auditor security
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 1085
Auditor Security Linux 200605
The Auditor Security Linux is a live CD based on Knoppix. more>>
The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes.
Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset.
Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute-forcing, cracking).
By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries.
Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM.
Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards.
Enhancements:
New & Updated tools:
- proxychains 1-8-1 (for example scanning over proxy more easy)
- yersinia-0.5.4
- kismet-logfile-viewer klv.pl and klc.pl
- ntp fingerprinting tool
- tftp bruteforce tool
- snmp fuzzer
- cisco torch 0.4b
- unicornscan 0.4.2
- packit
- sendip
- nasl 2.2.4
- tcpick
- cryptcat
- amap version 4.8
- tcpsplit
- Ethereal version 10.11
- ettercap-ng-0.72 and modified the etter.conf
- replaced tinysnmp with snmp tools
- vnc2swf /usr/X11R6/bin/recordwin and vnc2swf
- edit_vnc2swf.py
- edit_mp3.py
- wpa-supplicatiant 0.3.8
- hostapd-utils 0.3.7
- ssldump
- fragrouter
- Metasploit 2.4 including all known updates
- airsnarf, but no menu at moment
- fakeap to /opt/auditor but no menu entry at moment, need to write a shell script
- dsniff 2.4b1-10
- nessus plugins updated
- exploit tree updated
- Snort 2.3.2-5
- Bleeding-edge rules for snort
- New aircrack
- New airsnort
- Bet i forgot some to mention.
New & updated drivers:
- rt2400 linux drivers and utils (untested)
- rtl8180 driver (8180_26_private.ko and open8180.ko and /usr/local/bin/wlanup and /usr/local/bin/wlandown) (Untested)
- hostap drivers 0.3.7
- ipw2100 & ipw2200 incl firmware, incl monitor mode
- Prism54 with injection patch
- Linux-wlan-ng with injection patch
- Madwifi with injection patch
- ACX drivers are back on cd
Addons:
- Default password list has been updated
- Added some changes to the network stack using /etc/sysctl.conf, which will be called from knoppix-autoconfig script
- New background image
Some fixes i remember:
- Kernel completely rebuilded to provide full functionality
- Isolinux now accepts bootparameters again
- USB drivers are back to /dev/sda and booting from stick works fine
- grub files have been fixed
- fixed hostname /etc/hosts
- /cdrom/index.html pointed to the old forum fixed that
- Added cardctl eject, cardctl insert into switch-to-XY scripts
- Fixed the homebutton of the konquerror when clicked first time
- Fixed the menuentry for nessus
<<lessIndependent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset.
Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute-forcing, cracking).
By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries.
Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM.
Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards.
Enhancements:
New & Updated tools:
- proxychains 1-8-1 (for example scanning over proxy more easy)
- yersinia-0.5.4
- kismet-logfile-viewer klv.pl and klc.pl
- ntp fingerprinting tool
- tftp bruteforce tool
- snmp fuzzer
- cisco torch 0.4b
- unicornscan 0.4.2
- packit
- sendip
- nasl 2.2.4
- tcpick
- cryptcat
- amap version 4.8
- tcpsplit
- Ethereal version 10.11
- ettercap-ng-0.72 and modified the etter.conf
- replaced tinysnmp with snmp tools
- vnc2swf /usr/X11R6/bin/recordwin and vnc2swf
- edit_vnc2swf.py
- edit_mp3.py
- wpa-supplicatiant 0.3.8
- hostapd-utils 0.3.7
- ssldump
- fragrouter
- Metasploit 2.4 including all known updates
- airsnarf, but no menu at moment
- fakeap to /opt/auditor but no menu entry at moment, need to write a shell script
- dsniff 2.4b1-10
- nessus plugins updated
- exploit tree updated
- Snort 2.3.2-5
- Bleeding-edge rules for snort
- New aircrack
- New airsnort
- Bet i forgot some to mention.
New & updated drivers:
- rt2400 linux drivers and utils (untested)
- rtl8180 driver (8180_26_private.ko and open8180.ko and /usr/local/bin/wlanup and /usr/local/bin/wlandown) (Untested)
- hostap drivers 0.3.7
- ipw2100 & ipw2200 incl firmware, incl monitor mode
- Prism54 with injection patch
- Linux-wlan-ng with injection patch
- Madwifi with injection patch
- ACX drivers are back on cd
Addons:
- Default password list has been updated
- Added some changes to the network stack using /etc/sysctl.conf, which will be called from knoppix-autoconfig script
- New background image
Some fixes i remember:
- Kernel completely rebuilded to provide full functionality
- Isolinux now accepts bootparameters again
- USB drivers are back to /dev/sda and booting from stick works fine
- grub files have been fixed
- fixed hostname /etc/hosts
- /cdrom/index.html pointed to the old forum fixed that
- Added cardctl eject, cardctl insert into switch-to-XY scripts
- Fixed the homebutton of the konquerror when clicked first time
- Fixed the menuentry for nessus
Download (645MB)
Added: 2005-06-22 License: GPL (GNU General Public License) Price:
1131 downloads
sauditor 0.3
sauditor project is a simple sample auditor. more>>
sauditor project is a simple sample auditor.
