#- Computer Forensic Science and IT Security Professional. ⠠⠵

segunda-feira, março 26, 2012

 Big Brother system and network Monitor (bb4.org)

  • FreeNATS (Free Network Automaic Testing System)
  • Monit (Unix System Monitor)
  • OpenNMS (enterprise-grade open-source network management)
  • Opsview (System and Application—and network— monitoring)
  • PandoraFMS (Flexible Monitoring System)
  • Xymon (See also Documentation for Xymon)
  • Zabbix (an enterprise-class open source distributed monitoring solution)
  • HP OpenView (Commercial, top-of-the-line I.T. Managment and montoring system)
  • IBM Tivoli (Commercial, top-of-the-line IT management and montoring system)

List of Available Tools by Type

From: debianlinux.net/system_management.html.
This information is courtesy of DebianLinux.Net.
  1. Application Management (from the Application Management section)
  2. Package Management
  3. Configuration Management
  4. Service Startup Tools
  5. File System Tools
  6. Executable & Library Tools
  7. Device Management
  8. Out-of-band System Management
  9. Distributed & Automated System Management
  10. Network Traffic Accounting
  11. Network Traffic Shaping
  12. System Process Monitoring
  13. Logging, System Monitoring & Reporting
  14. Performance Monitoring & Benchmarking
  15. Network Security Auditing
  16. Intrusion Detection
  17. Data Protection, Authenticity & Integrity
  18. Data Recovery
  19. Backup Management
  20. Partition & Disk Image Management
  21. Server Virtualization
  22. ISP Service Management

Package Management

  • Debian (OS with an advanced package management system, based on: dpkg, apt-get, debconf, dselect/aptitude/... and hundreds of public mirrors.)
  • dpkg.org ("Debian GNU/Linux package manager" development site) (ml)
  • Alien (Conversion tool for: Redhat .rpm, Debian .deb, and Slackware .tgz package formats)
  • apt4rpm (Variant of the Debian Apt toolset for RPM based operating systems) (cvs) (ml)
  • RPMView (GNOME based RPM installer/viewer)
  • Gentoo Portage NG (OS with an advanced source code focussed package management system. Portage NG is still in the design stage.)
  • Autopackage (Console/GTK+ based tool for build, install, verify and uninstall packages of medium complexity) (cvs) (ml)
  • Zero Install (System to install and run programs in 'real-time' from the Internet. Consecutive program executions are fast due to local caching.) (cvs) (ml)
  • EPM ("Easy Package Manager". Packaging tool that generates portable distribution archives from a list of files.) (ml)
  • Xstow (C++ based rewrite of GNU sTOW. Stow is a tool for managing the installation of local software packages under "/usr/local/stow/".) (cvs)
  • pdbv (Tool to create HTML output of a RPM or Dpkg packages database) (cvs)
  • CheckInstall (Tool to create a Slackware, RPM or Debian compatible package by 'monitoring' the actions from "make install". Inactive project.)
  • buildpkg (Bash shell script system to create .deb, .rpm or .stc packages from a set of independent description files. Inactive project.) (ml)
  • sinstall (Perl script to help extract, build, install, uninstall and patch source packages. Inactive project.) (cvs) (ml)

Configuration Management

  • Elektra (System-wide configuration system using a hierarchy of directories with files containing key-value pairs. License: BSD-style) (svn) (ml) (forum)

Service Startup Tools

  • Monit (Utility for monitoring and managing daemons and similar programs)
  • keepalive (Perl tools for monitoring and managing daemons and similar programs)
  • Dwatch (Utility for monitoring and managing daemons and similar programs. Inactive project.)
  • Runit (Alternative init scheme system with service supervision)
  • Serel ("SErvices and RELationships". Alternative init scheme system which has synchronisation and integrity checking)
  • sysv-rc-conf (Tool for managing SysV runlevel service symlinks) (cvs) (deb)
  • sysvconfig (Ncurses based tool for managing SysV runlevel services) (cvs) (deb)
  • bootprofile (Bootmenu system for selecting different network setups from a set of bootprofiles)
  • GNOME Crontab Editor (GNOME based GUI for "crontab") (cvs)
  • vcron (Tcl/Tk based GUI for "crontab" and "at")

File System Tools

  • GNU FileUtils (Collection of 20+ essential system tools, like: cp, mv, chmod, chown, ls, ln)
  • GNU ShellUtils (Collection of 30+ console utilities commonly used within shell scripts or shell commands, like: echo, pwd, test, chroot, uname, who, whoami, nice, tee, date)
  • GNU FindUtils (Collection of search and indexing tools: find, locate, xargs, updatedb, frcode)
  • rlocate (Linux kernel module and user-space tool which acts as a 'locate' command alternative that is always up-to-date)
  • sfind (POSIX.1-2001 compliant implementation of the "find" utility) (cvs)
  • clwrap ("command-line wrapper" tool for running custom commands with standard input lines as arguments. The functionality is similar to GNU xargs.) (cvs)
  • wtch (Perl based tool which periodically runs a user-specified shell command and watches its output. When this output changes wtch runs a user-specified shell command.)
  • Watchfolder (Daemon which monitors specifed directories for incoming files and processes them with programs assigned to those directories)
  • glark (Grep alternative which offers: Perl/Ruby regular expressions, highlighting of matches, context around matches, and more.) (cvs)
  • rtgrep (Bash shell script which can recursively search files created or modified in a given time frame)
  • BatRen (Shell based automatic file rename tool)
  • Krename (KDE based tool to rename files)
  • Tardy (Tool to alter certain characteristics of files after they have been packed into a "tar" archive files)
  • FSlint (Filesystem sanity check tool, which can report duplicate files, bad symbolic links, troublesome file names, empty directories, non stripped executables)
  • RFC (Remote Filesystem Checker. Filesystem sanity check tool.)
  • Afick ("A Filesystem Integrity Checker". Perl based intrusion detection and integrity monitoring system.) (cvs) (ml)
  • tmpreaper (Tool to clean out temporary-file directories)
  • Sudo ("Superuser do" allows a system administrator to give certain users groups of users the ability to run some specified command(s) as root or as another user while logging the commands and arguments being used. License: BSD-style)
  • RSSH ("Restricted secure shell" for use with OpenSSH, allowing specific users only to execute scp and/or sftp)
  • userinfo (Tool to display as much information about a local user as possible) (cvs)
  • bidilink (Utility for linking two bidirectional data streams together. It extends the standard Unix "filter" paradigma to bidrectional streams.)
  • Gtk-Lsof (GTK+ based GUI front-end for lsof. These tools list information about any files that are open by processes currently running on the system)
  • OneFinger (KDE based GUI tool for composing shell commands) (cvs) (ml)

