Cute & funny video - Great QA humour!
Advertisement
Description:
Babel Enterprise manages the risk, dividing it by domains (groups or organizations), assets and policies. With all this, it can be checked, point by point the fully compliance of a security regulation, such as UNE-ISO/IEC 27001 or other ones that depend on this such as LOPD, SOX, etc.
Requirement:
Linux, Solaris, WinXP, HP-UX, IBM AIX
Download data:
Downloadable files: 8337 total downloads to date
BFBTester - Brute Force Binary Tester
Description:
BFBTester is good for doing quick, proactive security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. It can also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names.
Requirement:
POSIX, BSD, FreeBSD, OpenBSD, Linux
Download data:
Downloadable files: 10003 total downloads to date
Description:
The CROSS (Codenomicon Robust Open Source Software) program is designed to help open source projects fix critical flaws in their code. Codenomicon's CROSS program provides open source projects with full access to its award-winning DEFENSICS testing solutions, helping the projects find and fix a large number of critical flaws very rapidly.
Requirement:
130 protocol interfaces and formats
Download data:
No data feed available
Description:
Program that scans C/C++ source code and reports potential security flaws. By default, it sorts its reports by risk level (the riskiest operations in the code are listed first).
Requirement:
Python 1.5 or greater
Download data:
No data feed available
Description:
Gendarme is a extensible rule-based tool to find problems in .NET applications and libraries. Gendarme inspects programs and libraries that contain code in ECMA CIL format (Mono and .NET) and looks for common problems with the code, problems that compilers do not typically check or have not historically checked.
Requirement:
.NET (Mono or MS runtime)
Download data:
No data feed available
Description:
The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.
Requirement:
Win32 / UNIX
Download data:
No data feed available
Description:
The Nessus vulnerability scanner is the world-leader in active scanners, featuring high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of your security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. Note that Nessus 3.x is propietary, while Nessus 2.x is open source, which the vendor has committed to maintaining.
Requirement:
Linus, Solaris, Mac, Windows
Download data:
No data feed available
Description:
Nikto is an open source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3200 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers.
Requirement:
Windows/UNIX
Download data:
No data feed available
Description:
nsiqcppstyle is aiming to provide an extensible, easy to use, highly maintainable coding style checker for C/C++ source code. The rules and analysis engine are separated and users can develop their own C/C++ coding style rules. Furthermore, there is a customizable rule server(Google App Engine or dJango based) as well. This project is developed to provide the internal toolset for NHN corp in South Korea.
Requirement:
Platform Independent
Download data:
No data feed available
Description:
Oedipus is an open source web application security analysis and testing suite written in Ruby. It is capable of parsing different types of log files off-line and identifying security vulnerabilities. Using the analyzed information, Oedipus can dynamically test web sites for application and web server vulnerabilities.
Requirement:
OS Independent
Download data:
No data feed available
OSSTMM - Open Source Security Testing Methodology Manual
Description:
This manual is to set forth a standard for Internet security testing.
Requirement:
Download data:
No data feed available
Description:
Paros is for people who need to evaluate the security of their web applications. It is completely written in Java. All HTTP and HTTPS data between server and client, including cookies and form fields, can be intercepted and modified.
Requirement:
Cross-platform, Java JRE/JDK 1.4.2 or above
Download data:
No data feed available
Description:
WebScarab is a loose suite of web application security assessment tools written entirely in Java. It is a tool primarily designed to be used by developers who can write code themselves.
Requirement:
OS Indpendent
Download data:
No data feed available
Description:
Wireshark, formerly known as Ethereal, is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product.
Requirement:
Unix, Linux, and Windows
Download data:
No data feed available
For those projects hosted on SourceForge, the project activity data is updated weekly using live newsfeeds powered by CaRP
