The OpenVPN Radius Plugin provides RADIUS authentication
and accounting support for OpenVPN.
Powerful webserver security scanner.
Supports rule scan, virtual hosts, network ranges and more.
autossh is a program to start a copy of ssh and monitor it, restarting
it as necessary should it die or stop passing traffic.
The original idea and the mechanism were from rstunnel (Reliable SSH
Tunnel). With this version the method changes: autossh uses ssh to
construct a loop of ssh forwardings (one from local to remote, one
from remote to local), and then sends test data that it expects to
get back. (The idea is thanks to Terrence Martin.)
Cisco-torch is a mass Cisco Vulnerability Scanner.
The main feature that makes Cisco-torch different from similar
tools is the extensive use of forking to launch multiple scanning
processes on the background for maximum scanning efficiency. Also,
it uses several methods of application layer fingerprinting simultaneously,
if needed. We wanted something fast to discover remote Cisco hosts running
Telnet, SSH, Web, NTP and SNMP services and launch dictionary attacks
against the services discovered.
Broccoli is the Bro client communications library and lets you
create applications that can speak the Bro communication protocol.
ike-scan discovers IKE hosts and can also fingerprint them using the
retransmission backoff pattern.
ike-scan does two things:
a) Discovery: Determine which hosts are running IKE.
This is done by displaying those hosts which respond to the IKE requests
sent by ike-scan.
b) Fingerprinting: Determine which IKE implementation the hosts are using.
This is done by recording the times of the IKE response packets from the
target hosts and comparing the observed retransmission backoff pattern
against known patterns.
OpenID is a decentralized identity system, but one that's actually
decentralized and doesn't entirely crumble if one company turns evil
or goes out of business.
An OpenID identity is just a URL. You can have multiple identities in
the same way you can have multiple URLs. All OpenID does is provide a
way to prove that you own a URL (identity).
Anybody can run their own site using OpenID, and anybody can be an
OpenID server, and they all work with each other without having to
register with or pay anybody to "get started". An owner of a URL can
pick which OpenID server to use.
dsniff is a collection of tools for network auditing and penetration testing.
dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor
a network for interesting data (passwords, e-mail, files, etc.). arpspoof,
dnsspoof, and macof facilitate the interception of network traffic normally
unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm
implement active monkey-in-the-middle attacks against redirected SSH and HTTPS
sessions by exploiting weak bindings in ad-hoc PKI.
Belier allows opening a shell or executing a command on a remote computer
through a SSH connection. The main feature of Belier is its ability to cross
several intermediate computers before realizing the job.
This is a PAM module which allows authentication against alternate
passwd files.