Executable & Library Tools

  • GNU Binutils (Collection of 10+ essential binary utilities, like: ld, as, ar, strip) (another homepage) (cvs) (ml)
  • Debuggers & Profilers (from the Software Development section)
  • Decompilers (from the Software Development section)
  • hte ("Hex Text Editor". File editor for executables.) (cvs) (forum)
  • libelf (ELF object file access library)
  • ELFsh ("ELF shell" is a libelf library based, interactive and scriptable ELF virtual machine, which can be used for the manipulation of ELF executables and shared libraries.)
  • elfa (Portable ELF object file header analyzer)
  • elfgpg (Tool to insert and verify OpenPGP signatures in ELF executable files) (source)
  • elfsign (Toolset for signing and verifying ELF object files using certificates)
  • Statifier (Tool to create pseudo-static executables, by merging the dynamically linked executables and all its libraries in one file.) (cvs) (ml) (forum)
  • Kbview (KDE based ELF executable viewer. Alpha status. Inactive project.) (cvs) (ml)

Device Management

- General Device Management

  • OpenHPI ("Hardware Platform Interface" implementation to provide a modular mechanism for adding new hardware and device support) (cvs) (ml)
  • Discoverer (Hardware reporting system) (ml)
  • Dmidecode (Hardware reporting system, using the SMBIOS/DMI specifications) (cvs)
  • lshw ("Lister Hardware". Hardware reporting system using code from the dmidecode project.)
  • prtdiag (Bash script based hardware reporting system, using: dmidecode, lspci and lm_sensors)

- Network Devices

  • ifplugd (GNU/Linux daemon which automatically activates/de-activates the ethernet device when the ethernet cable is plugged-in/pulled-out)
  • wol ('Wake On LAN'. Tool to turn-on/un-suspend a remote computer by issueing 'wol MAC-address'.) (cvs)
  • macc (GNU/Linux utility for viewing/manipulating the MAC address of network interfaces) (cvs) (ml)
  • Wireless Network Clients (from the Network Services section)
  • SNMP Clients (from the Network Services section)
  • IEEE1394Diag (KDE based IEEE1394 network management tool) (cvs) (ml) (forum)
  • LIRC (Infra-red signal encoding/decoding software toolkit for GNU/Linux systems. See also smartmenu.) (cvs) (ml)
  • Synergy (Network tool to share a single mouse and keyboard between multiple computer systems, without needing special hardware.) (cvs)

- Disk Drives

  • hdparm (Utility for viewing and changing the IDE/ATA harddisk driver parameters)
  • smartmontools (Toolset to monitor SCSI and ATA harddisks using the SMART failure warning system) (cvs) (ml)
  • Cdpl (Utility to change the settings of a Plextor SCSI CD-ROM drive)

- CD & DVD Mastering

  • Audio CD & DVD Mastering Tools (from the Multimedia section)
  • Video CD & DVD Mastering Tools (from the Multimedia section)
  • cdrecord (CD-R/CD-RW/DVD image creation and burning software with support for SCSI, IDE/ATAPI and parallel-port drives. Cdrecord consist of a number of libraries and tools, including: cdrecord, cdda2wav and mkisofs) (DVD extension patches for cdrecord)
  • cdrdao (Create audio or mixed mode CD-R's in disk-at-once mode) (cvs) (ml)
  • bashburn(Bash shell script based CD burning tool)
  • Burgner (CD burning tool, which doesn't depend on cdrecord)
  • cdcontrol (CD burning tool that allows you to write to one or more CD burners at once)
  • mkCDrec (Make a bootable El-Torito disaster recovery image called CDrec.iso)
  • mkinitrd-cd (Tool to create the initrd images used for booting from CD-ROM)
  • bootcd2disk (Tool set to copy a running Debian GNU/Linux system on a bootable CD)
  • cdw (Ncurses based CD burning front-end for cdrecord and mkisofs)
  • Phaser (Perl script to help with CD burning)
  • K3B (KDE based CD burning tool) (cvs) (ml)
  • CDBO ("CD Bake Oven". KDE based CD burning tool, which can be used as a Kpart module)
  • Gnome Toaster (GNOME based CD burning tool) (ml)
  • Arson (KDE based CD burning tool) (cvs) (ml)
  • Disc-O-Matic (GTK+ based multiple CD burning tool)
  • X-CD-Roast (GTK+ based CD burning tool)
  • cdfs-src (Linux file system which allows all audio tracks and boot images on a CD to be accessed as normal files)
  • Linux UDF (Universal Disk Format FS) (cvs)
  • DVD+RW/+R Tools for Linux
  • disc-cover (Perl script, with FreeDB support, for creating CD labels in Latex, DVI, PDF or PostScript format)
  • cdcover (Python/Tk tool, with FreeDB support, for creating CD labels in PostScript format)
  • cdlabelgen (Perl script for creating CD labels in PostScript format. Inactive project.)

- Video Cards & Monitors

  • videogen (Console tool that generates XFree86 and/or fbset "Modelines" which tell your video card what signals to send to your monitor)
  • read-edid (Information gathering tool for VESA PnP monitors, useful when creating your XF86Config file)
  • atitvout (Utility to setup TV-out support for the ATI "Rage Mobility" video cards)
  • nv-tv-out (GTK+ based utility to setup TV-out support for the NVidia video cards) (cvs) (forum)
  • NVClock (GTK+ based tool to overclock several NVidia based video cards on GNU/Linux systems)

- Printers

  • LinuxPrinting.org (GNU/Linux printer support portal) (ml)
  • KDEPrint (Printing framework for KDE applications)
  • klpq (KDE frontend to lpq, lprm and lpc. It allows for viewing, deleting, or adjusting print jobs.)
  • GtkLP (GNOME based frontend for lpq and lprm working with CUPS queues)
  • gQueue (GNOME based frontend for lpq and lprm working with CUPS queues. Inactive project.)
  • GIMP-Print (Printer device drivers for: Canon, Epson, Lexmark, and PCL printers for use with Ghostscript, CUPS, Foomatic, and the GIMP)

- Digital Camera's

- Image Scanners

  • SANE ("Scanner Access Now Easy". Standard interface and tools for accessing raster image scanner hardware) (ml)
  • phpSANE (PHP based SANE frontend)
  • FlScan (FLTK based SANE frontend)