I made it because I wanted it and wanted the practice, so please dont complain that Ive made yet another sample player.
Its simple, it uses jack and it shows a pretty spectrum analyser so you can get an idea of the spectral content of your samples. I may be the only person who finds the spectrum analyser useful, but hey. The spectrum analyser is now X based. If you want to play with the text speccy analyser, get version 0.1
It was fun to get some practice back in C and C++, as well as learning to use jack a little better and fftw, libsndfile, libsamplerate and ncurses for the first time. Add xlib to that list now, too.
Installation:
No fancy autoconf/automake, although I might sort that out later.
Just use make to build it and make install (as root) to install it
Usage:
Just run it.
Enter or P plays the current sample, space toggles playing.
If the screen goes funny (which it shouldnt do anymore) use R to refresh it
F toggles the spectrum analyser window
Q quits
H shows the help and V shows version info.
Run with the -a option to show files starting with a dot.
<<lessI made it because I wanted it and wanted the practice, so please dont complain that Ive made yet another sample player.
Its simple, it uses jack and it shows a pretty spectrum analyser so you can get an idea of the spectral content of your samples. I may be the only person who finds the spectrum analyser useful, but hey. The spectrum analyser is now X based. If you want to play with the text speccy analyser, get version 0.1
It was fun to get some practice back in C and C++, as well as learning to use jack a little better and fftw, libsndfile, libsamplerate and ncurses for the first time. Add xlib to that list now, too.
Installation:
No fancy autoconf/automake, although I might sort that out later.
Just use make to build it and make install (as root) to install it
Usage:
Just run it.
Enter or P plays the current sample, space toggles playing.
If the screen goes funny (which it shouldnt do anymore) use R to refresh it
F toggles the spectrum analyser window
Q quits
H shows the help and V shows version info.
Run with the -a option to show files starting with a dot.
Download (0.016MB)
Added: 2006-02-17 License: GPL (GNU General Public License) Price:
1344 downloads
Local Area Security 0.5
L.A.S. is a research group focused on information security related subjects. more>>
Local Area Security is a research group focused on information security related subjects. We are most known for L.A.S. Linux. Our live-CD security toolkit.
Local Area Security is a project that was started in 2002 to research information security related topics. During that time there was no real live-CD toolkit focused on information security.
So Jascha, the project founder built one from a stripped down version of Knoppix called Model-K. Both of which were built from Debian Linux.
Up until version 0.4 L.A.S. Linux was command line only. Which made it limited to some of the tools it could contain since many require a GUI. Or at least for many it is preferable to have one. So FluxBox was added as the desktop since it is light weight and very feature filled.
It was during this time that Jascha came up with the idea of keeping the size of L.A.S. as small as possible, which lead to a target maximum size of 180MBs. The size of the original mini-CDs that were available at the time. This forced the selection of tools and features to be weighed heavily since unlike other live-CDs that throw in everything including the kitchen sink. L.A.S. was designed from the ground up to be a tool not a all-inclusive grab bag of applications.
As well as many advances for live-CDs came about, such as to-ram that allows booting a live-CD into the physical RAM of a computer. Which by chance L.A.S. was perfectly cut out for. With as little as 256MB of RAM people could boot L.A.S. and then free up their CD-ROMs for burring etc.
For forensics this was a big plus, along with many other uses. Plus L.A.S. ran very fast in RAM which helped with running Nessus, Nmap, or other tools. When compared to full size (700MB) CDs which would require 1GB of RAM to use the to-ram option, it was really no contest.
<<lessLocal Area Security is a project that was started in 2002 to research information security related topics. During that time there was no real live-CD toolkit focused on information security.
So Jascha, the project founder built one from a stripped down version of Knoppix called Model-K. Both of which were built from Debian Linux.
Up until version 0.4 L.A.S. Linux was command line only. Which made it limited to some of the tools it could contain since many require a GUI. Or at least for many it is preferable to have one. So FluxBox was added as the desktop since it is light weight and very feature filled.
It was during this time that Jascha came up with the idea of keeping the size of L.A.S. as small as possible, which lead to a target maximum size of 180MBs. The size of the original mini-CDs that were available at the time. This forced the selection of tools and features to be weighed heavily since unlike other live-CDs that throw in everything including the kitchen sink. L.A.S. was designed from the ground up to be a tool not a all-inclusive grab bag of applications.
As well as many advances for live-CDs came about, such as to-ram that allows booting a live-CD into the physical RAM of a computer. Which by chance L.A.S. was perfectly cut out for. With as little as 256MB of RAM people could boot L.A.S. and then free up their CD-ROMs for burring etc.
For forensics this was a big plus, along with many other uses. Plus L.A.S. ran very fast in RAM which helped with running Nessus, Nmap, or other tools. When compared to full size (700MB) CDs which would require 1GB of RAM to use the to-ram option, it was really no contest.
Download (210MB)
Added: 2005-11-09 License: GPL (GNU General Public License) Price:
840 downloads
Astaro Security Linux 7.5 Beta
Astaro Security Linux is an award-winning, unique network security solution in an integrated and easy-to-use and manage package. more>>
Astaro Security Linux 7.5 Beta offers you a wonderful and extremely useful product which is an award-winning, unique network security solution in an integrated and easy-to-use and manage package. Astaro Security Linux includes a combination of the following security applications:
- A Firewall with stateful packet inspection and application proxies guards Internet communications traffic in and out of the organization.
