Open Source Python Security Software - Page 8

Python script that was originally intended for use in forensic examinations that parses WTMP files from Unix-like operating systems and generates a CSS-styled HTML report containing login terminal, username, log start date and login time/date in a table. Good for postmortem forensic examinations or as a way of getting "last" like information where you don't have the ability to boot the machine in question but can grab the wtmp.

Zero Wine is a malware's behavior analysis tool. Just upload your suspicious PE file (windows executable) through the web interface and let it analyze the behaviour of the process.

Official unofficial Zorp home - several enhancements to Zorp

cracking-actions is an open source software that allows you to crack passwords, files, etc... ,it targets windows and linux

Darkjumper.py Developed by : mywisdom & gunslinger_ This tool will try to find every website that host at the same server at your target Then check for every vulnerability of each website that host at the same server

dnmap is a distributed nmap framwork using a client/server architecture. The server reads the commands from a file and send them to each client. The client execute the nmap command and send the results back. Also see: www.mateslab.com.ar

HSENCFS is a user space encrypting file system. Simple to set up, seamless to use, fast, safe, secure and maintenance free. It will encrypt data on the fly written to it, decrypt data read from it. HSENCFS uses only storage space for actual data stored, no pre-allocation needed. It is fast enough for real time Video Encryption. HSENCFS is classified as a variable key length encryption.

A pure python module which implements the DES and Triple-DES encryption algorithms. Triple DES is either DES-EDE3 with a 24 byte key, or DES-EDE2 with a 16 byte key.

Rishi is a botnet detection software, capable of detecting hosts infected with IRC based bots by passively monitoring network traffic. A webinterface provides additional information to found incidents.

SLEncrypt is a python module for encryption with 11 ciphers at the moment, including ADFGVX, Autokey, Caesar/ROT13, Vigenere, XOR and a lot more. It contains functions allowing you to easily encrypt/decrypt files. The code is about 95% PEP 8 compilant.

Open-source tool for Linux that can be used as part of live information gathering during an incident response to allow for after the fact in depth analysis of the running system.

A.I. security app. Development ceased.

APG UI is a simple GTK+ GUI for the "Automated password generator"

Python script to get the last 5 minutes of accepted traffic logs via the trendmicro email security API and send them to a syslog server Script Python para obtener los ultimos 5 minutos de logs de trafico aceptado por medio de la API de trendmicro email security y enviarlos a un servidor de syslog Crontab */5 * * * * /usr/local/bin/python3.9 /home/user/tmes-syslog_0.02.py 2>&1 > /home/user/errores.txt ------------ # API documentation # Getting Started with Trend Micro Email Security APIs # https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-rest-api-online-help/getting-started-with.aspx # Obtaining the API Key # https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-rest-api-online-help/getting-started-with/obtaining-the-api-ke.aspx # List Mail Tracking Logs # https://docs.trendmicro.com/en-us/enterprise/trend-micro-email-security-rest-api-online-help/supported-apis/logs/list-mail-tracking-l.aspx

This is a very powerfull criptography project that basicaly can be used to transmit or store secure data and study some cipher, hash and compression algorithms to understands how it works.

AST is a security platform written in python. It's composed by modules that can be installed and loaded on it.

A Jupyter server extension to proxy requests with AWS SigV4 authentication. This server extension enables the usage of the AWS JavaScript/TypeScript SDK to write Jupyter frontend extensions without having to export AWS credentials to the browser. A single /awsproxy endpoint is added on the Jupyter server which receives incoming requests from the browser, uses the credentials on the server to add SigV4 authentication to the request, and then proxies the request to the actual AWS service endpoint. All requests are proxied back-and-forth as-is, e.g., a 4xx status code from the AWS service will be relayed back as-is to the browser. Using this requries no additional dependencies in the client-side code. Just use the regular AWS JavaScript/TypeScript SDK methods and add any dummy credentials and change the endpoint to the /awsproxy endpoint.

The AWS Secrets Manager Python caching client enables in-process caching of secrets for Python applications. To use this client you must have Python 3.6 or newer. Use of Python versions 3.5 or older are not supported. An Amazon Web Services (AWS) account to access secrets stored in AWS Secrets Manager. To create an AWS account, go to Sign In or Create an AWS Account and then choose I am a new user. Follow the instructions to create an AWS account. To create a secret in AWS Secrets Manager, go to Creating Secrets and follow the instructions on that page. This library makes use of botocore, the low-level core functionality of the boto3 SDK. For more information on boto3 and botocore, please review the AWS SDK for Python and Botocore documentation.

Multi-threaded host name and technical contact lookup tool. Reads a list of counted IP addresses (as outputted by uniq -c) from stdin or a file. Resolves their hostnames and (whois) technical contacts. Writes info to stdout.

A tight python crypto module implementing only the latest and greatest: Rijndael (AES) symmetric cipher in 128, 192 and 256 bits supporting password encryption, SHA 256 and several CSPRNG schemes in pure python.

Email was not designed to be used as an alert console. It is not a scalable solution when it comes to monitoring and alert visualization. A minimal installation of Alerta can be deployed quickly and easily as monitoring requirements and confidence grow. There are integrations available with Prometheus, Riemann, Nagios, Zabbix, netdata, Sensu, Pingdom and Cloudwatch. Integrating bespoke systems is easy using the API or command-line tool. Alerts are submitted in JSON format to an HTTP API. Alerts can be queried from the command line or viewed in a slick web console optimized for desktop, tablet, and mobile. User logins can be added using Google, GitHub or GitLab OAuth and programmatic access is managed using API keys.

The Amazon DynamoDB Encryption Client for Python provides client-side encryption of Amazon DynamoDB items to help you to protect your table data before you send it to DynamoDB. It provides an implementation of the Amazon DynamoDB Encryption Client that is fully compatible with the Amazon DynamoDB Encryption Client for Java. The helper clients provide a familiar interface but the actual item encryption and decryption is handled by a low-level item encryptor. You usually will not need to interact with these low-level functions, but for certain advanced use cases it can be useful. If you do choose to use the item encryptor functions directly, you will need to provide a CryptoConfig for each call. By default, the helper clients use your attribute actions and cryptographic materials provider to build the CryptoConfig that is provided to the item encryptor. For some advanced use cases, you might want to provide a custom CryptoConfig for specific operations.

Amun is a low-interaction honeypot, like Nepenthes or Omnivora, designed to capture autonomous spreading malware in an automated fashion. Amun is written in Python and therefore allows easy integration of new features.

ES: AnalogIDS es un analizador de logs de snort escrito en python que permite la generación de estadisticas de conexiones establecidas, protocolos y alertas de seguridad. Ademas permite generar gráficos de barra y pastel de las estadisticas. EN: AnalogIDS is a snort log analyzer written in python that allows the generation of statistics established connections, protocols and security alerts. You can generate bar graphs and pie statistics.

Archangel is meant to be a sort of 'improved' version of dansguardian and uses the same default lists as dansguardian. It is basically dansguardian rewritten in python as an ICAP server as opposed to a proxy front-end. The benefits of archangel over dansguardian include: 1. Because it is an ICAP filter, it interfaces with squid and can do HTTPS filtering as well as regular HTTP. 2. Because it uses blocking modules and is written in python, it is extremely easy to write new modules for very complex, intensive blocking. I have already written a module that does content-based blocking of youtube videos. Archangel uses the pyicap library to implement the ICAP functionality. The blockpage requires use of the PHP 5.4.x CLI. In order to do HTTPS filtering, you must first install squid compiled with SSL support and configure it to talk to archangel.