Network Tools / Security

• Snort: NIDS (standard front-end: BASE)
• Other NIDS: Bro, Shoki
• Monitoring front-ends: Sguil, Prelude, OSSIM
• Data collection/graphing: drraw, RRDtool, Cricket, Cacti
• Argus: network auditor
• Arpwatch: tracks ether/ip pairs, looks for hijacking
• Honeyd: flexible honeypot system
• Nessus: network service assessment (uses THC-Hydra)
• Nikto: Web server assessment (uses libwhisker)
• Wikto: Web server assessment
• WebScarab: Web application assessment
• Aircrack: 802.11b WEP/WPA sniifer/cracker
• Pwdump: windows password tool
• NBTScan: NetBIOS scanner
• Nmap: Nmap port scanner
• Dsniff: network tools
• Paketto Keiretsu: network tools, less evil than dsniff
• Wireshark (Ethereal): traffic analyzer (Ethertree)
• Socat: netcat on steroids (ipv6, ssl, socks)
• Ettercap: switched network traffic sniffer
• Kismet: 802.11a/b/g traffic sniffer
• Ngrep: grep, for network traffic
• Scapy: python-based packet generator
• TCPReplay: replays tcpdump traffic
• Yersinia: attacks DHCP, CDP, HSRP, STP, DTP, VTP
• various NLANR network tools
• Thrulay: Path bandwidth/latency measure
• ISIC: IP/IPv6 stack tester
• Rain: Craft semi-custom packets, replicate common stack attacks
• UPnPscan: scans for UPnP devices

System Tools / Security

• Spike / Spike Proxy:
• Zzuf: generic file/network input fuzzer
• Metasploit: exploit generating framework
• LSOF: LiSts Open Files and sockets
• John the Ripper: Password cracker (crypt, MD5, AFS, NTLM)
• Distributed John (requires JTR): Parallelizer for JTR
• Chkrootkit: tries to check for some rootkits and trojans
• AIDE: file integrity monitor (like the commercial Tripwire)
• Rsync: local/remote file synchronization

Cryptographic Software

• General:
  • OpenSSH: secure remote shell access
  • puTTY: secure remote shell access (Windows)
  • OpenSSL: standard cryptographic library
  • Stunnel: SSL wrapper for ordinary network applications
  • Kerberos: network cryptographic authentication system
• Tunnelling:
  • anoNet: uses OpenVPN and quagga
  • OpenVPN: uses openssl for network tunnelling, uses tun/tap
  • IPSec: The not-so-gold standard, requires proto 50/51 accessibility
  • PPTP: inflexible, requires GRE accessibility, less secure
• Messaging:
  • Pidgin (Gaim): Multiplatform IM (Jabber/AIM/Yahoo/MSN/IRC/SILC)
  • Off-The-Record (OTR) Messaging: encrypted, deniable IM
    plugin for Pidgin, proxy for others
  • Skype (duh)
  • SILC: Secure Internet Live Conferencing
  • IHU: VOIP crypt
• Email:
  • GnuPG / PGP: public key file/email encryption
  • Enigmail for Thunderbird
  • GPGMail for Apple's Mail
  • Mixmaster: type I/II remailer client/server implementation
  • MixMinion: type III remailer client/server implementation
• Disk Crypto:
  • TrueCrypt: encrypted (deniable/stego) storage containers
  • LUKS: Linux Unified Key Setup - disk crypto (Linux)
• Anonymous/Semi-anon Networks
  • Tor (wiki)
  • I2P
  • Freenet: Java, distributed data store
  • Entropy: C, distributed data store
  • WASTE: darknet islands
  • JAP: anon webproxy, optionally uses Tor
  • t4p: f2f peer net
  • gnunet: p2p
  • cspace: p2p
• Secure File Transfer
  • Fugu (Mac)
  • gFTP
  • sshfs + fuse
  • Duplicity
  • Rsyncrypto

News

• Intel and AMD Roadmaps, 2007+
• Dark Reading
• The Register
• slashdot
• alterslash
• Linuxsecurity.com
• Matasano blog

Networking

• Route Views

Languages

• Ruby (Eigenclass, Rubyquiz)
• Python (wiki)
• CLisp (wiki, PCL)
• Lua
• Javascript
• Io
• Boo

Other Resources

• OpenRCE
• Metasploit (and Blog)
• Milw0rm
• Honeynet Project
• Packetstorm
• SecDev.org, tools
• Gray-World.net
• Uninformed
• SRI research projects

Lists

• Bugtraq
• seclists.org (iw/ full-disclosure)
• Full-Disclosure
• aimsgroup archives
• mail-archive.com

Email and Anti-Spam strategies

• Thunderbird
  (or Mozilla)
• Mutt
• SPF/DK for Thunderbird
• Greylisting
• More Greylisting
• Policyd for Postfix
• SPF for Postfix
• Hashcash (and 2pennyblue)
• Spamcop
• Spamhaus
• Spews
• Spamassassin
• DSPAM

Browsers

• Firefox
• Opera

Linux Distributions

• Gentoo
• Ubuntu
• Fedora Core

Windows

• Sysinternals (now MS property)

Administration

• cfengine (wiki)

Physical Security

• ZoneMinder

Commercial Pen-testing stuff

• Core Impact: integrated pen-testing
• Canvas: integrated pen-testing
• Retina: network scanner (with fuzzing?)