|
(Page 1 of 8) 1 2 3 4 5 6 Next > Platform: Java Virtual Steganographic Laboratory (VSL) Added 2009-06-14 Virtual Steganographic Laboratory (VSL) is a graphical block diagramming tool that allows complex using, testing and adjusting of methods both for image steganography and steganalysis. VSL provides friendly GUI along with modular, plug-in architecture. moth Added 2009-06-08 Moth is a VMware image with a set of vulnerable Web Applications and scripts, that you may use for: 1. Testing Web Application Security Scanners 2. Testing Static Code Analysis tools (SCA) 3. Giving an introductory course to Web Application Security httpsScanner Added 2009-05-14 httpsScanner is a Java program that will scan a web server to test the strength of the SSL JavaFuzz Added 2009-02-27 Java Class Fuzzer Djigzo email encryption gateway Added 2009-02-09 Djigzo email encryption gateway is an email server (MTA) that encrypts and decrypts your incoming and outgoing email. Because Djigzo serves as a general SMTP email server, it is compatible with any existing email infrastructure and can easily be placed before or after existing email servers. Djigzo is typically installed as a "store and forward" server. Email is therefore only temporarily stored until it is forwarded to it's final destination. Djigzo currently supports two encryption standards; S/MIME and PDF encryption. S/MIME provides authentication, message integrity and non-repudiation (using X.509 certificates) and protection against message interception. S/MIME uses public key encryption (PKI) for encryption and signing. PDF encryption can be used as a lightweight alternative to S/MIME encryption. PDF allows you to decrypt and read encrypted PDF documents. PDF documents can even contain attachments embedded within the encrypted PDF. The password for the PDF can be manually set per recipient or a password can be randomly generated and sent to the recipient via SMS. D.O.P.E Added 2008-12-26 Dis.Org Penetration Extension for Firefox (D.O.P.E) A User agent Switcher for firefox that supports the following: Search engine Impersonating Operating Systems Impersonation Browser Impersonation Cellular Phones and Mobile Devices Impersonation Game Consoles Impersonation http://www.lostlight.net/tools/blog.html Yasca Added 2008-09-30 Yasca is a source code analyzer that integrates other open-source tools (PMD, FindBugs, Jlint) to produce a single output file. Yasca is easily extensible and includes a large number of custom rules implemented via a plugin-based architecture. Yasca is designed to find "low hanging fruit" and has plugins supporting a variety of languages, but mostly focused on Java and C/C++. SELS: Secure Email List Services Added 2008-09-29 SELS provides support for secure mailing lists where email messages are signed and encrypted. Only authorized subscribers have access to messages while others, including the list server, do not. SELS is compatible with most commonly used email clients. Source Security Added 2007-01-15 sourcesec.com provides Web-based access to code auditing applications, and was created to assist developers and users in auditing their programs for vulnerabilities. You can upload your code for static analysis by RATS, Flawfinder and ITS4 as applicable - the C/C++, PHP Python and Perl languages are supported. Additionally, a simplified search function is available which easily allows efficient Web searches for security-related information. SIP Proxy VoIP Security Test Tool Added 2006-12-15 SIP Proxy is an Open Source VoIP security test tool which has been developed by the students Philipp Haupt and Matthias Hürlimann during their diploma thesis and second student research project at the University of Applied Sciences Rapperswil (www.hsr.ch). Business partner was Compass Security AG in Rapperswil (www.csnc.ch). Description: In the so called "Proxy Mode", the application acts as a proxy between a VoIP PBX (e.g. Asterisk) and a UA (VoIP hard- or softphone). SIP traffic can be sniffed and dynamically manipulated with the help of regular expressions. Logged SIP messages can be modified and resent. In the "Test Case Mode" predefined security tests which are specified as XML files can be run against a specific target. Fuzzing technology, which is a kind of black-box testing, can be applied to find weak spots in VoIP devices. There are many more specific modules which can be used within such a test case. For example Wordlist- or Bruteforce attacks. While running a test case, feedback is given by displaying a grahical report which can be exported in a printable PDF document afterwards. With the help of SIP Proxy, several software bugs and configuration faults in specific VoIP devices have already been discovered. Check out this new and innovative software on SourceForge: http://sourceforge.net/projects/sipproxy Browse by category |
|
|
Privacy Statement |