- A Virtual Private Network (VPN) gateway assures secure communications with remote offices, road warriors, and telecommuters.
- Anti-Virus defends computers from both email and web-bourne viruses.
- Intrusion Protection detects and stops hostile probes and application-based attacks.
- Spam Filtering eliminates the productivity drain of opening and deleting unsolicited emails.
- Surf Protection (Content Filtering) and Spyware Protection improve productivity by blocking inappropriate web activities, provide full protection from user tracking threats and violation of privacy.
Major Features:
- Protects all types of networks Windows, Linux, Unix and others.
- Delivers comprehensive features at low cost maximizing your ROI (return on investment).
- Highly effective. Has won numerous industry awards. Beat Cisco and Checkpoint in InfoWorld magazine product review, Beat IBM and Computer Associates in Linux World for Best Security Application.
- Integrated management platform features an intuitive browser-based interface and one-step updates for rapid deployment and easy management.
- Can be installed in under 15 minutes or purchased pre-installed on security appliances.
- Can start with firewall, VPN and spam protection and add other security applications as needed, seamlessly.
- Runs as a dedicated application server on top of a hardened operating system, which relieves operating system management headaches.
- Runs on systems ranging from small devices up to large multi-processor systems utilizing gigabytes of memory.
- Redundant systems can be configured to provide high availability and automatic failover in case of hardware or network failures.
- Load balancing improves performance - traffic shaping can set priorities by network, service and protocol.
- Logging, automatic backup, and diagnostic tools support high reliability.
- Free online evaluation workshop to get you started.
Enhancements:
- Major New Things:
- Intrusion Protection Performance
- Uses new version of the IPS engine
- Scales massively when used with Multi-Core CPU/Appliances
- Real-Time Bandwidth Monitor
- New Interface utilization bars on Dashboard (setup scale via QOS)
- Click for detailed overview as to "whats happening in my network right now"
- Import/Export Widget
- Gives the ability to work with manual lists for many features/fields
- Useful to import a large blacklist (for example) into the URL Blacklist
- Can been seen in many user-input boxes in Web, Mail and more. (Green Up/Down Arrows)
- Clone Objects
- Easily duplicate existing objects for quick re-use.
- Supported in most places for many objects (Definitions, Services, Certain Profiles/Actions)
- Extended Network Security Reporting
- Added Detailed Packet Filter/Firewall Reports
- Added Detailed IM/P2P Reports
- Reputation Support for Web Security
- Allows use of the trustedsource.org reputation for Web Filtering
- Documentation coming, for now visit their site/FAQ for more info on reputations
- DHCP Improvements
- Automatically map a current lease to a static assignment
- Limit DHCP leases to those with static assignments only
- Configurable DHCP lease time
- Servers retain configuration when enabled/disabled
- Multicast Routing Daemon
- PIM-SM Routing support
- More documentation on this implementation to come. Experiment with it and if it solves your needs.
- Other New Things:
- Windows SSL VPN Upgraded - New Client which supports X64 and many other options (download again via the UserPortal)
- Improved HTTP Caching - Increases hit/usage rates and makes the cache more effective.
- Quarantine/UserPortal Usability - Adds navigation to the bottom (supplementing the existing controls at the top), large amounts (250-1000) of displayed items per page, and sorting by subject line.
- Default Definition for "Internet" - Allows to specify "Internet" as an object which will exclude internal network(s) to aid policy creation (0.0.0.0/0 on Gateway interface)
- Customizable Shortcuts - Change the default Ctrl assignments to fit your preference
- Improved Definition/Services Sidebar - Mouseover now instantly shows full name and extended info to aid identifying desired object for drag n drop.
- User List shows static IPs - if assigned/configured (no need to edit in order to view)
- Live Log Negation - use to filter live logs to not show lines that match "-" entries i.e. -test to remove lines containing "test"
- Console/SSH Logins Trigger a notification - provides admin the needed insight when accessed.
- Instant Email Backup - Button for every created backup file which allows it to be sent immediately via email to configured addresses
- Custom text for notifications - Allows easier identification of which installation is sending the message. Especially useful if managing multiple sites using notifiers.
- Test NTP Sync - Button to immediately poll the configured NTP server
- Automatic Backup before Up2Date install
- Configurable Default for Lists - Allows for the amount of items per page (Packet Filter Rules, or anywhere there is a number amounts drop down) to have a larger default view
- Cluster/HA Serial Number View - Information on connected units made easier
- Schedule Firmware Installation - When an Up2Date for Firmware is available, you can schedule it to auto-install at a certain time (not a recurring setting)
- WebAdmin Network Section Split - Now two sections; "Network" and "Network Services" for usability.
- Search Boxes Retain Data - No need to re-enter query when returning from a drill down/result click.
