Open Source BSD Security Software - Page 14

Greyhound Trident is a GNU/Linux, Ubuntu based security distribution designed for penetration testing and cyber forensic investigations. It is a distribution designed for security enthusiasts and professionals, can also be used normally as your default OS. >>Based on Ubuntu 12.04.2 LTS (32bit ) user/pass : root/toor >>Kernel version 3.5.0-45 (little modified to make some of unsupported tools to work, but still will able to get Ubuntu updates ) >>2 Desktop environment : Gnome3, Docky Desktop for different test >>Final release >> Around 300 tools for all-round pentest performance User friendly, all important plugins such as video codec, audio plugins added Above all, this is Ubuntu, specially Hackers Ubuntu. Have fun Credit List : Mahir Chowdhury Asif Iqbal (India) For XtreamDebugger Ashik Iqbal Chy (BGHH) Imam Vai (BGHH) Krad Xin (BGHH) Bd xtor (BBHH/Team Scannerzz) Pedro Ubuntu(Root Sector) For Netool.sh

IKECrack is an IKE/IPSec crack tool designed to perform Pre-Shared-Key [password] analysis of RFC compliant aggressive mode authentication.

A Java Hijacking tool for web application session security assessment. A simple Java Fuzzer that can mainly be used for numeric session hijacking and parameter enumeration. Demonstration video is also available.

Novus Ordo Seclorum (Ordo for short) is a pathologically secured, invitation only secure communications framework. It is built on top of the Freenet crypto libraries.

ODESSA - The Open Digital Evidence Search and Seizure Architecture is a cross-platform framework for performing Computer Forensics and Incident Response.

OpenSignature is an open source project for the digital signature of documents. It works with all cards supported by OpenSC and focuses on adding support for cards from accredited Italian CAs. The goal of the project is to provide a first single product

Simplebackup is a cross-platform backup program. It reads a configuration file then builds a compress backup set, finally places the compressed files into another location (a directory, a remote http,ftp,sftp server or even one or more email accounts).

Sun's XACML Implementation is an access control policy evaluation engine written entirely in the Java(tm) programming language. It supports XACML 1.x and 2.0 core features, and provides a number of powerful extensions and extensibility points.

Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols.

Command-line strong encryption tools including: triple cascaded encryptor, multiple hash calculator and multiple block cipher encryptor. Supports AES, Serpent, Twofish, SHA-512, RIPEMD-160, MD5 and other algorithms.

siggen is a cool email signature generator for encrypted ansi c (confused), brainf*ck, ... signatures. Use it in combination with vi(m), emacs, mutt, pine, or what ever. (tested on Solaris, Linux and Windoze). Optimized only for geeks :-)

Please see http://firehol.org/ for up-to-date releases and information. FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.

Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Proxy Tester is a proxy list tester and then it generates a wpad.dat file you can use for your browser based on working servers. wpad.dat file selects a random proxy server from the list of provided working proxy servers with each connection request.

Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org

AESTextCrypt is an easy-to-use open source tool for text encryption and decryption. Primarily intended for use with email, use it wherever you need to protect text from prying eyes. The encrypted text can be copy/pasted into any text-handling application (e.g. email) instead of plain text. Convenience buttons are provided for clipboard operations. AESTextCrypt uses AES-256 bit encryption which is the strongest available encryption scheme. It also employs bcrypt, which implements key-stretching and an adaptive key setup phase, the complexity (number of rounds) of which is automatically set to match the processing power of the encrypting computer. This makes it highly resistant to dictionary attack. AESTextCrypt is written in Java, so can be run on all desktop platforms - Windows, Mac and Linux.

With this tool you can create and sign x509 certificates, certificate request, create self-signed certificates, RSA private and public keys with simple and intuitive GUI. This program is using OpenSSL.

DKIM for JavaMail is a small JAR that can be easily implemented in existing Java projects using JavaMail for sending DKIM signed emails.

FMSec (File Manager SECurity) is a set of extensions to file managers that enable some security-related operations to be easily performed. The operations are: - encryption and decryption using OpenSSL (https://www.openssl.org/), - safe removing (shredding) files and directories (recursively), - mounting and unmounting TrueCrypt and VeraCrypt (https://www.veracrypt.fr/en/) volumes, - wiping the free space on a filesystem using WipeFreeSpace (https://wipefreespace.sourceforge.io/), - running programs with LibSecRm (https://libsecrm.sourceforge.io) preloaded, - running programs with LibHideIP (https://libhideip.sourceforge.io) preloaded, - running programs with LibNetBlock (https://libnetblock.sourceforge.io) preloaded, - generating digital certificates (X.509 / SSL / TLS / PKCS#12 / P12). See the project homepage https://fmsec.sourceforge.io and the project Wiki in the menu above.

ScardFace is a python3k library for interfacing with smart cards, which supports Plug-and-Play readers inclusion and threading. It also offers classes for manipulating APDU cmds and resps, and use them in a transport-protocol-independent fashion.

Turtle is a peer-to-peer architecture for safe sharing of sensitive data with full sender and receiver anonymity.

Virtual Keyboard for security web systems access

WFuzz FrontEnd (WFuzz UI) is what we just wrap GUI to the all-time famous wfuzz.py by edge-security.com which got its fame thanks to its multi-threading and flexibility to show desired results based on HTTP response codes/no. of lines/words.

dk-milter consists of two parts: A milter-based application (dk-filter) which plugs in to Sendmail to provide DomainKeys service, and a library (libdk) which can be used to build DomainKeys-compliant applications or MTAs. See the home page for details.

hping2 is an interactive packet costructor and responses analyzer that uses the same CLI of the ping program (but with a lot of extensions). It can be used to performs a lot of tasks, like testing of firewall rules, (spoofed) port scanning, et cetera.