Moscrack is a WPA cracker for use on clusters. It supports MOSIX, SSH, and RSH connectivity and works by reading a word list from STDIN or a file, breaking it into chunks, and passing those chunks off to separate processes that run in parallel. The parallel processes are then executed on different nodes in your cluster. All results are checked and recorded on your master node. Logging and error handling are taken care of. It is capable of running reliably for long periods of time, without the risk of losing data or having to restart. Moscrack uses aircrack-ng by default. Pyrit for WPA cracking and Dehasher for Unix password hashes are supported via plugins.
TCL2FTP is an extension library for Tcl scripts which allows Tcl programs to perform FTP client and gateway actions. It fully supports the FTP/FXP protocols, is ready for use with SSL/TLS, and is compatible with glFTPd. It can run simple FTP commands, and it supports 25 simultaneous FTP sessions.
ratproxy is a semi-automated, largely passive Web application security audit tool optimized for accurate and sensitive detection, and automatic annotation, of potential problems and security-relevant design patterns based on the observation of existing, user-initiated traffic in complex Web 2.0 environments.
tmin is a quick and simple tool to minimize the size and syntax of complex test cases in automated security testing. It is meant specifically for dealing with unknown or complex data formats (without the need to tokenize and re-serialize testcases), and for easy integration with UI testing harnesses.
Bunny the Fuzzer is a closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. It uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data.
A reasonable way to achieve a long term backup of OpenPGP (GnuPG, PGP, etc) keys is to print them out on paper. Due to metadata and redundancy, OpenPGP secret keys are significantly larger than just the "secret bits". In fact, the secret key contains a complete copy of the public key. Since the public key generally doesn't need to be backed up in this way (most people have many copies of it on various keyservers, Web pages, etc), only extracting the secret parts can be a real advantage. Paperkey extracts just those secret bytes and prints them. To reconstruct, you re-enter those bytes (whether by hand or via OCR), and paperkey can use them to transform your existing public key into a secret key.
LBackup is a simple backup system aimed at systems administrators who require reliable backups with minimum fuss. It is configured with configuration files, and the backup is started from the command line. It has been tested for over 10 years. Backups can be to local media, or to remote media via one or more networks. The networks may be private LANs, WANs, or sets of untrusted public networks such as the Internet.
John The Ripper MPI is an updated version of Ryan Lim's patch for John the Ripper to support MPI, in addition to a large number of third party patches to support additional ciphers and other features. MPI allows you to use multiple processors on a single system, or a cluster of systems for cracking passwords using John the Ripper.
A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.