- System Restart Reason - Allows logging of "why was system restarted" in the notification
- Group Tool tips for Members - Easily discern Network/Service Group members without having to edit in order to view
- Reporting Exclusions - Used to remove unwanted entries from various reports (such as Google-analytics from Web Security tables
- Log Flag for NAT Rules - Similar to packet filter, tells you which NAT rule was matched as part of traffic handling
- Masquerading for Additional IP Addresses - Allows the use of Masquerading (vs. just SNAT) for additional IPs bound to an interface
- Support for Multiple Authentication Servers - The authentication server section has been redesigned to support fallback/failover in an easier format, with many usability improvements
- SNMP MIB - Downloadable via the SNMP section of WebAdmin
- Up2date Status Reworked - Clarifies the current status of a Firmware Up2date to avoid confusion regarding the availability, download progress etc...of an issued Up2date.
- Inline/Snap Report Links - Directly moves the Admin to the relevant details report when browsing the embedded daily reports located throughout WebAdmin
- Global POP3 Sender Blacklist - Quarantined as "other" in the QM/EUP
- Dashboard RSS Feed - Provides visibility to select Astaro-issued items via WebAdmin
- Other magic features, enhancements, and usability improvements
Added: 2009-05-30 License: Free for non-commerc... Price: USD290.00
13 downloads
Other version of Astaro Security Linux
Astaro Security Linux 7.404 is an integrated and easy-to-use package of ... -winning, unique network security solution in. Astaro Security Linux includes a combinationPrice: USD290.00
License:Free for non-commerc...
License:Free for non-commerc...
Astaro Corporation - Astaro Security Linux is an award-winning, unique network security solution in an integratedPrice: $290
License:Free for non-commercial use
License:Free for non-commercial use
security solution in an integrated and easy-to-use and manage package. award-winning, unique network security solution in an integrated and easy-to-use and managePrice: USD290.00
License:Free for non
License:Free for non
Price: $290
License:Free for non-commercial use
License:Free for non-commercial use
under 15 minutes or purchased pre-installed on security appliances. - Can start with firewallPrice: $290
License:Free for non-commercial use
License:Free for non-commercial use
Devolution Security 3.0.6
Devolution Security is a video surveillance system for Linux based systems. more>>
Devolution Security is a video surveillance system for Linux based systems. It supports up to 16 cameras and features unicast and multicast broadcasting, a Web interface, an X11 interface, themes, motion detection, record on motion, eight different camera layouts, camera cycling, fullscreen mode, and more. Devolution Security uses its own toolkit (dtk).
Main features:
- Up to 16 cameras
- Motion detection
- Record on motion detection
- Record up to 25 fps mpeg4 video
- Multicast live streams to local network
- Unicast to internet IP address
- Very configurable
- Themeable X11 interface
- Web based interface
<<lessMain features:
- Up to 16 cameras
- Motion detection
- Record on motion detection
- Record up to 25 fps mpeg4 video
- Multicast live streams to local network
- Unicast to internet IP address
- Very configurable
- Themeable X11 interface
- Web based interface
Download (10MB)
Added: 2005-10-26 License: GPL (GNU General Public License) Price:
1486 downloads
GNU Phantom.Security 1.00
GNU Phantom.Security is a computer-controlled security system. more>>
GNU Phantom.Security is a computer-controlled security system.
Phantom is designed to be a completely customizable computer controlled security system. All source code (C++/Bourne script) is included. Phantom was designed & tested on a Linux system, but I assume the C++ portions can be easily ported to other Unix systems (even DOS/Windows, maybe?). The Phantom Security system is for use with intrusion/fire detection equipment such as motion sensors, door magnets, and smoke detectors. However, any Normally Open or Normally Closed device may work with little or no change to the code. All source code and diagrams included are free to use,for distributing, and to modify!
Phantom.Controller is to be used in a system with non-powered security devices, i.e. door magnets. Phantom.Controller2 is for systems with powered security devices, i.e. motion sensors & smoke detectors. Anyone with a basic knowledge of circuit design can mix and match from these two diagrams to mix powered & non-powered devices!
Enhancements:
- To compile & install Phantom.Security 1.00:
- configure
- make
- make install
- The default installation directory is /home/Phantom/security. However, this can be modified in the top-level Makefile.am (if this is changed, you need to re-run aclocal, autoconf, & automake). However, both the bindir and datadir should point to the SAME directory, or else Phantom.Security wont function correctly, because it wont be able
- to find the Phantom.conf file.
Enhancements:
- Version 1.0!!! GNU Phantom.Security is out of Beta! I have been running Phantom.Security for months straight on my machine at work and believe it is stable enough to promote it out
- of Beta!
- Created HTML & PostScript versions of documentation. Available on-line.
<<lessPhantom is designed to be a completely customizable computer controlled security system. All source code (C++/Bourne script) is included. Phantom was designed & tested on a Linux system, but I assume the C++ portions can be easily ported to other Unix systems (even DOS/Windows, maybe?). The Phantom Security system is for use with intrusion/fire detection equipment such as motion sensors, door magnets, and smoke detectors. However, any Normally Open or Normally Closed device may work with little or no change to the code. All source code and diagrams included are free to use,for distributing, and to modify!
Phantom.Controller is to be used in a system with non-powered security devices, i.e. door magnets. Phantom.Controller2 is for systems with powered security devices, i.e. motion sensors & smoke detectors. Anyone with a basic knowledge of circuit design can mix and match from these two diagrams to mix powered & non-powered devices!