Out-of-band System Management

  • OpenIPMI (Initiative to develop and promote free software implementing the IPMI interface standard, to remotely control and monitor servers)
  • FreeIPMI (IPMI based out-of-band system management framework) (cvs) (ml)
  • IPMItools (Linux kernel drivers and user tools to interface with IPMI based management hardware) (cvs)

Distributed & Automated System Management

  • Network Encryption & Authentification Servers & Clients (from the Network Services section)
  • Thin Client Systems (from the Network Services section)
  • Remote Desktop Systems (from the Network Services section)
  • Distributed Computing Systems (from the Network Services section)
  • CVS Revision Tools (from the Software Development section)
  • Other Revision Tools (from the Software Development section)
  • System Installation Suite (System for automated installation of GNU/Linux hosts) (cvs) (ml)
  • Rsync (Remote incremental file transfer/updating tool)
  • ClusterSSH (Tool for controlling multiple terminal session, via a single graphical console window, to allow commands to be interactively run on multiple servers over an secure shell connection.) (forum)
  • syrep (Peer-to-peer based system for synchronizing large file hierarchies bi-directionally by exchanging patch files)
  • Howl (Free implementation of the Zeroconf networking standard. License: BSD-style) (ml)
  • Cfengine (Portable client/server configuration system wich can act relatively autonomous to help manage clusters of computers) (ml)
  • ssync (Filesystem synchronization utility. Inactive project.)
  • Ark (Python based toolset for collaborative system administration of multi-platform Un*x sites) (cvs) (ml)
  • pconsole (Run secure shell commands in parallel on multiple computers. License: BSD-style)
  • Pdsh (Parallel Distributed Shell. Run shell commands in parallel on multiple computers. Pdsh supports SSH.)
  • Dsh (Distributed Shell. Run shell commands in parallel on multiple computers.)
  • Distribulator (Run shell commands in parallel on multiple computers.) (cvs)
  • Wsh (Web shell. Perl/CGI based remote shell system. Wsh supports HTTPS.)
  • MosixView (Qt based tool for managing a MOSIX cluster)
  • Webmin (Simple web server and a collection of CGI programs which directly update OS files) (ml)

Network Traffic Accounting

  • IPAC-NG ("IP accounting next generation". Linux IPtables based IP traffic accounting tool.) (cvs) (ml)
  • pmacct ("Promiscuous Mode ip ACCounTing". MySQL based IP traffic accounting tool.) (forum)
  • bandwidthd (Network I/O byte grapher which outputs HTML pages) (cvs) (forum)
  • IOG ("Input Output Grapher". Network I/O byte grapher which outputs HTML pages)
  • Statsnet (Collection of Bash shell scripts, to make HTML pages with graphics of network interface data of Linux hosts)
  • SASacct (Perl based accounting package for monitoring network usage via internal Linux/OpenBSD specific kernel counters of the firewall system)

Network Traffic Shaping

  • L7 (Linux kernel, iproute and tc patch to classify and prioritize packets based on patterns in in the application layer) (cvs) (ml)
  • BWM Tools ("Bandwidth Management Tools". Ncurses based system for Linux firewall configuration, network traffic graphing and network traffic shaping) (ml)
  • Bandwidth Arbitrator (Linux kernel object and userland tools to setup network traffic shaping) (ml)
  • Frottle (User-space tool for Linux/IPtables based traffic shaping on wireless networks)

System Process Monitoring

  • strace (System call and signal tracing tool) (cvs) (ml) (deb)
  • ltrace (Dynamic library call tracing tool) (deb)
  • ctrace (Multi-threaded trace/debug library. License: BSD-style) (cvs)
  • pstack (Stack tracer for a process/threads) (deb)
  • sysfence (Resource monitoring daemon. Sysfence checks resource levels and makes desired action if some values exceed safety limits.) (cvs)
  • psmon (Perl based daemon or command-line-tool for monitoring processes according to a set of user-defined rules, and respawning/killing the process if needed. Inactive project.)
  • systrace (Tool for interactively generating system call policies) (ml)
  • pv ("Pipe Viewer". Utility for monitoring the progress of data through a inter-process pipe.)
  • ELSA ("Enhanced Linux System Accounting". Framework for monitoring usage of Linux kernel resources by groups of processes.) (cvs) (ml)

Logging, System / Network Monitoring & Reporting

  • www.networkbones.com/ (Network monitoring tool portal—searching and reviews)
  • Metalog (Syslog daemon alternative) (cvs) (ml) (forum) (deb)
  • socklog (Syslog daemon alternative which uses the sysvinit replacement runit) (deb)
  • Syslog-ng (Syslog daemon alternative)
  • Linux Event Logging (Initiative to create a POSIX 1003.25 compliant event logging system) (cvs) (ml)
  • Lire (Perl and XML based reporting system for several application logfiles) (cvs) (ml) (deb)
  • ModLogAn ("Modular Logfile Analyzer". C and XML based reporting system for several application logfiles) (cvs) (deb)
  • LogTrend (Perl and PostgreSQL based client/server for system and network monitoring and reporting) (ml)
  • Yaala (Perl based reporting system for several application logfiles) (ml)
  • Logrep (Perl based reporting system for several application logfiles) (cvs) (ml)
  • Logtool (Portable C based command-line tool for parsing logfiles into 'more usable' formats like: CSV, HTML and ANSI-color. Logtool supports multi-log files.)
  • LogScanner ('Realtime' syslog message checking/alerting tool)
  • slst (Tool for generating statistics from syslog logfiles in HTML format)
  • LogDog (Daemon for monitoring syslogd messages and alerting administrators)
  • ICPLD (Daemon for monitoring network connections and their perfomance using ICMP requests. License: BSD-style)
  • Nagios (C/CGI based network monitoring system) (cvs) (ml)
  • HotSaNIC (Perl based network monitoring system) (cvs)
  • BigSister (Perl/CGI based network monitoring system) (cvs) (ml)
  • Nodemap (SNMP/Perl based based network monitoring system)
  • checksuite (Perl based system monitoring system) (cvs)
  • apache-tools (Collection of monitoring and log-analysis tools for the Apache webserver)
  • Gnucomo ("GNU COmputer MOnitoring". PHP/PostgreSQL based network monitoring system.) (ml)
  • RRDtool (Round Robin Database. Tool to efficiently store and display time-series data in 'real-time'. RRD is reimplementation of MRTG.) (ml) (drraw Perl/CGI based web frontend for RRDtool. License: BSD-style)
  • RRDBrowse (Polling daemon, templater and webinterface for the rrdtool, using a set of modules for reporting on network and system services)
  • Cacti (RRDTool based client/server system for graphing all sorts of system information gathered from a network via PHP based web pages) (cvs) (ml)
  • LRRD ("LinPro RRD". RRDTool based client/server system for graphing all sorts of system information gathered from a network) (cvs) (ml)
  • ifGraph (Perl scripts to fetch data from SNMP agents and create graphical web pages using RRDTool)
  • Anteater (Postfix/Sendmail mail server logfile reporting tool) (cvs)
  • MailGraph (PostFix mail server 'real-time' reporting tool using RRDTool)
  • Webalizer (Web server logfile reporting)
  • Awstats (Web server logfile reporting) (cvs)
  • Calamaris (Web server logfile reporting)
  • iptablelog (PHP based Netfilter logfile reporting)
  • Webfwlog (PHP/PostgreSQL based Linux Netfilter firewall logfile reporting) (cvs) (ml)
  • durep (Perl script which reports disk usage via HTML pages)
  • Supermon ('real-time' cluster monitoring system) (cvs)
  • sinfo (Ncurses GUI based 'real-time' network monitor)
  • slmon (S-Lang GUI based 'real-time' system monitor)
  • Alist (Perl based client/server system for gathering host information and view this data via a web tool)
  • Loggerithim (Client/server system for gathering host information and view this data via an Apache/mod_perl based web tool)
  • GKrellM (GTK+ based system and network monitor)
  • GKrellM (GTK+ based system and network monitor)
  • mirmon (Perl/CGI based script to display the status of mirror sites. License: BSD-style)
  • syschk (Tool to check various sub-systems of a host in order to report alarms or notifications)
  • multitail (Ncurses based tool to view multiple logfiles in one console view)
  • 3dmosmon (3D based monitoring tool for a MOSIX cluster)
  • EDDIE Tool (Python based tool for system and security monitoring)
  • flow-tools (Tool set for processing and managing NetFlow data exports from Cisc* and Junip*r routers) (ml)

