Free security toolkit software for linux

Network Security Toolkit is a bootable ISO live CD and its based on Fedora Core 2.
The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.
The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 75 Security Tools by insecure.org are available in the toolkit.
What we find rather fascinating with NST is that we can transform most x86 systems (Pentium II and above) into a system designed for network traffic analysis, intrusion detection, network packet generation, wireless network monitoring, a virtual system service server, or a sophisticated network/host scanner.
This can all be done without disturbing or modifying any underlying sub-system disk. NST can be up and running on a typical x86 notebook in less than a minute by just rebooting with the NST ISO CD. The notebooks hard disk will not be altered in any way.
NST also makes an excellent tool to help one with all sorts of crash recovery troubleshooting scenarios and situations.
Enhancements:
- We are pleased to announce the latest NST release: v1.5.0. This release is based on Fedora Core 5 using the Linux kernel 2.6.18. Here are some of the highlights for this release: the NST Web User Interface (WUI), has been greatly enhanced and cleaned up; extensive additions to managing and analyzing network packet captures; the ability to setup and manage printers; the ability to easily mount many different supported file system types; the ability to manage the NST as a file server (both NFS and CIFS); the addition of the Inprotect package (a Nessus manager); the addition of the Zabbix package (another network resource monitoring tool - similar to Nagios)....

SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet. It can be used to send any kind of messages, in addition to normal text messages This includes multimedia messages like images, video, and audio stream.
All messages in the SILC network are encrypted and authenticated, and messages can also be digitally signed. SILC protocol supports AES, SHA-1, PKCS#1, PKCS#3, X.509, OpenPGP, and is being developed in the IETF. The software is delivered as SILC Client for end users, SILC Server for system administrators, and SILC Toolkit for application developers.
Enhancements:
- This version fixes several crash bugs, packet flag resetting, PFS rekey with CTR encryption mode, and some other bugs.

Scout Portal Toolkit project is a turnkey software to put resource metadata collections on the Web.
The Scout Portal Toolkit (SPT) is a turnkey software package that allows groups or organizations who have collections of knowledge or resources they want to share via the Web to put that collection online without a big investment in technical resources.
It includes keyword and fielded search engines, a recommender system, a metadata editor, user agents (push technology to notify users of new resources), forums (bulletin boards), resource quality ratings, resource annotations by users, and support for multiple dynamic user interfaces, selectable on a per-user basis.
Main features:
- Cross-Field Searching
- Resource Annotations by Users
- Intelligent User Agents
- Resource Quality Ratings by Users
- Suggested Resource Referrals

OSP Toolkit project is a client side implementation of the ETSI OSP VoIP Peering protocol (ETSI TS 101 321).

The OSP Toolkit project was begun in 1998 and the code has been incorporated into many commercial and open source VoIP products.

HPCToolkit is an open-source suite of multi-platform tools for profile-based performance analysis of applications. The figure provides an overview of the toolkit components and their relationships.
Main features:
- hpcrun: a tool for profiling executions of unmodified application binaries using statistical sampling of hardware performance counters.
- hpcprof & xprof: tools for interpeting sample-based execution profiles and relating them back to program source lines.
- bloop: a tool for analyzing application binaries to recover program structure; namely, to identify where loops are present and what program source lines they contain.
- hpcview: a tool for correlating program structure information, multiple sample-based performance profiles, and program source code to produce a performance database.
- hpcviewer: a java-based GUI for exploring databases consisting of performance information correlated with program source.
A program called hpcview is at the toolkits center. It takes performance profiles, program structure information, and, under the direction of a configuration file, correlates it with application source code to produce a browsable performance database.
hpcview also enables the user to define expressions to compute derived metrics as functions other metrics already defined (e.g. measured metrics read from data files or previously-computed derived metrics).
Performance databases are explored using our Java-based hpcviewer user interface that enables one to explore an applications performance data in a top-down fashion and enables one to easily navigate back and forth between performance data and source code.
The user interface presents performance data in a hierarchical display. At any time, you are looking at some program context (program, file, procedure, loop, or line). Also displayed is the data for both the parent and the children of the current context. Up and down arrows on the lines of the display are used to walk the hierarchy.
In order to speed up top-down analysis, the interface also provides `flatten and `un-flatten buttons. Their icons hint at their function. `Flatten modifies the hierarchy by eliding non-leaf children of the current node and replacing them with the grandchildren.
Unflatten reverses this. Since the tables are sorted, the flatten operation makes short work of diving into the program from the top to identify the most important files, procedures, loops and statements.
Performance data manipulated by hpcview can come from any source, as long as the profile data can be translated or saved directly to a standard, profile-like input format. To date, the principal sources of input data for hpcview have been hardware performance counter profiles.
Such profiles are generated by setting up a hardware counter to monitor events of interest (e.g., primary cache misses), to generate a trap when the counter overflows, and then to histogram the program counter values at which these traps occur. For Linux, we developed the hpcrun tool to collect profiles by sampling hardware performance counters.
This tool uses UTKs PAPI library for access to hardware performance counters. A second tool, hpcprof is used to map profiles collected using hpcrun back to program source lines. hpcprof is based on code from Curt Janssens cprof/vprof profiler. On operating systems other than Linux, we use vendor-supplied tools to collect profile data. On MIPS+Irix platforms, we use SGIs ssrun tool to collect profiles. On Alpha+Tru64, we use either with Compaqs uprofile or DCPI utilities for this purpose.
hpcview and hpcviewer can be used to view profile-like data of any type, not just data sampled from hardware performance counters. To analyze one program that contained many register spills, we built a perl script to examine assembly code generated by the SGI compilers for MIPS+Irix and create profiles that map register spills back to source code lines.
To facilitate automation, the programs in HPCToolkit are intended to be run using scripts and configuration files. Once these are set up, rerunning the program to collect new data, and all of the steps that go into generating a browsable dataset can be completely automated. The scripts automate the collection of data and conversion of profile data into a common, XML-based format.
Other performance tools (e.g. SGIs ssrun) report performance data at the line, procedure, and program level. However, since much of the time in scientific programs is spent in loops; having data at the loop level as well is critical to facilitate performance tuning.
For this reason, HPCToolkit includes a binary analyzer bloop that extracts loop nesting structure from application binaries and uses symbol table line map information to map this structure back to the source programs level. Because bloop works on binaries, this process is independent of the language used (though in practice it can be somewhat compiler dependent).
The loop nesting structure information produced by bloop enables hpcview to associate performance data with each loop in a program without incurring any additional overhead for data collection during program execution.
Supported platforms: Pentium+Linux, Opteron+Linux, Athlon+Linux, Itanium+Linux, Alpha+Tru64 and MIPS+Irix.
HPCToolkit is open-source software released with a BSD-like license.

