SiLK, the System for Internet-Level Knowledge, is a collection of
netflow tools developed by the CERT/NetSA (Network Situational
Awareness) Team to facilitate security analysis in large networks.
SiLK consists of a suite of tools which collect and examine netflow
data, allowing analysts to rapidly query large sets of data.
sqlmap is an automatic SQL injection tool entirely developed in Python. It is
capable to perform an extensive database management system back-end
fingerprint, retrieve remote DBMS databases, usernames, tables, columns,
enumerate entire DBMS, read system files and much more taking advantage of web
application programming security flaws that lead to SQL injection
vulnerabilities.
NoScript provides extra protection for your Mozilla/Firefox
or Flock browser: this extension allows JavaScript and Java
execution only for trusted domains of your choice (e.g. your
home-banking web site).
This whitelist based pre-emptive script blocking approach
prevents exploitation of security vulnerabilities (known and
even not known yet!) with no loss of functionality...
Solitaire is a top-notch pencil-and-paper encryption system developed
by Bruce Schneier. Here is the description in Schneier's own words:
"Solitaire gets its security from the inherent randomness in a
shuffled deck of cards. By manipulating this deck, a communicant
can create a string of "random" letters that he then combines with
his message. Of course Solitaire can be simulated on a computer,
but it is designed to be implemented by hand.
"Solitaire may be low-tech, but its security is intended to be
high-tech. I designed Solitaire to be secure even against the most
well-funded military adversaries with the biggest computers and the
smartest cryptanalysts. Of course, there is no guarantee that someone
won't find a clever attack against Solitaire, but the algorithm is
certainly better than any other pencil-and-paper cipher I've ever
seen."
Simple system, easy to use, and relatively fast.
Seamus Venasse <svenasse@polaris.ca>
According to the Wikipedia, a nonce is an arbitrary number used only
once in a cryptographic communication. This package contain helper
functions for generating nonces. There are many kinds of nonces used in
different situations. It's not guaranteed that by using the nonces from
this package you won't have any security issues. Please make sure that
the nonces generated via this package are usable on your design.
NaCl (pronounced "salt") is a new easy-to-use high-speed software
library for network communication, encryption, decryption, signatures,
etc. NaCl's goal is to provide all of the core operations needed to
build higher-level cryptographic tools.
Of course, other libraries already exist for these core operations.
NaCl advances the state of the art by improving security, by improving
usability, and by improving speed.
OpenSC provides a set of libraries and utilities to
access smart cards. Its main focus is on cards that
support cryptographic operations, and facilitate their
use in security applications such as mail encryption,
authentication, and digital signature.
OpenSC implements the PKCS#11 API so applications
supporting this API such as Mozilla Firefox and
Thunderbird can use it.
OpenSC implements the PKCS#15 standard and aims to be
compatible with every software that does so, too.
"RC6 is an evolutionary improvement of RC5, designed to meet the
requirements of the Advanced Encryption Standard (AES). Like RC5,
RC6 makes essential use of data-dependent rotations. New features
of RC6 include the use of four working registers instead of two,
and the inclusion of integer multiplication as an additional primitive
operation. The use of multiplication greatly increases the diffusion
achieved per round, allowing for greater security, fewer rounds, and
increased throughput."
Authforce is an HTTP authentication brute forcer. Using various methods,
it attempts brute force username and password pairs for a site. It has
the ability to try common username and passwords, username derivations,
and common username/password pairs. It is used to both test the security
of your site and to prove the insecurity of HTTP authentication based on
the fact that users just don't pick good passwords.
TEA is a 64-bit symmetric block cipher with a 128-bit key and a variable number
of rounds (32 is recommended). It has a low setup time, and depends on a
large number of rounds for security, rather than a complex algorithm. It was
developed by David J. Wheeler and Roger M. Needham, and is described at
http://www.ftp.cl.cam.ac.uk/ftp/papers/djw-rmn/djw-rmn-tea.html .