Performance Monitoring & Benchmarking

  • dstat (Real-time system resource usage reporting tool)
  • Sysstat (Collection of performance monitoring tools for GNU/Linux systems: sar, isag, mpstat, iostat and sa.)
  • Stress (Utility to simulate basic stress situations on POSIX compliant systems)
  • Bonnie++ (Benchmark tool for sampling harddisk and file system performance)
  • diskWriggler (Benchmark tool for testing filesystem storage throughput of video frames)
  • Prospect (OProfile based tool to gather a detailed statistical profile of all processes running on a system) (cvs) (ml)
  • Ntop (Network usage displaying tool with optional webpage reporting) (ml)
  • iftop (Ncurses based tool to display bandwidth usage on an interface)
  • darkstat (Network usage displaying tool via a webpage.)
  • Cricket (Visualize and monitor trends in time-series data of network services) (cvs)
  • Nload (Console tool to view local bandwidth usage in 'real-time') (cvs)
  • Postal (Benchmark tool for sampling the performance of SMTP & POP3 servers)
  • Siege (HTTP benchmarking utility which supports HTTPS, authentication and cookies.)
  • Pipemeter (Shows speed of data moving from input to output)
  • ICPLD ("Internet Connection Performance Logging Daemon". ICMP based tool to monitor network connection perfomance. License: BSD-style)
  • Hping (TCP/UDP/ICMP/Raw-IP packet assembler/analyzer) (cvs)
  • IP Sorcery (GTK+ based GUI for generating custom build networking 'packets' and sending these to a target host)
  • pppusage (Ncurses based tool to display bandwidth usage, number of connections and online time for PPP connections. License: BSD-style)
  • PasTmon (Network traffic tool to measure user transaction response times of several protocols and PostgreSQL database servers) (cvs) (ml)
  • Sipp (Tool for testing SIP server performance) (cvs) (ml) (forum)
  • sipsak (Tool for testing SIP server performance)
  • xmlbench (Toolset for testing the performance of different XML parsers) (forum)
  • OSBD ("Open Source Database Benchmark") (cvs) (ml) (forum)

Network Security Auditing

  • tcpdump (Network traffic analyzer, which contains a library called 'pcap'. License: BSD-style) (ml) (deb)
  • Nmap ("Network Mapper". Network service security scanner) (ml) (deb)
  • Nessus (Automated network service security scanner) (cvs) (ml) (deb)
  • IPaudit (Monitor and report activity on a network by host, protocol and port.) (cvs) (ml)
  • Kismet (Wireless 802.11b monitoring tool) (ml) (deb)
  • Ethereal (GTK+ based network protocol analyzer) (cvs) (deb)
  • Ettercap (GTK+ based network protocol analyzer) (cvs) (ml) (forum)
  • Nast (Text/Ncurses based network protocol analyzer)
  • Scapy (Python script for packet-sniffing, interactive packet manipulation, packet generation and network scanning) (sourcecode) (deb)
  • Netdude (NETwork DUmp data Displayer and Editor. GTK+ based network protocol analyzer. License: BSD-style) (cvs) (ml) (deb)
  • TeleMetryBox (Specialized Debian GNU/Linux distribution to setup a dedicated, automated and web-based network diagnostic system)
  • sig2dot (GPG/PGP keyring graph generator which outputs .dot files. These files can then be turned into visual graphs.) (deb)

Intrusion Detection

  • LIDS ("Linux Intrusion Detection System") (ml)
  • Snort (Intrusion detection system) (SnortAcid PHP based web reporting interface.) (ml) (deb)
  • Aide (Intrusion detection system) (ml) (deb) (deb)
  • Prelude (Intrusion detection system) (ml) (deb)
  • Snare (Intrusion detection system, implemented as a Linux kernel object)
  • Tripwire (Intrusion detection system. Inactive project.) (cvs) (ml) (deb)
  • Firestorm (Intrusion detection system)
  • psad (Port scan detection system which analyses iptables log messages) (cvs) (ml) (deb)
  • tcpreplay (Tool to replay captured network packets. License: BSD-style) (cvs) (ml) (deb)
  • Motion (GNU/Linux based video camera security system using video4linux, MySQL/PostgreSQL and PHP) (cvs) (ml) (deb)
  • ZoneMinder (GNU/Linux based video camera security system using video4linux, MySQL and PHP) (forum)
  • SID ("Shell Intrusion Detection". System for detecting and acting-upon aribitrary shell actions.) (cvs)
  • libsafe (Library which tries to transparently protect pre-compiled executables against buffer overflow vulnerabilities. Libsafe intercepts calls to functions known as vulnerable, and substitutes the the function that implements the same functionality, but makes sure any buffer overflows are contained within the current stack frame. Inactive project.) (deb)
  • Tiny Honeypot (Intrusion detection/monitoring tool based on listening on each TCP port not currently in use, logging all activity, and providing some feedback to the attacker. Inactive project.) (deb)

