A README is a crucial but basic way of documenting your project. While every project should at least have a README, more involved ones can also benefit from a wiki or a dedicated documentation website.

The Network Situational Awareness (NetSA) group at CERT has developed and maintains a suite of open source tools for monitoring large-scale networks using flow data. These tools have grown out of the work of the AirCERT project, the SiLK project and the effort to integrate this work into a unified, standards-compliant flow collection and analysis platform.

If you are new to the NetSA Security Suite, start with this overview of the components that comprise the NetSA Security Suite and their inter-operation.

CERT is a part of the Software Engineering Institute (SEI), a federally funded research and development center (FFRDC) operated by Carnegie Mellon University.

Features:

• ipv4 allocation table
• some registration data of all assigned and allocated blocks
• AS information and announced own prefixes
• geolocation data for ipv4 addresses
• all domains for ip address

Limitations:

• 500 requests from registered users within 24 hours.
• 200 requests from one ip address within 24 hours for unregistered users.

Data sources:

• registered blocks: regional registers: RIPE NCC, ARIN, APNIC, LACNIC, AFRINIC
• BGP table: Route Views Project
• Geolocation data: NetLoad, MAXMIND, IpGeoBase.ru, local additions. This site or product includes IP2Location LITE data available from http://lite.ip2location.com.
• Icons: Fugue Icons
• Flags: flags.blogpotato.de and Maxmind
• Social icons: komodomedia

Syslog Watcher installs a dedicated syslog server, integrating log data from multiple network devices into a single, easily manageable and accessible place. Collecting and analyzing syslogs is essential for maintaining network stability and auditing network security.

Picard est un marqueur de fichiers audio multi-plateformes écrit en Python. Recherche acoustID et gestion d'audiothèque.

This is a nice question.

As a matter of fact, tcpdump is the first software found after the wire (and the NIC, if you will) on the way IN, and the last one on the way OUT.

Wire -> NIC -> tcpdump -> netfilter/iptables

iptables -> tcpdump -> NIC -> Wire
Thus it sees all packets reaching your interface, and all packets leaving your interface. Since packets to port 53 do not get a reply, as seen by tcpdump, you have successfully verified that your iptables rules have been correctly configured.

EDIT

Perhaps I should add a few details. tcpdump is based on libpcap, a library which creates a packet socket. When a regular packet is received in the network stack, the kernel first checks to see whether there is a packet socket interested in the newly arrived packet and, if there is one, it forwards the packet to that packet socket. If the option ETH_P_ALL is chosen, then all protocols go thru the packet socket.

libpcap implements one such packet socket with the option activated, keeps a copy for its own use, and duplicates the packet back onto the network stack, where it is processed by the kernel in the usual way, including passing it first to netfilter, the kernel-space counterpart of iptables. Same thing, in reverse order (i.e., first netfilter then last the passage thru the packet socket), on the way out.

Is this prone to hacking? But of course. There are certainly proof-of-concept rootkits using libpcap to intercept communications destined to the rootkit before the firewall can lay its hand on them. But even this pales in comparison with the fact that a simple Google query unearths working code hiding traffic even from libpcap. Still, most professionals think the advantages vastly outweigh the disadvantages, in debugging network packet filters.

The “Java Decompiler project” aims to develop tools in order to decompile and analyze Java 5 “byte code” and the later versions.

JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields.

JD-Eclipse is a plug-in for the Eclipse platform. It allows you to display all the Java sources during your debugging process, even if you do not have them all.

JD-Core is a library that reconstructs Java source code from one or more “.class” files. JD-Core may be used to recover lost source code and explore the source of Java runtime libraries. New features of Java 5, such as annotations, generics or type “enum”, are supported. JD-GUI and JD-Eclipse include JD-Core library.

JD-Core, JD-GUI & JD-Eclipse are open source projects released under the GPLv3 License.

The Core Project, as suggested by our name, is not a turnkey desktop distribution. Instead we deliver just the core Linux from which it is quite easy to add what you want. We offer 3 different x86 "cores" to get you started: Core, TinyCore, and our installation image, CorePlus.

Swiss File Knife - A Command Line Tools Collection
combines many functions in a single, portable executable that belongs onto every USB stick. Search and convert text files, instant simple FTP/HTTP server, find duplicate files, compare folders, treesize, run own commands on all files of a folder - it's all within a single tool.

Working on NT and Win2K means that executables and object files will many times have embedded UNICODE strings that you cannot easily see with a standard ASCII strings or grep programs. So we decided to roll our own. Strings just scans the file you pass it for UNICODE (or ASCII) strings of a default length of 3 or more UNICODE (or ASCII) characters. Note that it works under Windows 95 as well.

If the other solutions listed above won't work, then try the Emergency Password Reset Script. It is not a Plugin. It is a PHP script.

Siphons cookies, exposes internal router & installs web backdoor on locked computers

Votre environnement Cloud Shell est un conteneur Docker. Le conteneur est démarré par défaut à partir d'une image Docker gérée par Google, mais vous pouvez aussi spécifier une image Docker personnalisée pour votre environnement Cloud Shell. La personnalisation s'effectue en deux étapes :

Localisez une image Docker pertinente. Notre outil Créer une image personnalisée peut créer une image personnalisée standard que vous pouvez utiliser comme point de départ pour votre image.
Modifiez votre environnement afin de référencer l'image souhaitée.

The goal of the Glasnost project is to make ISPs' traffic shaping policies transparent to their customers.

Welcome to the new IntelTechniques Search Tool. Use the links to the left to access all of the custom search tools and resources. This repository contains hundreds of online search utilities. Click any category to expand the selection. The first option offers an automated search tool, while the remaining options offer additional resources if needed.

To test your htaccess rewrite rules, simply fill in the url that you're applying the rules to, place the contents of your htaccess on the larger input area and press "Test" button.

Scan an IP address through multiple DNS-based blacklists (DNSBL) and IP reputation services, to facilitate the detection of IP addresses involved in malware incidents and spamming activities. This service checks in real-time an IP address through more than 80 IP reputation and DNSBL services.

URLVoid is a free service developed by NoVirusThanks on the late 2010 that allows users to scan a website with multiple website reputation engines and domain blacklisting services, to facilitate the detection of dangerous websites related to malware, phishing, scam and fraudulent activities. Please take in mind that even if a website is classified as safe by all the scanning engines, URLVoid can not guarantee the harmlessness of the website analyzed. You should re-scan a website if the report is too old, so that you have up-to-date results.

Here are the credentials for an Online LDAP Test Server that you can use for testing your applications that require LDAP-based authentication. Our goal is to eliminate the need for you to download, install and configure an LDAP sever for testing. If all you need is to test connectivity and authentication against a few identities, you have come to the right place. If you find this useful or would like us to enhance/modify this test LDAP server, please leave a comment.

LDAP Server Information (read-only access):

Server: ldap.forumsys.com
Port: 389

Bind DN: cn=read-only-admin,dc=example,dc=com
Bind Password: password

All user passwords are password.

NAT64Check is a tool developed by the Internet Society in collaboration with Stichting IPv6 Nederland, Go6, SJM Steffann, Internetbureau Max and Simply Understand. This allows you to enter the URL of a particular website, and then run tests over IPv4, IPv6 and NAT64 in order to check whether the website is actually reachable in each case, whether identical web pages are returned, and whether all the resources such as images, stylesheets and scripts load correctly. It also compares responsiveness using the different protocols, therefore allowing network and system administrators to easily identify anything is ‘broken’, to pinpoint where any non-IPv6 compatible elements need to be fixed.