GoVPN is simple secure free software virtual private network daemon,
aimed to be reviewable, secure, DPI/censorship-resistant, written on Go.
It uses fast strong passphrase authenticated key agreement protocol with
augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE).
Encrypted, authenticated data transport that hides message's length and
timestamps. Optional encryptionless mode, that still preserves data
confidentiality. Perfect forward secrecy property. Resistance to:
offline dictionary attacks, replay attacks, client's passphrases
compromising and dictionary attacks on the server side. Built-in
heartbeating, rehandshaking, real-time statistics. Ability to work
through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility.
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by
rootkits / LKMs or by another hidden technique. It consists of two
programs: unhide and unhide-tcp.
unhide detects hidden processes through:
* Comparison of /proc vs /bin/ps output.
* Comparison of info gathered from /bin/ps with info gathered from.
* Syscalls (syscall scanning).
* Full PIDs space ocupation (PIDs bruteforcing).
unhide-tcp identifies TCP/UDP ports that are listening but not listed in
/bin/netstat by doing brute forcing of all TCP/UDP ports availables.
Vinetto extracts the thumbnails and associated metadata from the Thumbs.db
files.
The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails
and metadata of the picture files contained in the directories of its FAT32
or NTFS filesystems.
The thumbnails and associated metadata are stored in Thumbs.db files.
The Thumbs.db files are undocumented OLE structured files.
Once a picture file has been deleted from the filesystem, the related thumbnail
and associated metada remain stored in the Thumbs.db file. So, the data
contained in those Thumbs.db files are an helpful source of information
for the forensics investigator.
ZXID aims at full stack implementation of all federated identity
management and identity web services protocols. Initial goal is
supporting SP role, followed by ID-WSF WSC and IdP roles.
ZXID is light weight, has a small foot print, and is implemented in C.
It is suitable for both high performance and embedded applications.
Scripting languages are supported using SWIG, including Perl, PHP and
Java. The "full stack" nature of ZXID means it's self contained and
has minimal external library dependencies (see downloads).
Tcpcrypt is a protocol that attempts to encrypt (almost) all of your
network traffic. Unlike other security mechanisms, Tcpcrypt works out
of the box: it requires no configuration, no changes to applications,
and your network connections will continue to work even if the remote
end does not support Tcpcrypt, in which case connections will
gracefully fall back to standard clear-text TCP. Install Tcpcrypt and
you'll feel no difference in your every day user experience, but yet
your traffic will be more secure and you'll have made life much harder
for hackers.
[Excerpted from the README:] "scponly" is an alternative "shell" (of sorts)
for system administrators who would like to provide access to remote users to
both read and write local files without providing any remote execution
privileges. Functionally, it is best described as a wrapper to the
tried-and-true ssh suite.
scponly validates remote requests by examining the third argument passed to the
shell upon login. (The first argument is the shell itself, and the second is
-c.) The only commands allowed are "scp", "sftp-server" and "ls". Arguments
to these commands are passed along unmolested.
BSDploy is a comprehensive tool to provision, configure and maintain
FreeBSD jail hosts and jails.
Its main design goal is to lower the barrier to repeatable jail setups.
* Modular provisioning with plugins for VirtualBox, Amazon EC2 and
an achitecture to support more.
* Bootstrap complete jail hosts from scratch.
* Declarative configuration: All hosts and their properties defined
in ploy.conf are automatically exposed to Ansible.
* Imperative maintenance: Run Fabric scripts with ploy do JAILNAME
TASKNAME and have all of the hosts and their variables in fab.env.
* Configure ZFS pools and filesystems with whole-disk-encryption.
The Sleuth Kit (TSK) is a library and collection of command line tools that
allow you to investigate volume and file system data. The library can be
incorporated into larger digital forensics tools and the command line tools
can be directly used to find evidence.
The media management tools allow you to examine the layout of disks and
other media. The Sleuth Kit supports DOS partitions, BSD partitions (disk
labels), Mac partitions, Sun slices (Volume Table of Contents), and GPT
disks. With these tools, you can identify where partitions are located and
extract them so that they can be analyzed with file system analysis tools.
syslog-ng is an enhanced log daemon, supporting a wide range of input and
output methods: syslog, unstructured text, message queues, databases (SQL
and NoSQL alike) and more.
Key features:
* receive and send RFC3164 and RFC5424 style syslog messages
* work with any kind of unstructured data
* receive and send JSON formatted messages
* classify and structure logs with builtin parsers (csv-parser(),
db-parser(), ...)
* normalize, crunch and process logs as they flow through the system
* hand on messages for further processing using message queues (like
AMQP), files or databases (like PostgreSQL or MongoDB).
The official home page of syslog-ng is:
http://www.balabit.com/network-security/syslog-ng/
The clean utility searches through the filesystem for "temporary files"
left behind by editors and the like which can be deleted safely.
WARNING: This program was written with the express purpose of deleting
(unwanted) files. Please be certain that you understand this program
and that you really want to use such an automatic deletion process
before you begin.
[ On the other hand, I've been using it for over ten years without
doing anything worse than not having a core.1 manpage. The normal
mode is interactive and prompts for confirmation. You are advised to
have backups before using the non-interactive batch mode. ]
-Chuck Swiger <chuck@pkix.net>