Enhancements:
- To compile & install Phantom.Security 1.00:
- configure
- make
- make install
- The default installation directory is /home/Phantom/security. However, this can be modified in the top-level Makefile.am (if this is changed, you need to re-run aclocal, autoconf, & automake). However, both the bindir and datadir should point to the SAME directory, or else Phantom.Security wont function correctly, because it wont be able
- to find the Phantom.conf file.
Enhancements:
- Version 1.0!!! GNU Phantom.Security is out of Beta! I have been running Phantom.Security for months straight on my machine at work and believe it is stable enough to promote it out
- of Beta!
- Created HTML & PostScript versions of documentation. Available on-line.
Download (0.26MB)
Added: 2006-07-11 License: GPL (GNU General Public License) Price:
1203 downloads
Network Security Toolkit 1.5.0
Network Security Toolkit is a bootable ISO live CD and its based on Fedora Core 2. more>>
Network Security Toolkit is a bootable ISO live CD and its based on Fedora Core 2.
The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.
The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 75 Security Tools by insecure.org are available in the toolkit.
What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.
This can all be done without disturbing or modifying any underlying sub-system disk. NST can be up and running on a typical x86 notebook in less than a minute by just rebooting with the NST ISO CD. The notebooks hard disk will not be altered in any way.
NST also makes an excellent tool to help one with all sorts of crash recovery troubleshooting scenarios and situations.
Enhancements:
- We are pleased to announce the latest NST release: v1.5.0. This release is based on Fedora Core 5 using the Linux kernel 2.6.18. Here are some of the highlights for this release: the NST Web User Interface (WUI), has been greatly enhanced and cleaned up; extensive additions to managing and analyzing network packet captures; the ability to setup and manage printers; the ability to easily mount many different supported file system types; the ability to manage the NST as a file server (both NFS and CIFS); the addition of the Inprotect package (a Nessus manager); the addition of the Zabbix package (another network resource monitoring tool - similar to Nagios)....
<<lessThe toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.
The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 75 Security Tools by insecure.org are available in the toolkit.
What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.
This can all be done without disturbing or modifying any underlying sub-system disk. NST can be up and running on a typical x86 notebook in less than a minute by just rebooting with the NST ISO CD. The notebooks hard disk will not be altered in any way.
NST also makes an excellent tool to help one with all sorts of crash recovery troubleshooting scenarios and situations.
Enhancements:
- We are pleased to announce the latest NST release: v1.5.0. This release is based on Fedora Core 5 using the Linux kernel 2.6.18. Here are some of the highlights for this release: the NST Web User Interface (WUI), has been greatly enhanced and cleaned up; extensive additions to managing and analyzing network packet captures; the ability to setup and manage printers; the ability to easily mount many different supported file system types; the ability to manage the NST as a file server (both NFS and CIFS); the addition of the Inprotect package (a Nessus manager); the addition of the Zabbix package (another network resource monitoring tool - similar to Nagios)....
Download (364.9MB)
Added: 2007-02-14 License: GPL (GNU General Public License) Price:
991 downloads
Qmail Auditor 0.4
Qmail Auditor consists of a email auditing tool. more>>
Qmail Auditor consists of a email auditing tool.
QMail Auditor provides simple a method for auditing emails. It is easy to configure and uses regular expressions as rules.
The format of audit file is :
Any e-mail (outbound or inbound) have passed at this filter.
The valids "field header"(s) :
all - field from or to of e-mails
to - field to
from - field from
In case of regular expression you read the
# man re_format
# man regex
E-mail to forward is a valid mail account to redirect.
Example of this :
from nelio@walk.* auditoria@spyware.walk.com.br
to nelio@spyware.* auditoria@spyware.walk.com.br
Enhancements:
- Now the config file name has renamed.
- From audit (in /var/qmail/control for /var/qmail/control/auditor) and qmail-queue-real-audit for qmail-queue-real-auditor.
<<lessQMail Auditor provides simple a method for auditing emails. It is easy to configure and uses regular expressions as rules.
The format of audit file is :
Any e-mail (outbound or inbound) have passed at this filter.
The valids "field header"(s) :
all - field from or to of e-mails
to - field to
from - field from
In case of regular expression you read the
# man re_format
# man regex
E-mail to forward is a valid mail account to redirect.
Example of this :
from nelio@walk.* auditoria@spyware.walk.com.br
to nelio@spyware.* auditoria@spyware.walk.com.br
Enhancements:
- Now the config file name has renamed.
- From audit (in /var/qmail/control for /var/qmail/control/auditor) and qmail-queue-real-audit for qmail-queue-real-auditor.
Download (0.16MB)
Added: 2007-01-22 License: BSD License Price:
1010 downloads
Network Security Analysis Tool 1.5
Network Security Analysis Tool is a fast, stable bulk security scanner designed to audit remote network services. more>>
Network Security Analysis Tool is a fast, stable bulk security scanner designed to audit remote network services and check for versions, security problems, gather information about the servers and the machine, and much more.
A manpage providing extensive information on NSAT has been included in the distribution. It is available after a make install, or just by typing man doc/nsat.8 from this dir. It is suggested that you inform yourself at least about the -v (scan verbosity) option and edit the configuration file. To learn about changes in this version, please consult doc/CHANGES.
New to this version is support for distributed scanning. The manpage describes how to do a distributed scan. Note that distributed scanning in this version is just a preliminary, proof-of-concept, implementation with no guarantees for its security, reliability, or performance.
Check for updated vulnerability lists, config files, etc. from
http://nsat.sourceforge.net
Currently, these are lists of vulnerabilities:
nsat.cgi (CGI scripts)
nsat.conf (configuration)
src/mod/snmp.h (SNMP community names)
<<lessA manpage providing extensive information on NSAT has been included in the distribution. It is available after a make install, or just by typing man doc/nsat.8 from this dir. It is suggested that you inform yourself at least about the -v (scan verbosity) option and edit the configuration file. To learn about changes in this version, please consult doc/CHANGES.
New to this version is support for distributed scanning. The manpage describes how to do a distributed scan. Note that distributed scanning in this version is just a preliminary, proof-of-concept, implementation with no guarantees for its security, reliability, or performance.
Check for updated vulnerability lists, config files, etc. from
http://nsat.sourceforge.net
Currently, these are lists of vulnerabilities:
nsat.cgi (CGI scripts)
nsat.conf (configuration)
src/mod/snmp.h (SNMP community names)
Download (0.40MB)
Added: 2006-07-14 License: GPL (GNU General Public License) Price:
1204 downloads
Security::CVSS 0.3
Security::CVSS is a Perl module to calculate CVSS values (Common Vulnerability Scoring System). more>>
Security::CVSS is a Perl module to calculate CVSS values (Common Vulnerability Scoring System).
SYNOPSIS
use Security::CVSS;
my $CVSS = new Security::CVSS;
$CVSS->AccessVector(Local);
$CVSS->AccessComplexity(High);
$CVSS->Authentication(Not-Required);
$CVSS->ConfidentialityImpact(Complete);
$CVSS->IntegrityImpact(Complete);
$CVSS->AvailabilityImpact(Complete);
$CVSS->ImpactBias(Normal);
my $BaseScore = $CVSS->BaseScore();
$CVSS->Exploitability(Proof-Of-Concept);
$CVSS->RemediationLevel(Official-Fix);
$CVSS->ReportConfidence(Confirmed);
my $TemporalScore = $CVSS->TemporalScore()
$CVSS->CollateralDamagePotential(None);
$CVSS->TargetDistribution(None);
my $EnvironmentalScore = $CVSS->EnvironmentalScore();
my $CVSS = new CVSS({AccessVector => Local,
AccessComplexity => High,
Authentication => Not-Required,
ConfidentialityImpact => Complete,
IntegrityImpact => Complete,
AvailabilityImpact => Complete,
ImpactBias => Normal
});
my $BaseScore = $CVSS->BaseScore();
$CVSS->UpdateFromHash({AccessVector => Remote,
AccessComplexity => Low);
my $NewBaseScore = $CVSS->BaseScore();
$CVSS->Vector((AV:L/AC:H/Au:NR/C:N/I:P/A:C/B:C));
my $BaseScore = $CVSS->BaseScore();
my $Vector = $CVSS->Vector();
CVSS allows you to calculate all three types of score described under the CVSS system: Base, Temporal and Environmental.
You can modify any parameter via its accessor and recalculate at any time.
The temporal score depends on the base score, and the environmental score depends on the temporal score. Therefore you must remember to supply all necessary parameters.
<<lessSYNOPSIS
use Security::CVSS;
my $CVSS = new Security::CVSS;
$CVSS->AccessVector(Local);
$CVSS->AccessComplexity(High);
$CVSS->Authentication(Not-Required);
$CVSS->ConfidentialityImpact(Complete);
$CVSS->IntegrityImpact(Complete);
$CVSS->AvailabilityImpact(Complete);
$CVSS->ImpactBias(Normal);
my $BaseScore = $CVSS->BaseScore();
$CVSS->Exploitability(Proof-Of-Concept);
$CVSS->RemediationLevel(Official-Fix);
$CVSS->ReportConfidence(Confirmed);
my $TemporalScore = $CVSS->TemporalScore()
$CVSS->CollateralDamagePotential(None);
$CVSS->TargetDistribution(None);
my $EnvironmentalScore = $CVSS->EnvironmentalScore();
my $CVSS = new CVSS({AccessVector => Local,
AccessComplexity => High,
Authentication => Not-Required,
ConfidentialityImpact => Complete,
IntegrityImpact => Complete,
AvailabilityImpact => Complete,
ImpactBias => Normal
});
my $BaseScore = $CVSS->BaseScore();
$CVSS->UpdateFromHash({AccessVector => Remote,
AccessComplexity => Low);
my $NewBaseScore = $CVSS->BaseScore();
$CVSS->Vector((AV:L/AC:H/Au:NR/C:N/I:P/A:C/B:C));
my $BaseScore = $CVSS->BaseScore();
my $Vector = $CVSS->Vector();
CVSS allows you to calculate all three types of score described under the CVSS system: Base, Temporal and Environmental.
You can modify any parameter via its accessor and recalculate at any time.
The temporal score depends on the base score, and the environmental score depends on the temporal score. Therefore you must remember to supply all necessary parameters.
