Free homeland insecurity software for linux

US Department of Homeland Insecurity Idiocy Level is a Firefox extension that displays the current Idiocy Level in the status bar.

PhishBouncer project is an advanced Java HTTP(S) proxy with anti-phishing capabilities.
PhishBouncer is an anti-phishing platform based on an HTTP/HTTPS proxy integrating anti-phishing checks that do not depend on block lists or Phish signatures. The checking algorithms make use of the attributes of the web-site being visited, the structure and properties of the referring URL, and the web-sites association with other legitimate web-sites that the user interacts with. The checks are implemented as plug-in interceptors, and it is easy to modify them and add or remove new checks. Apart from defense against Phishing, PhishBouncer is also a platform for developing and testing new anti-Phishing checks.
For ease of rapid prototyping and testing of anti-Phishing checks with real and reliable test data, a crawl-and-drive framework is also provided-- all you need is an APWG membership to be able to download Phish Reports from APWG and follow the instructions provided. This framework will periodically download new Phish URLs from APWG, and visit the Phish sites using the PhishBouncer proxy first without and then with the anti-Phishing checks. All results are logged so that dead or broken sites (i.e., sites that produced errors in either visit) can be culled, and the remaining data can be used to obtain an accurate count of how many Phish sites were flagged by the currently active checks.
The HTTP/HTTPS proxy framework can also be used to insert other types of adaptive behavior in the HTTP/HTTPS based interaction by replacing the plug-in interceptors executing anti-phishing checks by other interceptors that performs logging, filtering (as in parental control), load-balancing, QoS-based redirection etc.
PhishBouncer was developed by BBN under an R&D project supported by the Homeland Security Advanced Research Project Agency (HSARPA), under its Cyber Security R&D program.
Main features:
- Implemented in Java, therefore less vulnerable to traditional exploits (e.g., buffer overflow attacks)
- Architectural solution with stronger guarantees than browser plug-ins (can catch phishing attacks even if the browser is closed or not part of the communication)
- Browser independent - supports all web browsers
- Operating system independent - supports all operating systems that can run Java
- Highly customizable deployment options - runs on user hosts, wireless routers, or network server
- Open framework and plug-in architecture - allows easy addition of new checks
- Attribute-based detection - provides protection against unknown phishing attacks
- Supports reactive and proactive anti-phishing checks
- Supports HTTP and HTTPS

DSniff project is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.

I wrote these tools with honest intentions - to audit my own network, and to demonstrate the insecurity of most network application protocols. Please do not abuse this software.

The Revisionist is a tool for extracting and indexing hidden metadata (such as deleted or modified text) from large collections of MS Word files.
It can operate whole Web sites or SMB or NFS directories. The Revisionist project is handy for pen-testing, or it can be used just to spot embarrassing secrets.
My primary goal is to provide pen-testers and content administrators with a handy tool to detect hidden data in all documents available at a specific location (be it a locally mounted network share, a HTTP site, or whatnot), and easily review it all.
Right now, the tool only detects and indexes deleted text in documents with "change tracking" enabled, and can also index usernames and hardware addresses embedded in documents (to facilitate external assessment of company structure); future versions should be able to recover other goodies, too.
Usage:
To run the tool against a local directory, a mounted SMB or NFS directory, or such, simply issue the following command (after doing make, that is):
./therev @/path/to/directory
After the tool completes, you should be able to view master.html in current directory using your favourite browser (Lynx, Netscape, etc). Cached copies of documents would be placed in subdirectories named document.XXXXXX, where X is a random digit; hence, it is recommended to run the tool in a separate directory.
Note that you may also instruct the tool to look for specific substring and only choose those documents that contain it (strict checking, no regexp available):
./therev linux @/path/to/directory
To run the program against a specific site or top-level domain, do the following:
./therev site.com
Note that com, gov, gov.pl, www.microsoft.com are all a valid site name. The first parameter works similar to the previous case:
./therev homeland security gov
As a special bonus, when running the script against multilinguinal sites, you might want to specify a third parameter - desired language (using a two-letter code: en, pl, etc). NOTE: DO NOT USE LANGUAGE QUALIFIER UNLESS NECESSARY:
./therev linux microsoft.com en
The HTTP search mode uses Google.com to locate all matching Word documents on a specific site. For a document to be found, it must be indexable (that is, not excluded in robots.txt) and be in the first 1000 of results for a specific site. If there are more than 1000 documents at some website, consider sub-searches with keywords.
Enhancements:
- This release was fixed to work with the new Google page layout.
- Some other minor fixes were made.