PuTTY is a client program for the SSH, Telnet and Rlogin network protocols.
These protocols are all used to run a remote session on a computer,
over a network. PuTTY implements the client end of that session:
the end at which the session is displayed, rather than the end
at which it runs.
Conversion tool that will convert a standard RSA key in OpenSSL PEM format
into a PVK file and vice versa.
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log
and bans IP that makes too many password failures. It updates firewall rules
to reject the IP address.
This is a small command-line utility for encryption and decryption
using the principle of one-time pads (OTPs). One or more data files
given to pad are XORd with each other and with RNG output, resulting
in two or more output files. The output files are indistinguishable
from random noise, except that when the pad utility is used to XOR
them together again, the original data files may be recovered.
Jason Harris <jharris@widomaker.com>
This is RATS, a rough auditing tool for security, developed by
Secure Software Solutions. It is a tool for scanning source code
(C, C++, Perl, and Python) and flagging common security related
programming errors such as buffer overflows and TOCTOU (Time Of
Check, Time Of Use) race conditions. As its name implies, the tool
performs only a rough analysis of source code. It will not find
every error and will also find things that are not errors. Manual
inspection of your code is still necessary, but greatly aided with
this tool.
Ruby/Password comprises a set of useful methods for creating,
verifying and manipulating passwords. It includes an interface to
CrackLib, a library commonly used for checking password strength.
Radamsa is a generic test case generator for robustness testing, aka a fuzzer.
It can be used to test how well a program can stand malformed and potentially
malicious inputs. It operates on given sample inputs and thus requires minimal
effort to set up.
xspy is a utility for monitoring keypresses on remote X servers. It
takes advantage of an oversight in X Windows (R5 & R6) to find out
about keypresses even in "secure mode". It works by polling the
keyboard, by default every hundredth of a second.
This is the sectok tool from citi.umich.edu. Originally targeted
for OpenBSD. This is a quick port of the basic application; it relies
upon the libsectok library for ISO 7816 Smart Card device communication.
WebScarab is a framework for analysing applications that communicate
using the HTTP and HTTPS protocols. In its most common usage,
WebScarab operates as an intercepting proxy, allowing the user to
review and modify requests created by the browser before they are
sent to the server, and to review and modify responses returned
from the server before they are received by the browser.