Vulnerabilities

sqlmap is an automatic blind SQL injection tool, developed in python, capable to enumerate entire remote database, perform an active database fingerprint and much more. sqlmaps aim is to implement a fully functional database mapper tool which takes advantages of web application programming... Platforms: *nix

Fli4l is a single floppy distribution, Linux-based ISDN, DSL and Ethernet-Router. You can build it from an old 486 based pc with 16 megabyte memory, which is more than adequate for this purpose. The necessary boot-disk can be built under Unix, Linux or Windows. You dont need any specific... Platforms: *nix

TCP Knocking provides a port knocking implementation. Often a secure system needs a port open so that only authorized persons can access a particular service and also the service should not exposed to attackers and worms that may use vulnerabilities that exist in the listening server. Port... Platforms: *nix

NoScript offers extra protection for your Firefox: NoScript allows JavaScript, Java (and other plugins) only for trusted domains of your choice (e.g. your home-banking web site). This whitelist based pre-emptive blocking approach prevents exploitation of security vulnerabilities (known and even... Platforms: *nix

Interact project is an online learning and collaboration platform. Interact is an online learning and collaboration platform that was developed by the Christchurch College of Education. It is a free alternative to the likes of WebCT and Blackboard, and was designed with the intention of... Platforms: *nix

KCPentrix project is Live CD design to be a standalone Penetration testing toolkit for pentesters and security analysts. KCPenTrix based on SLAX, a Slackware live cd and gentoo,auditor and whoppix. The Powerful modularity which KCPenTrix uses, allow us easily customize our version, and... Platforms: *nix

JaCL Linux (Just a Command Line Linux) is a live CD distribution (a Knoppix remaster) of the Linux operating system. JaCL Linux is designed to be run as a command line driven server or utility system. Most major command line applications or server software available in a standard Linux... Platforms: *nix

YesScript Firefox extension is a JavaScript blacklist. JavaScript is not something to be feared. Firefox is the most secure browser, and any vulnerabilities found are patched within days. However, JavaScript is sometimes misused by sites. They can show obtrusive ads or try to limit built in... Platforms: *nix

PgmReloaded is an e-commerce package build on PHP 4 and PostgreSQL/MySQL. Is an evolution of PgMarket, by Marco Pratesi, Fabio Molinari and Ying Zhang. Whats New in This Release: - This version correct critical vulnerabilities due to file inclusion.. diff frontend recursive Platforms: *nix

Regular Expression, Arbitrary Protocol, Opensource Filtering Firewall (Reapoff) is an arbitrary protocol proxy. A proxy server is a program which accepts connections on behalf of another program and forwards these connections to the original program. There are a many different commonly used... Platforms: *nix

StdioTunnel project allows you to tunnel arbitrary TCP connections through any shell access connection. If the connection provides a clear 8-bit data path and allows you to start programs, you can use it with StdioTunnel. It tunnels TCP connections in much the same way SSH does, but is useful... Platforms: *nix

fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme based around Netfilter and libpcap that requires only a single encrypted packet in order to communicate various pieces of information including desired access through a Netfilter policy and/or complete... Platforms: *nix

Stompy provides a tool to check the security of Web session IDs and other tokens. Stompy the session stomper is a penetration testing tool that performs an automated analysis and runs an array of fairly sophisticated tests on WWW session identifiers (or any other tokens) to see whether they are... Platforms: *nix

HTML::Detoxifier is a practical module to strip harmful HTML. SYNOPSIS use HTML::Detoxifier qw ; my $clean_html = detoxify $html; my $cleaner_html = detoxify($html, disallow => [qw(dynamic images document)]); my $stripped_html = detoxify($html, disallow => [qw(everything)]);... Platforms: *nix

Qpopper project is the most widely-used server for the POP3 protocol (this allows users to access their mail using any POP3 client). Qpopper supports the latest standards, and includes a large number of optional features. Qpopper is normally used with standard UNIX mail transfer and delivery... Platforms: *nix

FreeBSDShield is a DShield.org reporting client for FreeBSD and the ipfw firewall. The project allows you to report attempted security breaches to the DShield cooperative firewall logging effort, which in turn helps the Internet Storm Center (and netizens at large) track trends in network... Platforms: *nix

Suhosin is an advanced protection system for PHP installations. Suhosin was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small... Platforms: *nix

Fenris is a suite of tools suitable for code analysis, debugging, protocol analysis, reverse engineering, forensics, diagnostics, security audits, vulnerability research and many other purposes. The main logical components are: - Fenris: high-level tracer, a tool that detects the logic used... Platforms: *nix

Honeytrap project trap attacks against tcp services. Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The... Platforms: *nix

The Secure Remote Password protocol is the core technology behind the Stanford SRP Authentication Project. The Project is an Open Source initiative that integrates secure password authentication into existing networking applications. The Projects primary purpose is to improve password security... Platforms: *nix