP/IP enabled device or network.
The Torque Network Library is a robust, secure, and easy-to-use cross-platform C++ networking API designed for high performance simulations and games. It features a UDP- based connection architecture with DoS prevention functionality, different types of data guarantee, bit stream compression, server object replication and updating, and a simple, highly space efficient RPC mechanism. It includes a deterministic application journaling replay function for eliminating hard to find networking bugs.
Eckbox is van Eck Phreaking tool that interprets a radio signal emanating from a computer's monitor to recreate the image (in black and white) that is displayed on it. It could be used as a valuable security tool for testing otherwise secure computers or for developing hardware and software to counter this type of remote shoulder-surfing. It is not intended to be used for illegal purposes, and includes information on the hardware required.
crypt_blowfish is an efficient implementation of a modern password hashing algorithm, based on the Blowfish block cipher, provided via the crypt(3) and a reentrant interface. It is compatible with bcrypt as used in OpenBSD. It is adaptable to future processor performance improvements, allowing you to arbitrarily increase the processing cost of checking a password while still maintaining compatibility with your older password hashes. The hashes it produces are several orders of magnitude stronger than traditional Unix DES-based or FreeBSD-style MD5-based hashes.
Fenris is a multipurpose tracer, debugger, and code analysis tool that detects and documents high-level language constructions, can recover symbols, graph program execution flow, detect internal functions, recover symbol tables, and deal with anti-debugging protection. It features a command-line interface as well as a SoftICE-alike GUI and Web frontend.