Download (0.005MB)
Added: 2007-04-11 License: Perl Artistic License Price:
928 downloads
Network Security Monitor Daemon 4.0
The Network Security Monitor Daemon is a lightweight network security monitor for TCP/IP LANs. more>>
The Network Security Monitor Daemon is a lightweight network security monitor for TCP/IP LANs. It will capture certain network events and record them in a relational database. The recorded data is available for analysis through a CGI-based interface.
You can run test version with ./Monitord, just to see how it works. Production version should be run in background, v.g. with nohup ./monitord &. Both versions will accept a device name as a parameter (default: eth0). You can send them SIGHUP at any time to print some stats. If you send SIGTERM, SIGQUIT or SIGINT, all threads will end gracefully.
Enhancements:
- Linux Kernel with "packet sockets" and "socket filtering" support.
- GNU C Library 2 (glibc2) with LinuxThreads support. (integrated in most recent versions).
- Full MySQL, including headers and libmysqlclient_r.
- GNU C Compiler (gcc).
- GNU Make (make).
- Perl (perl).
- Wget (wget).
Enhancements:
- Added chmod 4755 ... in Makefile
- Root should run make now, but not the daemon ;-)
- The daemon will drop root privileges as soon as possible
- (after creating the raw socket with an attached linux socket
- filter and putting the interface in promiscuous mode)
- No threads run with root privileges so its much safer
- (specially the new server thread which reads remote user input)
- Added stats thread
- To calculate/mantain exponential averages
- Added server thread
- It accepts HTTP requests and serves stats in XML
<<lessYou can run test version with ./Monitord, just to see how it works. Production version should be run in background, v.g. with nohup ./monitord &. Both versions will accept a device name as a parameter (default: eth0). You can send them SIGHUP at any time to print some stats. If you send SIGTERM, SIGQUIT or SIGINT, all threads will end gracefully.
Enhancements:
- Linux Kernel with "packet sockets" and "socket filtering" support.
- GNU C Library 2 (glibc2) with LinuxThreads support. (integrated in most recent versions).
- Full MySQL, including headers and libmysqlclient_r.
- GNU C Compiler (gcc).
- GNU Make (make).
- Perl (perl).
- Wget (wget).
Enhancements:
- Added chmod 4755 ... in Makefile
- Root should run make now, but not the daemon ;-)
- The daemon will drop root privileges as soon as possible
- (after creating the raw socket with an attached linux socket
- filter and putting the interface in promiscuous mode)
- No threads run with root privileges so its much safer
- (specially the new server thread which reads remote user input)
- Added stats thread
- To calculate/mantain exponential averages
- Added server thread
- It accepts HTTP requests and serves stats in XML
Download (0.033MB)
Added: 2006-07-12 License: GPL (GNU General Public License) Price:
1203 downloads
Luke Macken Security LiveCD
Luke Macken Security LiveCD provides a fully functional livecd based on Fedora for use in security auditing, forensics research. more>>
Luke Macken Security LiveCD provides a fully functional livecd based on Fedora for use in security auditing, forensics research, and penetration testing.
Main features:
- All of the security features and tools Fedora has to offer
- Features from the FedoraLiveCD
- Ability to install directly to hard drive
Spinning your own
# yum install mercurial livecd-tools
$ hg clone http://hg.lewk.org/security-livecd
# livecd-creator --config security-livecd/fedora-security-livecd.ks --fslabel=Fedora-7-Security-LiveCD
Making changes to the LiveCD is as simple as modifying the fedora-security-livecd.ks configuration file.
<<lessMain features:
- All of the security features and tools Fedora has to offer
- Features from the FedoraLiveCD
- Ability to install directly to hard drive
Spinning your own
# yum install mercurial livecd-tools
$ hg clone http://hg.lewk.org/security-livecd
# livecd-creator --config security-livecd/fedora-security-livecd.ks --fslabel=Fedora-7-Security-LiveCD
Making changes to the LiveCD is as simple as modifying the fedora-security-livecd.ks configuration file.
Download (MB)
Added: 2007-08-09 License: GPL (GNU General Public License) Price:
813 downloads
Domain Auditor 0.31
Domain Auditor project was written to audit and track accounts within a domain. more>>
Domain Auditor project was written to audit and track accounts within a domain. This tool uses LDAP queries to a definable Active Directory server to find various definable classes of accounts.
Initially it will operate interactively, but capabilities may be added in the future to automate functions (i.e. generate reports on a scheduled basis). The installation script handles most installation chores, so setup is very straightforward.
The tool is beta status at this time, but is in being used to generate SOX reports for my employer.
Main features:
- Reports - This function will display a list of defined reports, when invoked it will generate a list of accounts from AD (via LDAP queries) the results returned will depend on what you have defined for the filter for any particular report class under Sysadmin
- Sys Admin - This function will allow you to changes the system settings for LDAP server and port, base DN, Bind DN, username and password, and the database settings (mySQL only at this time). You may also add the report class definitions and their matching LDAP filters within this module
- User Admin - This screen is used to define users for the system and their rights. Usernames are used as the primary value, and entered values are validated via LDAP queries
- Audit Logs - The system logs all changes to the information stored and this page will allow you to review the data from these logs
<<lessInitially it will operate interactively, but capabilities may be added in the future to automate functions (i.e. generate reports on a scheduled basis). The installation script handles most installation chores, so setup is very straightforward.