Data Protection, Authenticity & Integrity

Data Recovery

  • recoverdm (Tool to recover files/disks with damaged sectors)
  • e2undel (Tool which can recover deleted files on an Linux Ext2 file system)

Backup Management

  • BackupPC (Enterprise-oriented backup system. BackupPC has an Apache/Perl-CGI based management interface for administrators and users.) (cvs) (ml)
  • rdiff-backup (Tool to incrementally backup one directory to another, possibly over a network.) (ml)
  • Partition Image (Securely backup different partitions to an image file across a network) (cvs) (ml)
  • vbackup (Incremental backup utility on the local file system)
  • Bacula (Portable client-server based backup tool) (cvs) (ml)
  • Bontmia ("Backup Over Network To Multiple Incremental Archives". Incremental networked backup Bash-script which can use a secure shell)
  • RVM ("Rsync Vault Manager". Incremental, client-server backup system allowing many workstations to backup to a central server)
  • fsbackup (Incremental, networked backup script which can use a secure shell)
  • Afbackup (client-server backup system allowing many workstations to backup to a central server)
  • Amanda (Client-server backup system allowing many workstations to backup to a central server) (cvs)
  • rsnapshot (Perl based incremental backup tool which uses secure shell) (cvs)
  • rsync-bc ("rsync backup client". Incremental backup tool based on a stripped down version of rsync. The rsync-bc client only allowes users to push data to a backup server.)
  • Duplicity (Backup tool which uses GnuPGP for security and rsync for bandwidth-efficiency) (cvs) (ml)
  • Box Backup (Encrypted, networked backup system. License: BSD-style) (ml)
  • Jigdo (Tool to distribute huge filesystem images, eg. ISO-CD or UDF-DVD images, over the Internet.) (ml)
  • RAB (Backup tool for backups to removable media like: CDR/W, DVD-RW/RAM, or MO discs.) (cvs)
  • multiCD (Backup tool which can use multiple CD images)
  • Mondo (CDROM or tape based disaster-recovery tool for GNU/Linux and Win32 systems)
  • Magma (Shell script to help burn CD's)
  • iBackup (Backup tool for "/etc") (ml)
  • Tart ("Tar Archive and Recovery Tool". Perl script to do incremental/full backups and restores for single-user/small computer systems)

Partition & Disk Image Management

  • convertfs (Linux toolset for converting a file system type in the lack of backup space. The idea is to use sparse files support of primary filesystem. Inactive project.)
  • disktype (Tool to detect the content format of a disk or disk image. It knows about common file systems, partition tables, and boot codes. License: BSD style) (cvs)
  • Parted (Library and tools for creating, destroying, resizing, checking and copying partitions, including the file systems on these) (ml) (QtParted Qt based front-end for Parted) (cvs)
  • Partition Image (Securely backup different partitions to an image file across a network) (cvs) (ml)
  • LVM ("Logical Volume Manager") (cvs) (ml)
  • EVMS ("Enterprise Volume Management System") (cvs) (ml)

Server Virtualization

  • Hardware / OS Emulation (from the Operating System page)
  • Linux VServer (Linux kernel patch and user-space tools to manage virtual servers within a 'chrooted' environment) (ml) (util-vserver user-space Vserver tools) (cvs)
  • FreeVPS ("Free Virtual Private Server". Manage Linux virtual servers within a 'chrooted' environment)
  • vhost (Perl scripts to manage Linux/BSD virtual servers) (forum)
  • VHFFS ("Virtual Hosting For Free Software". Collection of Debian packages to setup a project hosting server.) (ml)

ISP Service Management

  • Server Virtualization (from the System Management section)
  • ISPMan (Perl/CGI based web tool and a command-line interface to create virtual domains, manage user accounts, DNS information, and more. ISPMan stores most of its data in a LDAP directory.) (cvs) (ml)
  • XAMS ("eXtended Account Managing Software". PHP/MySQL based web tool to manage user accounts in several sites/domains.) (svn) (ml)
  • Corporate Accounting (from the Business section) 
 Utilize estas aplicações em seu lab e nos de feedback! (: 

domingo, março 25, 2012


Testing grounds


Test sites

SPI Dynamics (live) - http://zero.webappsecurity.com/
Cenzic (live) - http://crackme.cenzic.com/
Watchfire (live) - http://demo.testfire.net/
Acunetix (live) - http://testphp.acunetix.com/ http://testasp.acunetix.com http://testaspnet.acunetix.com
WebMaven / Buggy Bank - http://www.mavensecurity.com/webmaven
Foundstone SASS tools - http://www.foundstone.com/us/resources-free-tools.asp
Updated HackmeBank - http://www.o2-ounceopen.com/technical-info/2008/12/8/updated-version-of-hacmebank.html
OWASP WebGoat - http://www.owasp.org/index.php/OWASP_WebGoat_Project
OWASP SiteGenerator - http://www.owasp.org/index.php/Owasp_SiteGenerator
Stanford SecuriBench - http://suif.stanford.edu/~livshits/securibench/
SecuriBench Micro - http://suif.stanford.edu/~livshits/work/securibench-micro/
Google’s web application training - http://jarlsberg.appspot.com/part1/ 
OWASP TOP 10 LAB (Online) - https://www.hacking-lab.com/Remote_Sec_Lab/free-owasp-top10-lab.html

External Assessment


Add-ons for Firefox that help with general web application security

Web Developer Toolbar - https://addons.mozilla.org/firefox/60/
Plain Old Webserver (POW) - https://addons.mozilla.org/firefox/3002/
XML Developer Toolbar - https://addons.mozilla.org/firefox/2897/
Public Fox - https://addons.mozilla.org/firefox/3911/
XForms Buddy - http://beaufour.dk/index.php?sec=misc&pagename=xforms
MR Tech Local Install - http://www.mrtech.com/extensions/local_install/
Nightly Tester Tools - http://users.blueprintit.co.uk/~dave/web/firefox/buildid/index.html
IE Tab - https://addons.mozilla.org/firefox/1419/
User-Agent Switcher - https://addons.mozilla.org/firefox/59/
ServerSwitcher - https://addons.mozilla.org/firefox/2409/
HeaderMonitor - https://addons.mozilla.org/firefox/575/
RefControl - https://addons.mozilla.org/firefox/953/
refspoof - https://addons.mozilla.org/firefox/667/
No-Referrer - https://addons.mozilla.org/firefox/1999/
LocationBar^2 - https://addons.mozilla.org/firefox/4014/
SpiderZilla - http://spiderzilla.mozdev.org/
Slogger - https://addons.mozilla.org/en-US/firefox/addon/143
Fire Encrypter - https://addons.mozilla.org/firefox/3208/

