Open Source Python Security Software

Web Security Dojo is a virtual machine that provides the tools, targets, and documentation to learn and practice web application security testing. A preconfigured, stand-alone training environment ideal for classroom and conferences. No Internet required to use. Ideal for those interested in getting hands-on practice for ethical hacking, penetration testing, bug bounties, and capture the flag (CTF). A single OVA file will import into VirtualBox and VMware. There is also an Ansible script for those brave souls that want transform their stock Ubuntu into a virtual dojo. Bow to your sensei! username: dojo password: dojo

Netviz (short for NETwork VIsualiZer) is a Python program I cobbled together for a user to monitor devices on the user's LAN or a small section of the Internet. Essentially, it's a pretty interface for information on the MAC addresses and IPs of those devices. The range to search can be set either by the boundaries of the user's LAN using the "Find Range" button or through user-typed IPs. Also, there is a list of tracked MACs. If any of these tracked MACs appears on the LAN, the program shows the IP of this MAC.

The ODS3 Virtual Machine Challenge are downloadable images that can be run as VMWare or VirtualBox instances. The Idea behind the challenge is to test and exercise web application penetration testing in a controlled environment. These images are great for cyber security students, penetration testers and hobbyist. Care should be taken if installed on an Internet access host as the application are purposely vulnerable to attack and exploitation.

ConDEnSE (Confidential Data Enabled Statistical Exploration) will be a web-based environment for statistical analysis of confidential data from various database sources, based on Plone and R, and using the Jackknife method of confidentiality protection.

Cryptography Tools is a project to develop demonstration tools on classic (currently Caesar and Playfair) & modern crypto-systems, including private & public key encryptions, digital signatures, cryptographic hashes and authenticated encryption.

This is a simple encryption tool to work with home-grown encryption algorithms. It can run as either a GUI, a command-line application, or a network proxy.

GuerillaTactics is an effort to bring "Computer Education Through Security Analysis". We aim to create a security education "lab kit" including management software and a curriculum framework.

Gui-Fi is a GUI for Wi-Fi security auditory (Airodump-ng, Airoscript-ng, Aircrack-ptw, Macchanger) written in Python and GTK+.Gui-Fi is able to make the user more comfortable while working with Auditory utilities without the need of console commands.

This is the worlds first and probably only FLOSS project aimed to create a lowbudget, based on availble technology, cruise missile. No this is not a Joke, its for real. Why? Since no one has tried to do this before and certainly not under the GPL.

This software let's you hide text message's inside a image .

A program rövid üzeneteket tud elrejteni, kódolni latin nyelvű disztichonos versekben. Dekódolni is tudja az ilyen titkosított üzeneteket rejtő verseket. Ezen kívül véletlenszerűen is tud verseket generálni. Minden generált vers értelmes latin nyelvű költemény.

SystemSpecifyer is used to develop and maintain complex, well structured, systems specifications, in normal language. Using the System Matrix double matrix relation building mechanism specs can be tested for completeness, correctness and consistency.

The sandbox libraries (libsandbox & pysandbox) are an open-source suite of software components for C/C++ and Python developers to create automated profiling tools and watchdog programs. The API's are designed for executing and instrumenting simple (single process) tasks, featuring policy-based behavioral auditing, resource quota, and statistics collecting. The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education. See project page at https://github.com/openjudge/sandbox for details.

vulnx, an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities in CMS systems. It can perform a quick CMS security detection, information collection (including sub-domain name, IP address, country information, organizational information and time zone, etc.), and vulnerability scanning. Vulnx is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms, fast cms detection, information gathering, and vulnerability scanning of the target like subdomains, IP addresses, country, org, timezone, region, and more. Instead of injecting each and every shell manually as all the other tools do, VulnX analyses the target website checking the presence of a vulnerability if so the shell will be Injected by searching URLs with the dorks Tool. Detects CMS (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia).

SendMeSpamIDS is a python written honeypot. It includes HTTP, HTTPS, SMTP and many more, which are under constant development. The scripts support syslog and are ready for ELK integration.