scanlogd is a TCP port scan detection tool, originally designed to illustrate
various attacks an IDS developer has to deal with. Unlike some of the other
port scan detection tools out there, scanlogd is designed to be totally safe
to use.
-Roman Bogorodskiy
<bogorodskiy@inbox.ru>
Shishi is a free implementation of the Kerberos 5 network security system.
The goals of this project are:
* Full standards compliance.
* Thread safe library.
* Internationalization, both for client messages but also for non-ASCII
username and passwords.
* Integrate with existing password management systems (/etc/passwd, PAM,
SASL).
* Clean room implementation with clear copyright and license.
This program is designed to log smurf attacks and the broadcasts used.
Essentially it is just an ICMP echo reply logger with the following twists:
- Logging only begins after passing a certain threshold rate of packets/sec
and kilobytes/sec. This prevents the logging of innocent ping replies.
- Only the /24 is logged, and it is only logged once per attack.
ssl-admin was designed to create a user-friendly, menu-driven interface
to the OpenSSL programs.
ssl-admin will help you do the following tasks with SSL certificates:
* Create your own CA certificate.
* Create new Certificate Signing Requests
* Sign existing Certificate Signing Requests
* Manage Certificate Revokation Lists
* Export configurations and certificates for OpenVPN.
Switzerland is a tool for testing networks, ISPs, and firewalls developed
by the Electronic Frontier Foundation (www.eff.org). It will spot IP
packets which are forged or modified between clients, inform you, and
give you copies of the modified packets.
WebScarab is a framework for analysing applications that communicate
using the HTTP and HTTPS protocols. In its most common usage,
WebScarab operates as an intercepting proxy, allowing the user to
review and modify requests created by the browser before they are
sent to the server, and to review and modify responses returned
from the server before they are received by the browser.
Yersinia is a layer 2 vulnerability scanner with support for the
following protocols:
Cisco Discovery Protocol (CDP)
Dynamic Host Configuration Protocol (DHCP)
Dynamic Trunking Protocol (DTP)
Hot Standby Router Protocol (HSRP)
IEEE 802.1q
Spanning Tree Protocol (STP, RSTP)
Virtual Trunking Protocol (VTP)
Zebedee is a simple program to establish an encrypted, compressed TCP/IP
"tunnel" between two systems. This allows TCP-based traffic such as telnet,
ftp and X to be protected from snooping as well as potentially gaining
performance over low-bandwidth networks from compression.
zzuf is a transparent application input fuzzer. Its purpose is to
find bugs in applications by corrupting their user-contributed data
(which more than often comes from untrusted sources on the Internet).
It works by intercepting file and network operations and changing
random bits in the program's input. zzuf's behaviour is
deterministic, making it easier to reproduce bugs.
DASH is a POSIX-compliant implementation of /bin/sh that aims to be as small as
possible. It does this without sacrificing speed where possible. In fact, it
is significantly faster than bash (the GNU Bourne-Again SHell) for most tasks.