Browser-based HTTP tampering / editing / replaying

Add-ons for Firefox that help with Javascript and Ajax web application security

Bookmarklets that aid in web application security

RSnake's security bookmarklets - http://ha.ckers.org/bookmarklets.html
BMlets - http://optools.awardspace.com/bmlet.html
Huge list of bookmarklets - http://www.squarefree.com/bookmarklets/
Blummy: consists of small widgets, called blummlets, which make use of Javascript to provide rich functionality - http://www.blummy.com/
Bookmarklets every blogger should have - http://www.micropersuasion.com/2005/10/bookmarklets_ev.html
Flat Bookmark Editing (Firefox Add-on) - http://n01se.net/chouser/proj/mozhack/
OpenBook and Update Bookmark (Firefox Add-ons) - http://www.chuonthis.com/extensions/

Footprinting for web application security

Evolution - http://www.paterva.com/evolution-e.html
GooSweep - http://www.mcgrewsecurity.com/projects/goosweep/
Aura: Google API Utility Tools - http://www.sensepost.com/research/aura/
Edge-Security tools - http://www.edge-security.com/soft.php
Fierce Domain Scanner - http://ha.ckers.org/fierce/
Googlegath - http://www.nothink.org/perl/googlegath/
Advanced Dork (Firefox Add-on) - https://addons.mozilla.org/firefox/2144/
Passive Cache (Firefox Add-on) - https://addons.mozilla.org/firefox/977/
CacheOut! (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1453/
BugMeNot Extension (Firefox Add-on) - http://roachfiend.com/archives/2005/02/07/bugmenot/
TrashMail.net Extension (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1813/
DiggiDig (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/2819/
Digger (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1467/


SSL certificate checking / scanning

HTTP proxying / editing

WebScarab - http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
Burp Suite - http://www.portswigger.net/
Paros - http://www.parosproxy.org/
Paros fork #1: Zed Attack Proxy (ZAP) - http://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
Paros fork #2: Andiparos - http://code.google.com/p/andiparos/
Fiddler - http://www.fiddlertool.com/
Web Proxy Editor - http://www.microsoft.com/mspress/companion/0-7356-2187-X/
Pantera - http://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project
Suru - http://www.sensepost.com/research/suru/
httpedit (curses-based) - http://www.neutralbit.com/en/rd/httpedit/
Charles - http://www.xk72.com/charles/
Odysseus - http://www.bindshell.net/tools/odysseus
Burp, Paros, and WebScarab for Mac OS X - http://www.corsaire.com/downloads/
Web-application scanning tool from `Network Security Tools'/O'Reilly - http://examples.oreilly.com/networkst/
JS Commander - http://jscmd.rubyforge.org/
Ratproxy - http://code.google.com/p/ratproxy/
Arachni - https://github.com/Zapotek/arachni/
WATOBO - http://watobo.sourceforge.net/

RSnake's XSS cheat sheet based-tools, webapp fuzzing, and encoding tools

Wfuzz - http://www.edge-security.com/wfuzz.php
ProxMon - http://www.isecpartners.com/proxmon.html
Wapiti - http://wapiti.sourceforge.net/
Grabber - http://rgaucher.info/beta/grabber/
XSSScan - http://darkcode.ath.cx/scanners/XSSscan.py
CAL9000 - http://www.owasp.org/index.php/Category:OWASP_CAL9000_Project
EnDe - http://www.owasp.org/index.php/Category:OWASP_EnDe
HTMangLe - http://www.fishnetsecurity.com/Tools/HTMangLe/publish.htm
JBroFuzz - http://www.owasp.org/index.php/JBroFuzz
J-Baah - http://www.sensepost.com/labs/tools/pentest/j-baah
XSSFuzz - http://ha.ckers.org/blog/20060921/xssfuzz-released/
WhiteAcid's XSS Assistant - http://www.whiteacid.org/greasemonkey/
Overlong UTF - http://www.microsoft.com/mspress/companion/0-7356-2187-X/
[TGZ] MielieTool (SensePost Research) - http://packetstormsecurity.org/UNIX/utilities/mielietools-v1.0.tgz
RegFuzzer: test your regular expression filter - http://rgaucher.info/b/index.php/post/2007/05/26/RegFuzzer%3A-Test-your-regular-expression-filter
screamingCobra - http://www.dachb0den.com/projects/screamingcobra.html
SPIKE and SPIKE Proxy - http://immunitysec.com/resources-freesoftware.shtml
RFuzz - http://rfuzz.rubyforge.org/
WebFuzz - http://www.codebreakers-journal.com/index.php?option=com_content&task=view&id=112&Itemid=99999999
TestMaker - http://www.pushtotest.com/Docs/downloads/features.html
ASP Auditor - http://michaeldaw.org/projects/asp-auditor-v2/
WSTool - http://wstool.sourceforge.net/
Web Hack Control Center (WHCC) - http://ussysadmin.com/whcc/
Web Text Converter - http://www.microsoft.com/mspress/companion/0-7356-2187-X/
HackBar (Firefox Add-on) - https://addons.mozilla.org/firefox/3899/
Net-Force Tools (NF-Tools, Firefox Add-on) - http://www.net-force.nl/library/downloads/
PostIntercepter (Greasemonkey script) - http://userscripts.org/scripts/show/743
fuzzdb - https://code.google.com/p/fuzzdb/

