Argon2 is a password-hashing function that summarizes the state of the
art in the design of memory-hard functions and can be used to hash
passwords for credential storage, key derivation, or other
applications.
Slurpie is a passwd file cracker similar to CrackerJack and John the Ripper
except that it can be run in a distributed environment (multiple computers
aka nodes).
slush - SSL remote shell
slush is a simple telnet-like application which communicates over a
secure SSL channel. It uses X509 certificates for authentication and
can be compiled with TCP wrappers support (service name "slushd").
slush is *alpha* software. Use it at your own risk.
smtpscan is a remote SMTP server version detector. It can be used to
guess which mail software is used on a remote server, that may hide its
SMTP banner.
This program is designed to log smurf attacks and the broadcasts used.
Essentially it is just an ICMP echo reply logger with the following twists:
- Logging only begins after passing a certain threshold rate of packets/sec
and kilobytes/sec. This prevents the logging of innocent ping replies.
- Only the /24 is logged, and it is only logged once per attack.
This program filters the tcpump raw packet data looking for logins and
passwords on the most commonly used TCP ports (FTP, telnet, POP3 ...).
It dumps sniffed data to a file named sniff.log.
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules based logging
and can perform content searching/matching in addition to being used to detect
a variety of other attacks and probes, such as buffer overflows, stealth port
scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting
capability, with alerts being sent to syslog, a separate "alert" file, or even
to a Windows computer via Samba.
Packets are logged in their decoded form to directories which are generated
based upon the IP address of the remote peer. This allows Snort to be used as
a sort of "poor man's intrusion detection system" if you specify what traffic
you want to record and what to let through.
For instance, I use it to record traffic of interest to the six computers in
my office at work while I'm away on travel or gone for the weekend. It's
also nice for debugging network code since it shows you most of the Important
Stuff(TM) about your packets (as I see it anyway). The code is pretty easy
to modify to provide more complete packet decoding, so feel free to make
suggestions.
Snort Report is an add-on module for the Snort Intrusion Detection System.
It generates real-time intrusion detection reports in an easy to read format
based on data collected from a MySQL or PostgreSQL database.
SnortSam is an intelligent agent that allows the popular
open-source Intrusion Detection System called Snort to block
intruding connections by reconfiguration of many firewalls
and Cisco devices.
This program creates a set of HTML pages to allow you to quickly and
conveniently navigate around output files of the Snort intrusion
detection system (http://www.snort.org/). The reports summarize the
incidents logged in the snort alert file.