Malheur is a tool for the automatic analysis of malware behavior (program behavior recorded from malicious software in a sandbox environment). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
Platform Independent Petri Net Editor (PIPE) creates and analyses Petri Nets quickly, efficiently, and effectively. A key design feature is the modular approach adopted for analysis, enabling new modules to be written easily and powerfully, using built-in data layer methods for standard calculations. Six analysis modules are provided, including Invariant Analysis, State-Space Analysis (deadlock, etc.), and Simulation Analysis and Classification. PIPE adheres to the XML Petri net standard (PNML). The file format for saving and loading Petri Nets is extensible through the use of XSLT, the default being PNML.
ACL2 is a mathematical logic, programming language, and mechanical theorem prover based on the applicative subset of Common Lisp. It is an "industrial-strength" version of the NQTHM or Boyer/Moore theorem prover, and has been used for the formal verification of commercial microprocessors, the Java Virtual Machine, interesting algorithms, and so forth.
Libecc is a C++ elliptic curve cryptography library that supports fixed-size keys for maximum speed. The goal of this project is to become the first free Open Source library providing the means to generate safe elliptic curves, and to provide an important source of information for anyone with general interest in ECC.
Kismet is an 802.11 layer 2 wireless network detector, sniffer, and intrusion detection system. It will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic (device drivers permitting). It identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of non-beaconing networks via data traffic.
Wiresoft ANA (Automated Network Agent), an Artificial Intelligence-based systems management service, automatically performs over 90% of Linux systems management tasks. It is a self-managing, self-learning system support service that provides constant maintenance and protection for Firegate Servers. ANA services include Software Updating and Integration, Intrusion Detection, Data Back-up and Disaster Recovery, Monitoring, and Alerting.
TNV (The Network Visualizer or Time-based Network Visualizer) depicts network traffic by visualizing packets and links between local and remote hosts. It is intended for network traffic analysis to facilitate learning what constitutes 'normal' activity on a network, investigating packet details and security events, or for network troubleshooting. It can open saved libpcap (from tcpdump, windump, ethereal, etc.) formatted files or capture live packets on the wire, and export data in libpcap format or save the data to a MySQL database to enable the examination of trends over time.
Virtual Ideal Functionality Framework is a framework for creating efficient and secure multi-party computations (SMPC). Players, who do not trust each other, participate in a joint computation based on their private inputs. The computation is done using a cryptographic protocol which allows them to obtain a correct answer without revealing their inputs. Operations supported include addition, multiplication, and comparison, all with Shamir secret shared outputs.
Scriptid is a program and a library that can be used to determine whether a given text file contains code of a specified programming language. The current release can tell whether a file contains vbscript or not. It should be possible to extend this to any number of other languages. It is important to also download the latest neural network weights update file.
MCS MyRoute helps diagnose connectivity problems with detailed network routing discovery and analysis, providing visibility to poor-performing networks and devices. It includes a Java applet that enables remote users to easily test connections from the MyRoute server. Essential diagnostic tools including traceroute, ping, reverse DNS, and whois are combined into a single graphical interface that analyzes Internet connections, reporting quick and essential data points for finding connectivity problems. An IP location database identifies the geographical location of IP addresses and Web servers, showing the path of an Internet connection on a global map.