The tool is beta status at this time, but is in being used to generate SOX reports for my employer.
Main features:
- Reports - This function will display a list of defined reports, when invoked it will generate a list of accounts from AD (via LDAP queries) the results returned will depend on what you have defined for the filter for any particular report class under Sysadmin
- Sys Admin - This function will allow you to changes the system settings for LDAP server and port, base DN, Bind DN, username and password, and the database settings (mySQL only at this time). You may also add the report class definitions and their matching LDAP filters within this module
- User Admin - This screen is used to define users for the system and their rights. Usernames are used as the primary value, and entered values are validated via LDAP queries
- Audit Logs - The system logs all changes to the information stored and this page will allow you to review the data from these logs
Download (0.043MB)
Added: 2006-01-24 License: GPL (GNU General Public License) Price:
1369 downloads
MultiAdmin Security Module 1.0.7
MultiAdmin security framework kernel module provides means to have multiple more>>
MultiAdmin security framework kernel module provides means to have multiple "root" users with unique UIDs.
This fixes collation order problems which for example appear with NSCD, allows to have files with determinable owner and allows to track the quota usage for every user, since they now have a unique uid.
MultiAdmin Security Module also implements a "sub-admin", a partially restricted root user, who has full read-only access to most subsystems, and additional write rights only to a limited subset, e.g. writing to files or killing processes only of certain users.
Enhancements:
- The NetAdmin user class has been removed since it can be handled in userspace.
- The code has been updated to work with Linux 2.6.22.
<<lessThis fixes collation order problems which for example appear with NSCD, allows to have files with determinable owner and allows to track the quota usage for every user, since they now have a unique uid.
MultiAdmin Security Module also implements a "sub-admin", a partially restricted root user, who has full read-only access to most subsystems, and additional write rights only to a limited subset, e.g. writing to files or killing processes only of certain users.
Enhancements:
- The NetAdmin user class has been removed since it can be handled in userspace.
- The code has been updated to work with Linux 2.6.22.
Download (0.020MB)
Added: 2007-08-05 License: GPL (GNU General Public License) Price:
815 downloads
Adeos Filesystem Security Scanner 1.0
Adeos (named after the obscure Roman goddess of modesty) is an automated filesystem security scanner. more>>
Adeos (named after the obscure Roman goddess of modesty) is an automated filesystem security scanner. It recursively walks all mounted filesystems on the local system and attempts to identify common security concerns such as SUID and world-writeable files.
The output is available as text or html, with either output type formatted in either report or list style. Text is written to stdout and is redirected to a file, while HTML is written to a file named results.html in the local directory.
Adeos should compile and run on almost any UNIX-type system. It has been tested on Sun Solaris and Linux 2.x.
Adeos must be run from a non-priveleged user account on the system. Since a priveleged account, such as root has much greater priveleges than a standard user, the results would be meaningless.
Adeos supports three scan modes: normal, verbose, and paranoid. A brief description of what each looks for is below.
normal: Set-User-ID (SUID) files, Set-Group-ID (SGID) files, world-writeable files, and world-writeable directories. (Default mode)
verbose: Everything that a Normal scan looks for, "Sticky" files, unreadable directories, and inaccessible files.
paranoid: Everything Normal and Verbose scans look for, world-readable files, world-executable files, world-readable directories, and world-executable directories.
Adeos supports the following command-line options. Note that if you want to use multiple options you must specify each one individually.
-d Include dynamic directories (/dev /devices /proc /tmp) in the scan.
-h Place output in an HTML file named results.html
-r Format output as a collated report.
--help Display usage and help information.
A default Adeos run performs a Normal mode scan with list-formatted text output.
<<lessThe output is available as text or html, with either output type formatted in either report or list style. Text is written to stdout and is redirected to a file, while HTML is written to a file named results.html in the local directory.
Adeos should compile and run on almost any UNIX-type system. It has been tested on Sun Solaris and Linux 2.x.
Adeos must be run from a non-priveleged user account on the system. Since a priveleged account, such as root has much greater priveleges than a standard user, the results would be meaningless.
Adeos supports three scan modes: normal, verbose, and paranoid. A brief description of what each looks for is below.
normal: Set-User-ID (SUID) files, Set-Group-ID (SGID) files, world-writeable files, and world-writeable directories. (Default mode)
verbose: Everything that a Normal scan looks for, "Sticky" files, unreadable directories, and inaccessible files.
paranoid: Everything Normal and Verbose scans look for, world-readable files, world-executable files, world-readable directories, and world-executable directories.
Adeos supports the following command-line options. Note that if you want to use multiple options you must specify each one individually.
-d Include dynamic directories (/dev /devices /proc /tmp) in the scan.
-h Place output in an HTML file named results.html
-r Format output as a collated report.
--help Display usage and help information.
A default Adeos run performs a Normal mode scan with list-formatted text output.
Download (0.029MB)
Added: 2006-07-13 License: GPL (GNU General Public License) Price:
1200 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above auditor security search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