Security::CVSS is a Perl module to calculate CVSS values (Common Vulnerability Scoring System).

SYNOPSIS

use Security::CVSS;

my $CVSS = new Security::CVSS;

$CVSS->AccessVector(Local);
$CVSS->AccessComplexity(High);
$CVSS->Authentication(Not-Required);
$CVSS->ConfidentialityImpact(Complete);
$CVSS->IntegrityImpact(Complete);
$CVSS->AvailabilityImpact(Complete);
$CVSS->ImpactBias(Normal);

my $BaseScore = $CVSS->BaseScore();

$CVSS->Exploitability(Proof-Of-Concept);
$CVSS->RemediationLevel(Official-Fix);
$CVSS->ReportConfidence(Confirmed);

my $TemporalScore = $CVSS->TemporalScore()

$CVSS->CollateralDamagePotential(None);
$CVSS->TargetDistribution(None);

my $EnvironmentalScore = $CVSS->EnvironmentalScore();

my $CVSS = new CVSS({AccessVector => Local,
AccessComplexity => High,
Authentication => Not-Required,
ConfidentialityImpact => Complete,
IntegrityImpact => Complete,
AvailabilityImpact => Complete,
ImpactBias => Normal
});

my $BaseScore = $CVSS->BaseScore();

$CVSS->UpdateFromHash({AccessVector => Remote,
AccessComplexity => Low);

my $NewBaseScore = $CVSS->BaseScore();

$CVSS->Vector((AV:L/AC:H/Au:NR/C:N/I:P/A:C/B:C));
my $BaseScore = $CVSS->BaseScore();
my $Vector = $CVSS->Vector();

CVSS allows you to calculate all three types of score described under the CVSS system: Base, Temporal and Environmental.

You can modify any parameter via its accessor and recalculate at any time.
The temporal score depends on the base score, and the environmental score depends on the temporal score. Therefore you must remember to supply all necessary parameters.

Ubuntu Security Notice Monitor is a karamba theme that displays the ten most recent USN report titles in a desktop widget.

Ubuntu Security Notice Monitor works by parsing the link text out of the USN page at http://www.ubuntulinux.org/usn using a Python backend.

Thanks goes to Richard "Ricardo" Szlachta for the graphics work.

Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.
Usage:
To install, unzip Spike phpSecAudit package.
> unzip spike_phpSecAudit.zip
Change directory to your php repository.
> cd /path/to/code/to/audit
Execute the run.php, passing the file name or directory to audit.
> php /path/to/spike_phpSecAudit/run.php test_file.php
or
> php /path/to/spike_phpSecAudit/run.php dir_name
Enhancements:
- Modified to be PHP 4 friendly.
- A few functions have been added to the knowledge base: extract, shell_exec, pcntl_exec, and exec.
- The organization of the knowledge base file (vuln_db.xml) has been slightly improved.
- The _getAllPhpFiles function may miss a few (unverified).
- The tokenizer needs to be able to differentiate between a native function call and class method call of the same name, i.e. mail() and $class->mail().