Netzob supports the expert in reverse engineering, evaluation, and simulation of communication protocols. Its main goals are to help security evaluators to assess the robustness of proprietary or unknown protocol implementations, simulate realistic communications to test third-party products (IDS, firewalls, etc.), and create an Open Source implementation of a proprietary or unknown protocol. Netzob provides a semi-automatic inferring process, and includes everything necessary to passively learn the vocabulary of a protocol and actively infer its grammar. The learnt protocol can afterward be simulated. Netzob handles text protocols (like HTTP and IRC), fixed field protocols (like IP and TCP), and variable field protocols (like ASN.1-based formats).
Palm-Strip-Export is a utility to export your legacy PalmOS Strip databases to simple CSV files. Once your databases are exported you can print them, open them in Excel, or import them into a separate program. Most importantly, these export files will be directly importable to the iPhone when the desktop sync tool is released. This exporter only works with Palm Strip 2.0 databases.
NetCrack is cluster software developed to distribute a hashing algorithm's cracking process work using a brute force attack. Currently, it only supports the two most commonly used hashing algorithms: MD5 and SHA-1. Support is included for MySQL, safe mode, and others. It works like a client/server application, where the server is unique for each cluster network and its job is to distribute the cracking process work, coordinate the nodes, and prevent connections and data integrity errors.
The HOTP Toolkit package contains tools that are useful when deploying the one-time password HOTP technology. It contains a shared library, a command-line tool to generate and validate one-time passwords, and a PAM module (pam_hotp) to make system login or SSH use HOTP one-time passwords for authentication.
RedWolf is a security threat simulator that tests security system effectiveness. Its threat generation capabilities include email, IM, malware, P2P, social networking, VoIP, DDoS, and many more. The guiding philosophy is that by generating realistic scenarios in a wide variety of categories, an auditor or organization can assess the effectiveness of network defenses. The scenario suite allows one to verify compliance with PCI-DSS, Sarbanes-Oxley, or HIPAA controls. RedWolf helps identify data loss risks and provides expert recommendations concerning risk mitigation. It reports present findings, recommendations, best practices, and blocking guidance in a straightforward, easily readable format. RedWolf also acts as a 'Red Team' agent, running drills to measure the readiness of your operations staff.