HTTP general testing / fingerprinting

Wbox: HTTP testing tool - http://hping.org/wbox/
ht://Check - http://htcheck.sourceforge.net/
WebInject - http://www.webinject.org/
Torture.pl Home Page - http://stein.cshl.org/~lstein/torture/
JoeDog's Seige - http://www.joedog.org/JoeDog/Siege/
OPEN-LABS: metoscan (http method testing) - http://www.open-labs.org/
Load-balancing detector - http://ge.mine.nu/lbd.html
HMAP - http://ujeni.murkyroc.com/hmap/
Net-Square: httprint - http://net-square.com/httprint/
Wpoison: http stress testing - http://wpoison.sourceforge.net/
Net-square: MSNPawn - http://net-square.com/msnpawn/index.shtml
hcraft: HTTP Vuln Request Crafter - http://druid.caughq.org/projects/hcraft/
rfp.labs: LibWhisker - http://www.wiretrip.net/rfp/lw.asp
Nikto - http://www.cirt.net/code/nikto.shtml
Websecurify - http://www.websecurify.com
W3AF: Web Application Attack and Audit Framework - http://w3af.sourceforge.net/
twill - http://twill.idyll.org/
DirBuster - http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
[ZIP] DFF Scanner - http://security-net.biz/files/dff/DFF.zip
[ZIP] The Elza project - http://packetstormsecurity.org/web/elza-1.4.7-beta.zip (dead link)
HackerFox and Hacking Addons Bundled: Portable Firefox with web hacking addons bundled - http://sf.net/projects/hackfox
dead, vanished links (March/2012)

Cookie editing / poisoning


Browser-based security fuzzing / checking

Zalewski's MangleMe - http://freecode.com/projects/mangleme tool see here http://lcamtuf.coredump.cx/soft/mangleme.tgz (mangle.cgi dead link)
hdm's tools: Hamachi, CSSDIE, DOM-Hanoi, AxMan - http://metasploit.com/users/hdm/tools/
Peach Fuzzer Framework - http://peachfuzzer.com/ (old link)/
TagBruteForcer - http://research.eeye.com/html/tools/RT20060801-3.html
PROTOS Test-Suite: c05-http-reply - http://www.ee.oulu.fi/research/ouspg/protos/testing/c05/http-reply/index.html
COMRaider - https://github.com/dzzie/COMRaider (dead link)
BrowserCheck - http://www.heise-security.co.uk/services/browsercheck/
Stealing information using DNS pinning demo - http://www.jumperz.net/index.php?i=2&a=1&b=7
Javascript Website Login Checker - http://ha.ckers.org/weird/javascript-website-login-checker.html
Mozilla Activex - http://www.adamlock.com/mozilla/ (old link)
Mr. T (Master Recon Tool, includes Read Firefox Settings PoC) - http://ha.ckers.org/mr-t/
Test your installation of Java software - http://java.com/en/download/installed.jsp?detect=jre&try=1
WebPageFingerprint - Light-weight Greasemonkey Fuzzer - http://userscripts.org/scripts/show/30285
dead, vanished links (March/2012)
bcheck - http://bcheck.scanit.be/bcheck/
Cross-browser Exploit Tests - http://www.jungsonnstudios.com/cool.php
Jungsonn's Black Dragon Project - http://blackdragon.jungsonnstudios.com/
Vulnerable Adobe Plugin Detection For UXSS PoC - http://www.0x000000.com/?i=324
About Flash: is your flash up-to-date? - http://www.macromedia.com/software/flash/about/
Stop-Phishing: Projects page - http://www.indiana.edu/~phishing/?projects
LinkScanner - http://linkscanner.explabs.com/linkscanner/default.asp (seems to be a vendor link now)

Application and protocol fuzzing (random instead of targeted)

Sulley - http://fuzzing.org/
taof: The Art of Fuzzing - http://sourceforge.net/projects/taof/
zzuf: multipurpose fuzzer - http://sam.zoy.org/zzuf/
autodafé: an act of software torture - http://autodafe.sourceforge.net/
dead, vanished links (March/2012)
EFS and GPF: Evolutionary Fuzzing System - http://www.appliedsec.com/resources.html

Ajax and XHR scanning

SQL injection scanning

Web services enumeration / scanning / fuzzing

3rd party services that aid in web application security assessment

Server side stuff

PHP static analysis and file inclusion scanning

Pixy: Open source flow based discovery of XSS and SQLi - http://pixybox.seclab.tuwien.ac.at/pixy/
PHP-SAT.org: Static analysis for PHP - http://www.program-transformation.org/PHP/
Unl0ck Research Team: tool for searching in google for include bugs - http://unl0ck.net/tools.php
FIS: File Inclusion Scanner - http://www.segfault.gr/index.php?cat_id=3&cont_id=25
PHPSecAudit - http://developer.spikesource.com/projects/phpsecaudit

PHP Defensive Tools

PHPInfoSec - Check phpinfo configuration for security - http://phpsec.org/projects/phpsecinfo/
Greasemonkey Replacement can be found at http://yehg.net/lab/#tools.greasemonkey
Php-Brute-Force-Attack Detector - Detect your web servers being scanned by brute force tools - http://yehg.net/lab/pr0js/files.php/php_brute_force_detect.zip
PHP-Login-Info-Checker (Strictly enforce admins/users to select stronger passwords via url loginfo_checker.php?testlic) - http://yehg.net/lab/pr0js/files.php/loginfo_checkerv0.1.zip, http://yehg.net/lab/pr0js/files.php/phploginfo_checker_demo.zip
php-DDOS-Shield (prevent idiot distributed bots which discontinue their flooding attacks by identifying HTTP 503 header code) - http://code.google.com/p/ddos-shield/
PHPMySpamFIGHTER - http://yehg.net/lab/pr0js/files.php/phpmyspamfighter.zip, http://yehg.net/lab/pr0js/files.php/phpMySpamFighter_demo.rar

Web Application Firewall (WAF) and Intrusion Detection (APIDS) rules and resources

APIDS on Wikipedia - http://en.wikipedia.org/wiki/APIDS
PHP Intrusion Detection System (PHP-IDS) - http://php-ids.org/ http://code.google.com/p/phpids/
dotnetids - http://code.google.com/p/dotnetids/
Secure Science InterScout - http://www.securescience.com/home/newsandevents/news/interscout1.0.html
Remo: whitelist rule editor for mod_security - http://remo.netnea.com/
GotRoot: ModSecuirty rules - http://www.gotroot.com/tiki-index.php?page=mod_security+rules
The Web Security Gateway (WSGW) - http://wsgw.sourceforge.net/
mod_security rules generator - http://noeljackson.com/tools/modsecurity/
Mod_Anti_Tamper - http://www.wisec.it/projects.php?id=3
[TGZ] Automatic Rules Generation for Mod_Security - http://www.wisec.it/rdr.php?fn=/Projects/Rule-o-matic.tgz
AQTRONIX WebKnight - http://www.aqtronix.com/?PageID=99
Akismet: blog spam defense - http://akismet.com/
Samoa: Formal tools for securing web services - http://research.microsoft.com/projects/samoa/


