Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.
12a3035bf26f55f71e3106a51a5fa8d7b744572df98a63920a9cff876a7dcce4
This is a backdoored version of openssh-8.0p1 where the ssh client will log the ssh username and ssh password into /opt/.../log.txt.
f82adc0b1250fc99dd1084b64d7615221985dff9a51580cc3cfaedc1f2218b6b
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
6bda9aff7daa468cbf6ddf141c670140de4d1db145329645a90c22c1e5c7bc01
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
96491008a9e1ad7e69bc2be9e30cea2014e7ec82fcaa4c2a1a86a984844d920e
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
f852de0f0b6d8436761426dbdc2eda922558e197112c212440905e57ecb39f15
ghba is a PTR record scanner ported from ghba.c. It has been enhanced to run much faster than the original ghba.c. It can scan an entire private class C network in under a minute if 32 threads are available.
92c4565b20b4f73f7f963a482cd44e6bc1db903941ab8b430f543fd68d9c04ca
This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Zenith".
f22b0bbebc02dcb6a99ac3ba69f3035afdd6f068fcdb759ca5eac85fee0a77ce
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
318a03b0bfd0cb3b5213eebb4c4186a0efe85178a3011594299a87fc50660590
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
640060120024be70dbe81f6ec6efc72e46250fcb36219dff67e6417220ff21b7
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
d72f4ee7325816bb8dbfcf31eb104207b9fe58a2493c2a875373746a71284cc3
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
69ef3847ab0a3944f6246bfa3a426588d80294ddfedb22b90e7e5c525e54eef9
fabric is an open-source framework for augmenting humans using AI. This does not have an official release yet but should be interesting to our readers.
ed177190731dbec436f6f57a1c4a7462e2f9940ac6ecd35e4637d8edaa10ec06
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
ca192ac67411b07ec8421d579b1f16c038299ff727a53d739403b729817bc2e7
This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "DEFCON is Cancelled".
535ace3d2395d745aab82b77f7bf83ac08ab9ffb328c07ee2e4ddf340d09536a
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.
f602bd025ff2997ecce1bd1f479592ab666276912d72212ab8d1fffd38ab8c94
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
51b659b04afb21ae63464b4358ca4173a6c1ec323afac98bb86dbe563bac1786
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
67ad865570d2efcb7dc38ff4c31174b122f57c0229af72d8f2b89349d599ff78
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.
0a86a6496320d91576037b33101119af6fd8d5b91060cd316a3a9c229e9604aa
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
ea0742d7a98783f1af4a57661af6068bc2d850ac3eca04b3204d28ce165e35ff
fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.
bcb4e0e2eb5fcece5083d506da8471f68e33fb6b17d9379c71427a95f9ca1ec8
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.
b6f5c76af02ef16ffb7965f810a9af4815ad4f904b478eb7451dde7133f76dbf
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
227edf0e1e6b54dc9893cfd1ecd8621291cc85d1d06808874394aad555f8a8a4
Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
329df0991b879764ed7e50a869de5b6bfa70d241eb254397a5659d1ff5f2588f
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
a94047116abd15e4d8424e3d8efb27871ba3c8e9f0d4426d64137bef92318a8d
mqXSS is a client to communicate with XSS hooked browsers over MQTT. Similar to xsshunter or beef, mqxss allows interaction with remote browsers that have been injected with a XSS payload. However, instead of having the victim connect back to your server they connect through a Secure Websocket MQTT broker instead. This tool facilitates the JS payload generation and interaction with hooked browsers that communicate over WSS MQTT brokers.
8896d3a6c195fd964e3ba8e5a991dcb72d8c6488f787f595e2d0fca71fec9ad8