This is RATS, a rough auditing tool for security, developed by
Secure Software Solutions. It is a tool for scanning source code
(C, C++, Perl, and Python) and flagging common security related
programming errors such as buffer overflows and TOCTOU (Time Of
Check, Time Of Use) race conditions. As its name implies, the tool
performs only a rough analysis of source code. It will not find
every error and will also find things that are not errors. Manual
inspection of your code is still necessary, but greatly aided with
this tool.
OpenBSD's OpenSSH portable version
Normal OpenSSH development produces a very small, secure, and easy to maintain
version for the OpenBSD project. The OpenSSH Portability Team takes that pure
version and adds portability code so that OpenSSH can run on many other
operating systems (Unfortunately, in particular since OpenSSH does
authentication, it runs into a *lot* of differences between Unix operating
systems).
The portable OpenSSH follows development of the official version, but releases
are not synchronized. Portable releases are marked with a 'p' (e.g. 3.1p1).
The official OpenBSD source will never use the 'p' suffix, but will instead
increment the version number when they hit 'stable spots' in their development.
signing-party is a collection for all kinds of PGP/GnuPG related things,
including signing scripts, party preparation scripts, etc.
* caff: CA - Fire and Forget signs and mails a key
* pgp-clean: removes all non-self signatures from key
* pgp-fixkey: removes broken packets from keys
* gpg-mailkeys: simply mail out a signed key to its owner
* gpg-key2ps: generate PostScript file with fingerprint paper strips
* gpglist: show who signed which of your UIDs
* gpgsigs: annotates list of GnuPG keys with already done signatures
* keylookup: ncurses wrapper around gpg --search
Free open-source disk encryption software
Main Features:
* Creates a virtual encrypted disk within a file and mounts it as
a real disk.
* Encrypts an entire partition or storage device such as USB flash
drive or hard drive.
* Encryption is automatic, real-time (on-the-fly) and transparent.
* Parallelization and pipelining allow data to be read and written
as fast as if the drive was not encrypted.
* Provides plausible deniability, in case an adversary forces you
to reveal the password:
Hidden volume (steganography) and hidden operating system.
TrueCrack is a brute-force password cracker for TrueCrypt (Copyright) volume
files. It works on Linux and it is optimized with Nvidia Cuda technology.
It works with cripted volumes with the following algorithms:
- PBKDF2 (defined in PKCS5 v2.0) based on RIPEMD160 Key derivation function.
- XTS block cipher mode of operation used for hard disk encryption based on
AES.
TrueCrack can work in two different modes of use:
- Dictionary attack: read the passwords from a file of words (one password
for line).
- Charset attack: generate the passwords from a charset of symbols defined
by the user (for example: all possible strings of n characters from the
charset "abc" ).
Flash is an attempt to create a secure menu-driver shell for UNIX-derived OSes,
while providing user-friendliness and easy configurability. An ideal situation
requiring the use of flash would be a student-run telnet server which needs to:
a) shelter the users from some of the nastinesses of UNIX
b) shelter the system from nasty users
c) provide an easy way to launch applications
d) support multitasking/job control as elegantly as possible
e) support easy-to-get-right configuration by administrators
libcpuid is a small C library for x86 CPU detection and feature extraction.
Using it, you can:
- Get the processor vendor, model, brand string, code name, etc.
- Get information about CPU features such as: number of cores or logical
CPUs, cache sizes, CPU clock, etc.
- Check if the processor implements a specific instruction set such as
SSE2 or 3DNow!
- Execute the CPUID and RDTSC instructions in a portable way
- And have this all in your commercial application, without getting into
trouble, due to permissive license
Reference utility (rather advanced and useful on its own) is also provided.
cw is a non-intrusive real-time ANSI color wrapper for common Unix-based
command.
cw is designed to simulate the environment of the commands being
executed, so that if a person types 'du', 'df', 'ping', etc. in their
shell it will automatically color the output in real-time according to
a definition file containing the color format desired. cw has support
for wildcard match coloring, tokenized coloring, headers/footers, case
scenario coloring, command line dependent definition coloring, and
includes over 50 pre-made definition files.
Docker is an open source project to pack, ship and run any
application as a lightweight container.
Docker containers are both hardware-agnostic and platform-agnostic.
This means they can run anywhere, from your laptop to the largest
EC2 compute instance and everything in between - and they don't
require you to use a particular language, framework or packaging
system. That makes them great building blocks for deploying and
scaling web apps, databases, and backend services without depending
on a particular stack or provider.
FreeIPMI provides in-band and out-of-band IPMI software based on the IPMI
v1.5/2.0 specification. The IPMI specification defines a set of interfaces for
platform management and is implemented by a number vendors for system
management. The features of IPMI that most users will be interested in are
sensor monitoring, system event monitoring, power control, and serial-over-LAN
(SOL). The FreeIPMI tools and libraries should provide users with the ability to
access and utilize these and many other features. A number of useful features
for large HPC or cluster environments have also been implemented into FreeIPMI.