Open Source C Software Testing Tools

What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".

pamtester is a tiny utility program to test the pluggable authentication modules (PAM) facility, specifically designed to help PAM module authors to intensively test their own modules.

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

hwk is an easy-to-use application used to attack and discover wireless networks. It's providing various modes such as authentication/deauthentication flood, beacon and probe response fuzzing.

Syn Flood Attacks SYNFlood with static source port SYNFlood with random source port SYNFlood with static source ip address SYNFlood with random source address SynFlood with fragmented packets ACK Flood Attacks ACK Flood with static source port ACK Flood with random source port ACK Flood with static source ip address ACK Flood with random source address ACK Flood with fragmented packets FIN Flood Attacks FIN Flood with static source port FIN Flood with random source port FIN Flood with static source ip address FIN Flood with random source address FIN Flood with fragmented packets UDP Flood Attacs Static source port udp flood UDP flood with random source port UDP Flood with static source ip address UDP Flood with random source address UDP Flood with fragmented packets ICMP Flood ICMP Flood with all options random(source ip, icmp type, code) HTTP Flood ... More info: http://sf.net/p/netstressng/wiki/Home/

Bannergrab is a next generation network service banner grabbing tool. In addition to simple banner grabbing it can send triggers to various services such as FTP, SMTP and HTTP to enumerate additional information, including support for SSL services.

SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).

BP-Sim allows users to perform an extensive range of tests across the chain of payment services and thus identify potential causes of failures before launching payment systems into production. BP-Sim consists of following modules: BP-Source, BP-Host, BP-HSM and BP-SeeEMV. BP-Source and BP-Host are payment transaction simulators supporting formats as: APACS30, AS2805, many ISO8583 dialects, IFSF, SPDH, TCMP. Together with industry-standard cryptography, multi-platform support, configurable transaction load up to 2000 TPS. BP-Sim HSM module provides an adequate TCP/IP simulation of the Thales Hardware Security Mod. BP-SeeEMV simulates the steps involved in an EMV transaction that take place in the EMV terminal and the Issuer Server (when conducted online). Module can process a transaction one step at a time in step-by-step mode or to certain break-point.

The BP-Tools set consist from applications supporting EFT testing, benchmarking and transaction service development. BP-Tools suite currently consists of following three components: - BP-CCALC: Cryptographic Calculator - BP-CardEdit: Thales P3 Input/Output file editor - BP-EMVT: EMV Tool - BP-HCMD: Thales HSM Commander

A simple and incredibly powerful tool for scripting and fuzzing arbitrary network protocols written using the Chicken Scheme-to-C compiler.

LeakTrack provides memory leak tracking and out-of-range access checks for acquired memory blocks for you C/C++ applications on each platform.

Randomized packet generation for source mac, source ip spoofing. Any byte in a packet can be spoofed one by one packet generation. And provide a DDoS testing framework.

Portscan is a simple TCP port scanner (connect scan, similar to nmap -sC). It is implemented with threads for better speed. Please see the code and review it. Criticism is more than welcome. Helps needed to make it robust.

THE STP CODE HAS MOVED TO GITHUB. THE CODE HERE IS STALE. PLEASE CHECKOUT THE FOLLOWING WEBSITE: http://stp.github.io/

SafeBox is intended to be a next-generation debugger/profiler/analyzer for programs running in user space. It will include arquitecture simulation to allow advanced features like monitoring or restricting API use. Extensible using plug-ins.

The sandbox libraries (libsandbox & pysandbox) are an open-source suite of software components for C/C++ and Python developers to create automated profiling tools and watchdog programs. The API's are designed for executing and instrumenting simple (single process) tasks, featuring policy-based behavioral auditing, resource quota, and statistics collecting. The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education. See project page at https://github.com/openjudge/sandbox for details.

The VII is intended to be used in firewall/IPS testing and stressing testing by simulate IP/TCP/ARP/... packets. VII is a c script based tool which can send any kinds of customized packets. It support random protocol/port/ip.

A suite of source and binary programs to test the capabilities of code analysis tools. A reference implementation of x86 binary analysis in C# is also included.

Automatic generation of test inputs to catch conversion errors between signed and unsigned integers. Valgrind plug-in that works with the STP decision procedure (downloaded separately). See http://catchconv.pbwiki.com/ for setup instructions.

rjudge is a judge system for the Olympiad in Informatics. It can be also used as a problem test tool in the programming contest and daily practice. It provides many security features to ensure the smooth implement of judgement.