| Airsnarf 
Airsnarf is a simple rogue wireless access point setup utility designed
to demonstrate how a rogue AP can steal usernames and passwords from
public wireless hotspots. Airsnarf was developed and released to
demonstrate an inherent vulnerability of public 802.11b
hotspots--snarfing usernames and passwords by confusing users with DNS
and HTTP redirects from a competing AP.
|
|
|
| AirSnort
AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys.
AirSnort operates by passively monitoring transmissions, computing the
encryption key when enough packets have been gathered.
802.11b, using the Wired Equivalent Protocol (WEP), is crippled with
numerous security flaws. Most damning of these is the weakness
described
in "
Weaknesses in the Key Scheduling Algorithm of RC4 " by Scott
Fluhrer,
Itsik Mantin and Adi Shamir. Adam
Stubblefield was the first to implement this attack, but he has not
made his software public. AirSnort, along with WEPCrack,
which was released about the same time as AirSnort, are the first
publicly
available implementaions of this attack.
AirSnort requires approximately 5-10 million encrypted packets to be
gathered. Once enough packets have been gathered, AirSnort can guess
the encryption password in under a second.
|
|
|
| Babel
Babel is an enterprise-grade
auditing system to manage a consistency on security policy between
different systems in a non-homogeneus architecture. Babel allows to
manage very different operating systems, like AIX, Solaris, Windows
2000, Windows XP, Linux, *BSD or HPUX.
|
|
|
| BackTrack
BackTrack is the result of merging the two innovative
penetration testing live linux distributions Auditor and
Whax. Backtrack provides a thorough pentesting environment
which is bootable via CD, USB or the network (PXE).
The tools are arranged in an intuitive manner, and cover most
of the attack vectors. Complex environments are simplified, such as
automatic Kismet configuration, one click Snort setup, precompiled
Metasploit lorcon modules, etc.
BackTrack has been dubbed the #1 Security Live CD by Insecure.org, and
#36 overall.
|
|
|
| ClamAV
Clam AntiVirus is a GPL anti-virus toolkit for UNIX, designed
especially for e-mail scanning on mail gateways. It provides a number
of utilities including a flexible and scalable multi-threaded daemon, a
command line scanner and advanced tool for automatic database updates.
The core of the package is an anti-virus engine available in a form of
shared library
|
|
|
| DansGuardian
DansGuardian is an award winning web content filtering proxy for Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris that uses Squid to do all the fetching.
It filters using multiple methods. These methods include URL and domain filtering, content phrase filtering, PICS filtering, MIME filtering, file extension filtering, POST limiting.
The content phrase filtering will check for pages that contain
profanities and phrases often associated with pornography and other
undesirable content. The POST filtering allows you to block or limit
web upload. The URL and domain filtering is able to handle huge lists
and is significantly faster than squidGuard.
The filtering has configurable domain, user and source ip exception lists. SSL Tunneling is supported.
The configurable logging produces a log in an easy to read format
which has the option to only log the text-based pages, thus
significantly reducing redundant information such as every image on a
page.
Pretty much all parts of DansGuardian are configurable thus giving
the end administrator user total control over what is filtered and not
some third-party company.
|
|
|
| Dovecot
Dovecot is an open source IMAP and POP3 server
for Linux/UNIX-like systems,
written with security
primarily in mind. Although it's written in C, it uses several coding techniques to avoid most of
the common pitfalls.
|
|
|
| eBox Platform
eBox management tool will effectively and easily help you managing the advanced
services for your corporate network. Designed with extensibility in mind it offers, among others, these modules: Firewall, Transparent proxy, Content filter, NTP Server, Users and groups, Mail server... more modules!
|
|
|
| FG-Injector Framework
Security tool designed to detect, research and leverage SQL injection exploitation.
|
|
|
| Firestarter
Firestarter is an Open Source visual
firewall program. The software aims to combine ease of use with powerful features, therefore
serving both Linux desktop users and system administrators.
|
|
|
| Firewall Builder
Firewall Builder is multi-platform firewall configuration and
management tool. It consists of a GUI and set of policy compilers for
various firewall platforms. Firewall Builder uses object-oriented approach,
it helps administrator maintain a database of network objects and allows
policy editing using simple drag-and-drop operations. Firewall Builder
currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical
summary of features supported by the policy compilers for all platforms
can be found in the section "Modules"
|
|
|
| FreeRADIUS
FreeRADIUS is the premiere open source RADIUS server. Based on
current statistics, there are over 50,000 deployments of the software.
These deployments include small sites with 10 users, large-scale
enterprises with tens of thousands of users, and carrier-class
deployments with over 10 million users. In total, the sites that we
know are using FreeRADIUS support nearly 100 million users. The only
other servers that come close in terms of market share and/or number
of sites are ACS and IAS.
