Open Source C Security Software for FreeBSD

An open-source free cross-platform multi-protocol VPN program, as an academic project from University of Tsukuba, under the Apache License 2.0. The API Suite allows you to easily develop your original SoftEther VPN Server management application to control the VPN Server (e.g. creating users, adding Virtual Hubs, disconnecting a specified VPN sessions) from JavaScript, TypeScript, C# or other languages. SoftEther VPN ("SoftEther" means "Software Ethernet") is one of the world's most powerful and easy-to-use multi-protocol VPN software. It runs on Windows, Linux, Mac, FreeBSD and Solaris. SoftEther VPN is an optimum alternative to OpenVPN and Microsoft's VPN servers. SoftEther VPN has a clone-function of OpenVPN Server. You can integrate from OpenVPN to SoftEther VPN smoothly. SoftEther VPN is faster than OpenVPN. SoftEther VPN also supports Microsoft SSTP VPN for Windows Vista / 7 / 8. No more need to pay expensive charges for Windows Server license for Remote-Access VPN function.

Masscan is an Internet-scale port scanner, able to scan the entire Internet in just 6 minutes or less. It's considered the fastest port scanner and is similar to the famous port scanner nmap, and like port scanners scanrand and unicornscan it uses asynchronous transmissions. However, it is more flexible when it comes to arbitrary port and address ranges. Masscan not only detects when ports are open, it can also check banners. And while it is useful for smaller, internal networks, it's designed with the entire internet in mind. Do take note however that Masscan uses its own custom TCP/IP stack, so anything other than a simple port scan could cause conflict with the local TCP/IP stack unless certain configurations are done.

syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others. syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents on hosts, organizations can unify their log data collection and management. syslog-ng Store Box provides automated archiving, tamper-proof encrypted storage, granular access controls to protect log data. The largest appliance can store up to 10TB of raw logs.

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Development has been moved to GitHub, https://github.com/Ettercap/ettercap

Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process.

WipeFreeSpace is a program to securely erase/wipe/overwrite/shred the free space on file systems WITHOUT DESTROYING EXISTING FILES, to prevent recovery of deleted sensitive data. This allows protecting the user's privacy when e.g. selling the drive or the whole computer. The following filesystems are supported: - Ext2/3/4, - NTFS, - XFS, - ReiserFSv3/4, - FAT12/16/32, - MinixFS1/2, - JFS, - HFS/HFS+, - OCFS. The following wiping methods are supported: Gutmann-like, random, Schneier, DoD. Additionally, WipeFreeSpace can finalize wiping the filesystem by writing blocks of zeros, which is friendly for sparse files, virtual systems and other places where zeroed-out space is not physically allocated. See the project homepage https://wipefreespace.sourceforge.io and the project Wiki in the menu above. To prevent clear-text data from being left on the drive in the first place, you can use LibSecRm (https://libsecrm.sourceforge.io), which wipes the data on-the-fly.

The Sleuth Kit is a C++ library and collection of open source file system forensics tools that allow you to, among other things, view allocated and deleted data from NTFS, FAT, FFS, EXT2, Ext3, HFS+, and ISO9660 images.

Shadowsocks-libev is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. Shadowsocks-libev is written in pure C and depends on libev. It's designed to be a lightweight implementation of shadowsocks protocol, in order to keep the resource usage as low as possible. Snap is the recommended way to install the latest binaries. You can build shadowsocks-libev and all its dependencies by script. The latest shadowsocks-libev has provided a redir mode. You can configure your Linux-based box or router to proxy all TCP traffic transparently, which is handy if you use an OpenWRT-powered router. Although shadowsocks-libev can handle thousands of concurrent connections nicely, we still recommend setting up your server's firewall rules to limit connections from each user. We strongly encourage you to install shadowsocks-libev from jessie-backports-sloppy.

PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

HPN-SSH is a series of performance patches for OpenSSH. By addressing network limitations and CPU limitations significant throughput performance can be realized. Gains of close to two orders of magnitude are possible on long fat network paths. The official git repo is now available at http://github.com/rapier1/openssh-portable. The Sourceforge repository should not be seen as the canonical repository for HPN-SSH. We will update it as we can but users should look to github to generate patches We also support Ubuntu packages. Add them to your package manager with `sudo add-apt-repository ppa:rapier1/hpnssh` Fedora RPMs can be added with, `sudo dnf copr enable rapier1/hpnssh`

LibSecRm (LIBrary for SECure ReMoval) is a set of replacements for these standard C functions which cause data removing from files. The data is first securely wiped on-the-fly, to protect the user's privacy, then the original functions are called. There is NO NEED to rebuild your software, because LibSecRm is a pre-loadable library, meaning you just need to RUN the software with LibSecRm loaded. LibSecRm is also a development library. The following wiping methods are supported: Gutmann-like, random, Schneier, DoD. See the project homepage https://libsecrm.sourceforge.io and the project Wiki in the menu above. To wipe data that was left on the drive by using "normal" delete operations, you can take a look at WipeFreeSpace (https://wipefreespace.sourceforge.io), which wipes the space used by files marked as deleted (and other things, too).

DavUtils is a collection of easy to use WebDAV client tools. The built-in client-side encryption allows you to encrypt and decrypt files on the fly with AES. Currently two command line tools are available: dav is a multipurpose WebDAV client that can be used like the standard unix tools ls, mkdir and rm. The other tool is dav-sync that can synchronize local files with a WebDAV server. It is very flexible and configurable and has advanced data safety features to prevent data loss. The integrated client-side AES encryption makes it secure to use public clouds.

The Neighbor Discovery Protocol Monitor (NDPMon) is used by Internet Protocol version 6 network administrators for monitoring ICMPv6 packets. NDPMon observes the local network for anomalies in the function of nodes using Neighbor Discovery Protocol (NDP) messages, especially during the Stateless Address Autoconfiguration. When an NDP message is flagged, it notifies the administrator by writing to the syslog or by sending an email report. It may also execute a user-defined script. For IPv6, NDPMon is an equivalent of Arpwatch for IPv4, and has similar basic features with added attacks detection. NDPMon also maintains up-to-date a list of neighbors on the link and watches all advertisements and changes. It permits to track the usage of cryptographically generated interface identifiers or temporary global addresses when Privacy extensions are enable (default behavior in Ubuntu and Windows for example).

Secure locate provides a secure way to index and quickly search for files on your system. It will also check file permissions and ownership so that users will not see files they do not have access to.

FEHASHMAC is the largest collection of publicly known hash algorithms integrated into a command-line utility. FEHASHMAC contains a set of known test vectors and results for each algorithm such that the correct implementation for each hardware platform and compiler version can directly be verified. Currently 57 hash algorithms like sha1 sha224 sha256 sha384 sha512 and variants, sha3 and shake, all SHA3 finalists and blake3, md2 md4 md5 md6, rmd128 rmd160 rmd256 rmd320, whirl gost lash160 lash256 lash384 lash512 tiger2 and RFC 2104 HMAC and KMAC support are included, plus SHA3 extensions kmac128, kmac256, kmacxof128, kmacxof256 for message.

Unicornscan is an asynchronous TCP and UDP port scanner developed by the late Jack C. Louis.

IMPORTANT -- This is an old project that is no longer supported and should not be relied upon for serious applications. If your looking for encryption software, I suggest OpenSSL or GnuPG which are better equipped.

Configure Unix users and groups in a MySQL database. It is system-wide like NIS or LDAP! It features open-ended database design and persistent connections. Works with NSS-compatible systems (Linux, Solaris, FreeBSD).

Store your secret notes in a safe place. Application and document in one executable file: the mechanism to encrypt/decrypt notes is part of it.

yafic is Yet Another File Integrity Checker, similar to Tripwire. yafic, however, is fast, simple, and yet flexible. Config files are similar to Tripwire's, even supporting flag templates. It uses SHA-1 as its hash function.

Common Hardware Recovery Solutions by Ukrainian-Russian network

Campagnol is a decentralized VPN over UDP tunneling. It uses UDP hole punching to open connections through NAT/firewall and OpenSSL's DTLSv1 implementation for mutual authentication and encryption.

MetFS is a filesystem in userspace that is FUSE based, encrypted, dynamic sized (increase when new data added, decrease when data removed), single file when it's unmounted and very fast. MetFS 's proved to be running on Linux and FreeBSD.

This PAM service module allows PAM-enabled applications to check if the target user is in some arbitrary plaintext list. Similar to module pam_ftpusers from the FreeBSD Project, and is based on its code.