Ports Search

GoVPN is simple secure free software virtual private network daemon, aimed to be reviewable, secure, DPI/censorship-resistant, written on Go. It uses fast strong passphrase authenticated key agreement protocol with augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE). Encrypted, authenticated data transport that hides message's length and timestamps. Optional encryptionless mode, that still preserves data confidentiality. Perfect forward secrecy property. Resistance to: offline dictionary attacks, replay attacks, client's passphrases compromising and dictionary attacks on the server side. Built-in heartbeating, rehandshaking, real-time statistics. Ability to work through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility.

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. It consists of two programs: unhide and unhide-tcp. unhide detects hidden processes through: * Comparison of /proc vs /bin/ps output. * Comparison of info gathered from /bin/ps with info gathered from. * Syscalls (syscall scanning). * Full PIDs space ocupation (PIDs bruteforcing). unhide-tcp identifies TCP/UDP ports that are listening but not listed in /bin/netstat by doing brute forcing of all TCP/UDP ports availables.

Vinetto extracts the thumbnails and associated metadata from the Thumbs.db files. The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails and metadata of the picture files contained in the directories of its FAT32 or NTFS filesystems. The thumbnails and associated metadata are stored in Thumbs.db files. The Thumbs.db files are undocumented OLE structured files. Once a picture file has been deleted from the filesystem, the related thumbnail and associated metada remain stored in the Thumbs.db file. So, the data contained in those Thumbs.db files are an helpful source of information for the forensics investigator.

ZXID aims at full stack implementation of all federated identity management and identity web services protocols. Initial goal is supporting SP role, followed by ID-WSF WSC and IdP roles. ZXID is light weight, has a small foot print, and is implemented in C. It is suitable for both high performance and embedded applications. Scripting languages are supported using SWIG, including Perl, PHP and Java. The "full stack" nature of ZXID means it's self contained and has minimal external library dependencies (see downloads).

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP. Install Tcpcrypt and you'll feel no difference in your every day user experience, but yet your traffic will be more secure and you'll have made life much harder for hackers.

[Excerpted from the README:] "scponly" is an alternative "shell" (of sorts) for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is best described as a wrapper to the tried-and-true ssh suite. scponly validates remote requests by examining the third argument passed to the shell upon login. (The first argument is the shell itself, and the second is -c.) The only commands allowed are "scp", "sftp-server" and "ls". Arguments to these commands are passed along unmolested.

BSDploy is a comprehensive tool to provision, configure and maintain FreeBSD jail hosts and jails. Its main design goal is to lower the barrier to repeatable jail setups. * Modular provisioning with plugins for VirtualBox, Amazon EC2 and an achitecture to support more. * Bootstrap complete jail hosts from scratch. * Declarative configuration: All hosts and their properties defined in ploy.conf are automatically exposed to Ansible. * Imperative maintenance: Run Fabric scripts with ploy do JAILNAME TASKNAME and have all of the hosts and their variables in fab.env. * Configure ZFS pools and filesystems with whole-disk-encryption.

The Sleuth Kit (TSK) is a library and collection of command line tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. The media management tools allow you to examine the layout of disks and other media. The Sleuth Kit supports DOS partitions, BSD partitions (disk labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT disks. With these tools, you can identify where partitions are located and extract them so that they can be analyzed with file system analysis tools.

syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases (SQL and NoSQL alike) and more. Key features: * receive and send RFC3164 and RFC5424 style syslog messages * work with any kind of unstructured data * receive and send JSON formatted messages * classify and structure logs with builtin parsers (csv-parser(), db-parser(), ...) * normalize, crunch and process logs as they flow through the system * hand on messages for further processing using message queues (like AMQP), files or databases (like PostgreSQL or MongoDB). The official home page of syslog-ng is: http://www.balabit.com/network-security/syslog-ng/

The clean utility searches through the filesystem for "temporary files" left behind by editors and the like which can be deleted safely. WARNING: This program was written with the express purpose of deleting (unwanted) files. Please be certain that you understand this program and that you really want to use such an automatic deletion process before you begin. [ On the other hand, I've been using it for over ten years without doing anything worse than not having a core.1 manpage. The normal mode is interactive and prompts for confirmation. You are advised to have backups before using the non-interactive batch mode. ] -Chuck Swiger <chuck@pkix.net>