The server scales easily from embedded systems with small amounts
of memory to systems with millions of users. It is fast, flexible, configurable, and supports more
authentication protocols than most commercial servers. It includes
support for SQL, LDAP, RADIUS Proxying, failover, load balancing, and
nearly 100 vendor dictionary files. It can perform authentications
via the PAP, CHAP, MS-CHAP, EAP-MD5, EAP-GTC, EAP-TLS, EAP-TTLS,
PEAPv0, LEAP, EAP-SIM, and Digest authentication protocols. It has
reached a stable
1.1.5
version
(sig)
, with incremental improvements added in
each release.
|
|
|
| FreeS/WAN
Linux FreeS/WAN is an implementation of IPSEC & IKE for Linux.
IPSEC is Internet Protocol SECurity. It uses
strong cryptography to provide both authentication and encryption
services. Authentication ensures that packets are from the right
sender and have not been altered in transit. Encryption prevents
unauthorised reading of packet contents.
These services allow you to build secure tunnels through
untrusted networks. Everything passing through the
untrusted net is encrypted by the IPSEC gateway machine and
decrypted by the gateway at the other end. The result is
Virtual Private Network or VPN. This is a
network which is effectively private even though it includes
machines at several different sites connected by the insecure
Internet.
|
|
|
| Guardian Active Response for Snort
Guardian is a security program which works in conjunction with Snort to automaticly update firewall rules based on alerts generated by Snort.
The updated firewall rules block all incoming data from the IP address
of the attacking machine (the machine which caused Snort to generate an
alert.
There is also logic in place which pervents blocking important
machines, such as DNS servers, gateways, and whatever else you want.
|
|
|
| Higgins Trust Framework
This project is developing an extensible, platform-independent,
identity protocol-independent, software framework to support existing
and new applications that give users more convenience, privacy and
control over their identity information.
|
|
|
|
|
|
| honeynet.org
Here you will find honeypot related tools developed by the Honeynet Project and Research
Alliance and its individuals members. All software created is OpenSource
|
|
|
| IP Filter
IPFilter is a software package that can be used to provide network address
translation (NAT) or firewall services. To use, it can either be used as a
loadable kernel module or incorporated into your UNIX kernel; use as a
loadable kernel module where possible is highly recommended. Scripts are
provided to install and patch system files, as required.
|
|
|
| IPCop
IPCop Firewall is a Linux firewall distribution
geared towards home and SOHO (Small Office/Home Office) users. The
IPCop interface is very user-friendly and task-based. IPCop offers the
critical functionality of an expensive network appliance using stock,
or even obsolete, hardware and OpenSource Software.
|
|
|
| IPFW
The IPFIREWALL (IPFW) is a FreeBSD sponsored firewall software application authored
and maintained by FreeBSD volunteer staff members. It uses the legacy stateless rules and
a legacy rule coding technique to achieve what is referred to as Simple Stateful
logic.
|
|
|
| Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and
intrusion detection system. Kismet will work with any wireless card which
supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and
802.11g traffic.
Kismet identifies networks by passively collecting packets and detecting
standard named networks, detecting (and given time, decloaking) hidden
networks, and infering the presence of nonbeaconing networks via data
traffic.
|
|
|
| LBNL's Network Research Group
|
|
|
| m0n0wall
m0n0wall is a project aimed at creating a complete, embedded firewall
software package that, when used together with an embedded PC, provides
all the important features of commercial firewall boxes (including ease
of use) at a fraction of the price (free software).
m0n0wall is based on a bare-bones version of FreeBSD,
along with a web server, PHP and a few other
utilities. The entire system configuration is stored in one single XML
text file to keep things transparent.
m0n0wall is probably the first UNIX system that has its boot-time
configuration done with PHP, rather than the usual shell scripts,
and that has the entire system configuration stored in XML format.
|
|
|
| Nessus
The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner
|
|
|
| NessusWX
NessusWX is a client program for
Nessus security scanner
which is designed specially for Windows platform. NessusWX
has Windows look'n'feel and, in addition, some features that in my opinion
was missed in standard Nessus client for Windows.
|
|
|
| Netfilter.org
netfilter.org is home to the software of the packet filtering framework inside theLinux 2.4.x and 2.6.x kernel series.
Software commonly associated with netfilter.org is iptables.
Software inside this framework enables packet filtering, network address [and
port] translation (NA[P]T) and other packet mangling. It is the re-designed
and heavily improved successor of the previous Linux 2.2.x ipchains and Linux 2.0.x ipfwadm systems.
netfilter is a set of hooks inside the Linux kernel that allows kernel modules
to register callback functions with the network stack. A registered callback
function is then called back for every packet that traverses the respective
hook within the network stack.
iptables is a generic table structure for the definition of rulesets. Each
rule within an IP table consists of a number of classifiers (iptables
matches) and one connected action (iptables target).
netfilter, ip_tables, connection tracking (ip_conntrack, nf_conntrack) and
the NAT subsystem together build the major parts of the framework.
|
|
|
| |
The List 