Web application non-specific static source-code analysis

Pixy: a static analysis tool for detecting XSS vulnerabilities - http://www.seclab.tuwien.ac.at/projects/pixy/
Brixoft.Net: Source Edit - http://www.brixoft.net/prodinfo.asp?id=1
Security compass web application auditing tools (SWAAT) - http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project
An even more complete list here - http://www.cs.cmu.edu/~aldrich/courses/654/tools/
A nice list that claims some demos available - http://www.cs.cmu.edu/~aldrich/courses/413/tools.html
A smaller, but also good list - http://spinroot.com/static/
Yasca: A highly extensible source code analysis framework; incorporates several analysis tools into one package. http://www.yasca.org/

Static analysis for C/C++ (CGI, ISAPI, etc) in web applications

Java static analysis, security frameworks, and web application security tools

LAPSE - http://suif.stanford.edu/~livshits/work/lapse/
CodePro Analytix - http://code.google.com/webtoolkit/tools/codepro/doc/index.html
HDIV Struts - http://hdiv.org/
Orizon - http://sourceforge.net/projects/orizon/
FindBugs: Find bugs in Java programs - http://findbugs.sourceforge.net/
PMD - http://pmd.sourceforge.net/
CUTE: A Concolic Unit Testing Engine for C and Java - http://osl.cs.uiuc.edu/~ksen/cute/
EMMA - http://emma.sourceforge.net/
JLint - http://jlint.sourceforge.net/
Java PathFinder - http://javapathfinder.sourceforge.net/
Fujaba: Move between UML and Java source code - http://wwwcs.uni-paderborn.de/cs/fujaba/
Checkstyle - http://checkstyle.sourceforge.net/
Cookie Revolver Security Framework - http://sourceforge.net/projects/cookie-revolver
tinapoc - http://sourceforge.net/projects/tinapoc
jarsigner - http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/jarsigner.html
Solex - http://solex.sourceforge.net/
Java Explorer - http://metal.hurlant.com/jexplore/
HTTPClient - http://www.innovation.ch/java/HTTPClient/
another HttpClient - http://jakarta.apache.org/commons/httpclient/
a list of code coverage and analysis tools for Java - http://mythinkpond.blogspot.com/2007/06/java-foss-freeopen-source-software.html

Microsoft .NET static analysis and security framework tools, mostly for ASP.NET and ASP.NET AJAX, but also C# and VB.NET

Database security assessment

Scuba by Imperva Database Vulnerability Scanner - http://www.imperva.com/scuba/

Threat modeling

Microsoft Threat Analysis and Modeling Tool v2.1 (TAM) - http://www.microsoft.com/downloads/details.aspx?FamilyID=59888078-9daf-4e96-b7d1-944703479451&displaylang=en
Amenaza: Attack Tree Modeling (SecurITree) - http://www.amenaza.com/software.php
Octotrike - http://www.octotrike.org/


RSS extensions and caching

Blackhat SEO and maybe some whitehat SEO

SearchStatus (Firefox Add-on) - http://www.quirk.biz/searchstatus/
SEO for Firefox (Firefox Add-on) - http://tools.seobook.com/firefox/seo-for-firefox.html
SEOQuake (Firefox Add-on) - http://www.seoquake.com/
Analytics seo - http://www.analyticsseo.com/

Web application security malware, backdoors, and evil code

Jikto - http://busin3ss.name/jikto-in-the-wild/
XSS Shell - http://ferruh.mavituna.com/article/?1338
XSS-Proxy - http://xss-proxy.sourceforge.net
AttackAPI - http://www.gnucitizen.org/projects/attackapi/
FFsniFF - http://azurit.elbiahosting.sk/ffsniff/
HoneyBlog's web-based junkyard - http://honeyblog.org/junkyard/web-based/
BeEF - http://www.bindshell.net/tools/beef/
Firefox Extension Scanner (FEX) - http://www.gnucitizen.org/projects/fex/
What is my IP address? - http://reglos.de/myaddress/
xRumer: blogspam automation tool - http://www.botmaster.net/movies/XFull.htm
SpyJax - http://www.merchantos.com/makebeta/tools/spyjax/
Greasecarnaval - http://www.gnucitizen.org/projects/greasecarnaval
Technika - http://www.gnucitizen.org/projects/technika/
Load-AttackAPI bookmarklet - http://www.gnucitizen.org/projects/load-attackapi-bookmarklet
MD's Projects: JS port scanner, pinger, backdoors, etc - http://michaeldaw.org/my-projects/

Honeyclients, Web Application, and Web Proxy honeypots

Honeyclient Project: an open-source honeyclient - http://www.honeyclient.org/trac/
HoneyC: the low-interaction honeyclient - http://honeyc.sourceforge.net/
Capture: a high-interaction honeyclient - http://capture-hpc.sourceforge.net/
Google Hack Honeypot - http://ghh.sourceforge.net/
PHP.Hop - PHP Honeynet Project - http://www.rstack.org/phphop/
SpyBye - http://www.monkey.org/~provos/spybye/
Honeytokens - http://www.securityfocus.com/infocus/1713

Browser Privacy/ Defenses

Browser Defenses

DieHard - http://www.diehard-software.org/
LocalRodeo (Firefox Add-on) - http://databasement.net/labs/localrodeo/
NoMoXSS - http://www.seclab.tuwien.ac.at/projects/jstaint/
Request Rodeo - http://savannah.nongnu.org/projects/requestrodeo
FlashBlock (Firefox Add-on) - http://flashblock.mozdev.org/
CookieSafe (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/2497
NoScript (Firefox Add-on) - http://www.noscript.net/
FormFox (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1579/
Adblock (Firefox Add-on) - http://adblock.mozdev.org/
httpOnly in Firefox (Firefox Add-on) - http://blog.php-security.org/archives/40-httpOnly-Cookies-in-Firefox-2.0.html
SafeCache (Firefox Add-on) - http://www.safecache.com/
SafeHistory (Firefox Add-on) - http://www.safehistory.com/
PrefBar (Firefox Add-on) - http://prefbar.mozdev.org/
All-in-One Sidebar (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/1027/
QArchive.org web file checker (Firefox Add-on) - https://addons.mozilla.org/firefox/4115/
Update Notified (Firefox Add-on) - https://addons.mozilla.org/en-US/firefox/addon/2098/
FireKeeper - http://firekeeper.mozdev.org/
Greasemonkey: XSS Malware Script Detector - http://yehg.net/lab/#tools.greasemonkey

Browser Privacy

TrackMeNot (Firefox Add-on) - https://addons.mozilla.org/firefox/3173/
Privacy Bird - http://www.privacybird.com/
HTTPS Everywhere - https://www.eff.org/https-everywhere