(Page 1 of 3)   1 2 3  Next >

Platform: Python

Kippo
Added 2010-03-02
by Upi Tamminen
Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.

moth
Added 2009-06-08
by Bonsai - Information Security
Moth is a VMware image with a set of vulnerable Web Applications and scripts, that you may use for: 1. Testing Web Application Security Scanners 2. Testing Static Code Analysis tools (SCA) 3. Giving an introductory course to Web Application Security

CUPP
Added 2009-03-24
by Muris Kurgas
CUPP is a Common User Passwords Profiler. The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values. A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password. That is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations.

D.O.P.E
Added 2008-12-26
by Mr.Mojo
Dis.Org Penetration Extension for Firefox (D.O.P.E) A User agent Switcher for firefox that supports the following: Search engine Impersonating Operating Systems Impersonation Browser Impersonation Cellular Phones and Mobile Devices Impersonation Game Consoles Impersonation http://www.lostlight.net/tools/blog.html

w3af
Added 2008-11-03
by Andres Riancho
w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

SELS: Secure Email List Services
Added 2008-09-29
by NCSA, University of Illinois at Urbana-Champaign
SELS provides support for secure mailing lists where email messages are signed and encrypted. Only authorized subscribers have access to messages while others, including the list server, do not. SELS is compatible with most commonly used email clients.

Sipflanker
Added 2008-08-02
by Sergio Castro
Many (if not most) VoIP devices have available a Web GUI for their configuration, management, and report generation. These Web GUIs are often on default, meaning that the moment you install the IP phone or IP PBX, the Web GUI is immediately available on the network. And unfortunately it is also common for the username and password to have the default values. Sipflanker will help you find these SIP devices with potentially vulnerable Web GUIs in your network. What the application does is search the range of IPs you specify, and checks if port 5060 is available. Whether open or close, port 5060 indicates the presence of a SIP device. Then it checks if port 80 (http) is open. The combination of an open port 80, together with port 5060, either open or closed, signals a SIP device with a Web GUI.

Source Security
Added 2007-01-15
by
sourcesec.com provides Web-based access to code auditing applications, and was created to assist developers and users in auditing their programs for vulnerabilities. You can upload your code for static analysis by RATS, Flawfinder and ITS4 as applicable - the C/C++, PHP Python and Perl languages are supported. Additionally, a simplified search function is available which easily allows efficient Web searches for security-related information.

SafePasswd
Added 2006-10-15
by Robert Accettura
Generate safe, secure and memorable passwords quickly and easily. If a password isn't memorable it isn't used. Also visually displays how effective a password is.

Taof - the art of fuzzing
Added 2006-10-11
by Rodrigo Marcos
Taof is a GUI cross-platform Python generic network protocol fuzzer. It has been designed for minimizing set-up time during fuzzing sessions and it is especially useful for fast testing of proprietary or undocumented protocols. Taof aids the researcher during the data retrieval process by providing a transparent proxy functionality that forwards and logs requests from a client to a server. After the data retrieval phase, Taof presents the logged requests and allows the user to specify the fuzzing points within the requests.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus