Open Source Tools
Welcome to RSAC’s Community Open Source Tools information page. As part of our effort to provide as much value to the community as possible, we’ve created this guide to help you more easily find the open source resources and tools presented during Conference so that you can quickly access what you need to get up and running.
This page provides project-specific information for the different tools. Listed in alphabetical order, we’ve highlighted the following for each project:
- Description – a brief textual description of the project
- Project page – a link to the main project page URL
- User documentation – a link to the primary usage documentation for the project
- Community discussion – a link to the forum, mailing list, or community discussion page
- Upcoming sessions – a link to the RSAC session in which the project is to be discussed
7-Zip | |
Description | 7-Zip is a file archiver with a high compression ratio. (source: 7-Zip project page) |
Project Page | https://www.7-zip.org/ |
User Documentation | https://www.7-zip.org/faq.html |
Community Discussion | https://sourceforge.net/p/sevenzip/discussion/45797/ |
Related Sessions | |
Abaddon | |
Description | Red team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities. (source: Abaddon project page) |
Project Page | https://github.com/wavestone-cdt/abaddon |
User Documentation | https://github.com/wavestone-cdt/abaddon |
Related Sessions | |
AES Crypt | |
Description | AES Crypt is a file encryption software available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files. (source: AES Crypt project page) |
Project Page | https://www.aescrypt.com/ |
User Documentation | https://www.aescrypt.com/documentation/ |
Community Discussion | https://forums.packetizer.com/viewforum.php?f=72 |
Related Sessions | |
Anchore | |
Description | Anchore Engine allows developers to perform detailed analysis on container images, generating a software bill of materials. Through seamless integration with CI/CD systems, Anchore Engine can prevent publication of images containing known vulnerabilities. (source: Anchore project page) |
Project Page | https://anchore.com/ |
User Documentation | https://docs.anchore.com/current/docs/engine/engine_installation/ |
Community Discussion | https://info.anchore.com/cs/c/?cta_guid=4f5d4a04-f0b1-43e2-95f5-f620c7798bf9&placement_guid=42e35164-b959-4507-8bc1-7de82d60252e&portal_id=2317501&canon=https%3A%2F%2Fanchore.com%2Fopensource%2F&redirect_url=APefjpEnW6mLKHkUToXql6rUZ7zAiYYZ1FWM_0rG_WtLVR7IMJHBQ2xsdqJs9hWv2A62hjQp7HZZQ-OmNl-bZ8x9AGhQyKc04W3d1KMLQ81B3RyNflLLeyj1iDRt3KiRHnAHpu0CwzficpWa1v2iQ6OuvHAk7YYXYpI1KkywJ1tCWDPKV_K6WZGhg3MLjcMaxF-dqcmRKWieQzRxU49xAFvKoidr-ELmOB9Eq6DrDWyEJZXjpyLPjt8dUuez55f2OXpdn2fedOsy1FvRzg6XBxCxdr6y8yAhu90qKxx_4C0NtY_yhgsAKiQ&click=0d65cf80-1566-46fc-a0e8-d344251d2be5&hsutk=6e41b04dc1322cacf54904afba465292&signature=AAH58kFx-Mv2C13dc-n0FTZh_j-R3GTVJg&utm_referrer=https%3A%2F%2Fanchore.com%2F&__hstc=167043041.6e41b04dc1322cacf54904afba465292.1579120625248.1579120625248.1580763966194.2&__hssc=167043041.3.1580763966194&__hsfp=2444234737&contentType=standard-page |
Related Sessions | |
Atomic Red Team | |
Description | Atomic Red Team allows every security team to test their controls by executing simple "atomic tests" that exercise the same techniques used by adversaries (all mapped to Mitre's ATT&CK). (source: Atomic Red Team project page) |
Project Page | https://github.com/redcanaryco/atomic-red-team |
User Documentation | https://atomicredteam.io/testing |
Community Discussion | https://slack.atomicredteam.io/ |
Related Sessions | |
Autopsy | |
Description | Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. (source: Autopsy project page) |
Project Page | https://www.sleuthkit.org/autopsy/ |
User Documentation | http://sleuthkit.org/autopsy/docs/user-docs/4.14.0/ |
Community Discussion | https://sleuthkit.discourse.group/ |
Related Sessions | |
bblfshd | |
Description | A self-hosted server for source code parsing (source: bblfshd project page) |
Project Page | https://github.com/bblfsh/bblfshd |
Related Sessions | |
Bust-a-Kube | |
Description | Bust-a-Kube is an intentionally-vulnerable Kubernetes cluster, intended to help people self-train on attacking and defending Kubernetes clusters. (source: Bust-a-Kube project page) |
Project Page | https://www.bustakube.com/ |
User Documentation | https://www.bustakube.com/installing |
Related Sessions | |
CAINE (Computer Aided INvestigative Environment) | |
Description | CAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project (source: CAINE project page) |
Project Page | https://www.caine-live.net/ |
User Documentation | https://www.caine-live.net/page8/page8.html |
Related Sessions | |
CALDERA | |
Description | CALDERA is a cyber security framework designed to easily run autonomous breach-and-simulation exercises. It can also be used to run manual red-team engagements or automated incident response. (source: CALDERA project page) |
Project Page | https://github.com/mitre/caldera |
User Documentation | https://caldera.readthedocs.io/en/latest/ |
Related Sessions | |
cfn-nag | |
Description | The cfn-nag tool looks for patterns in CloudFormation templates that may indicate insecure infrastructure. (source: cfn-nag project page) |
Project Page | https://github.com/stelligent/cfn_nag |
User Documentation | https://github.com/stelligent/cfn_nag |
Related Sessions | |
CFRipper | |
Description | Library and CLI tool for analysing CloudFormation templates and check them for security compliance. (source: CFRipper project page) |
Project Page | https://github.com/Skyscanner/cfripper/ |
User Documentation | https://cfripper.readthedocs.io/en/0.14.2/ |
Related Sessions | |
Checkov | |
Description | Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform and detects security and compliance misconfigurations. (source: Checkov project page) |
Project Page | https://github.com/bridgecrewio/checkov |
User Documentation | https://www.checkov.io/ |
Community Discussion | https://www.checkov.io/ |
Related Sessions | |
Chocolatey | |
Description | Chocolatey is an open source project that provides developers and admins alike a better way to manage Windows software. (source: Chocolatey project page) |
Project Page | https://chocolatey.org/ |
User Documentation | https://chocolatey.org/docs |
Related Sessions | |
Cuckoo Sandbox | |
Description | Cuckoo Sandbox is the leading open source automated malware analysis system. (source: Cuckoo Sandbox project page) |
Project Page | https://cuckoosandbox.org/ |
User Documentation | https://cuckoo.sh/docs/ |
Community Discussion | https://cuckoosandbox.org/discussion |
Related Sessions | |
Dependency-Check | |
Description | Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries. (source: Dependency-Check project page) |
Project Page | https://github.com/jeremylong/DependencyCheck |
User Documentation | https://jeremylong.github.io/DependencyCheck/ |
Community Discussion | mailto:dependency-check+subscribe@googlegroups.com |
Related Sessions | |
DetectionLab | |
Description | This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts. (source: DetectionLab project page) |
Project Page | https://github.com/clong/DetectionLab |
User Documentation | https://github.com/clong/DetectionLab |
Related Sessions | |
Enarx | |
Description | Enarx aims to make it simple to deploy workloads to a variety of different TEEs in the cloud, on your premises or elsewhere, and to allow you to have confidence that your application workload is as secure as possible. |
Project Page | https://enarx.io/ |
User Documentation | https://github.com/enarx/enarx/wiki |
Community Discussion | https://gitter.im/enarx/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge |
Related Sessions | |
Gitrob | |
Description | Gitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob will clone repositories belonging to a user or organization down to a configurable depth and iterate through the commit history and flag files that match signatures for potentially sensitive files. The findings will be presented through a web interface for easy browsing and analysis. (source: Gitrob project page) |
Project Page | https://github.com/michenriksen/gitrob |
Related Sessions | |
Infection Monkey | |
Description | The Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that assesses the resiliency of private and public cloud environments to post-breach attacks and lateral movement. (source: Infection Monkey project page) |
Project Page | https://www.guardicore.com/infectionmonkey/ |
User Documentation | https://www.guardicore.com/infectionmonkey/wt/ |
Related Sessions | |
Kali | |
Description | Kali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company. (source: Kali project page) |
Project Page | https://www.kali.org/ |
User Documentation | https://www.kali.org/docs/ |
Community Discussion | https://forums.kali.org/ |
Related Sessions | |
KubiScan | |
Description | A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. (source: KubiScan project page) |
Project Page | https://github.com/cyberark/KubiScan |
User Documentation | https://github.com/cyberark/KubiScan |
Related Sessions | |
Lucet | |
Description | Lucet is a native WebAssembly compiler and runtime. It is designed to safely execute untrusted WebAssembly programs inside your application. (source: Lucet project page) |
Project Page | https://github.com/bytecodealliance/lucet |
User Documentation | https://bytecodealliance.github.io/lucet/ |
Related Sessions | |
Lyft Cartography | |
Description | Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. (source: Cartography project page) |
Project Page | https://github.com/lyft/cartography |
User Documentation | https://github.com/lyft/cartography |
Related Sessions | |
Metasploit Framework | |
Description | Metasploit is a penetration testing platform that enables you to find, exploit, and validate vulnerabilities. (source: Metasploit project page) |
Project Page | https://metasploit.com/ |
User Documentation | https://metasploit.help.rapid7.com/docs/quick-start-guide |
Community Discussion | https://join.slack.com/t/metasploit/shared_invite/enQtOTMxMjg5ODY3NDYxLTYyZTVlNDM1ZTI3ZGQ0YTQ0NmI1YjgxMGEwYzFhOWNiZWQ4NDNmNTE1MWNiYzJhMzgwMGY0ZWY2NTY0MjA2M2I |
Related Sessions | |
Microsoft Attack Surface Analyzer | |
Description | Attack Surface Analyzer takes a snapshot of your system state before and after the installation of other software product(s) and displays changes to a number of key elements of the system attack surface. It also allows developers to view changes in the attack surface resulting from the introduction of their code to assess the aggregate attack surface of an organization's line of business applications or on potential customer systems. (source: Attack Surface Analyzer project page) |
Project Page | https://github.com/microsoft/attacksurfaceanalyzer |
User Documentation | https://www.microsoft.com/en-us/download/details.aspx?id=58105 |
Related Sessions | |
Microsoft MYSTICPY | |
Description | Microsoft Threat Intelligence Python Security Tools. The msticpy package was initially developed to support Jupyter Notebook authoring for Azure Sentinel. Many of the included tools can be used in other security scenarios for threat hunting and threat investigation. There are three main sub-packages that include (1) sectools - Python security tools to help with data enrichment, analysis or investigation. (2)nbtools - Jupyter-specific UI tools such as widgets, plotting and other data display. (3) data - data layer and pre-defined queries for Azure Sentinel, MDATP and other data sources. (source: Microsoft Threat Intelligence Python Security Tools project page) |
Project Page | https://github.com/microsoft/msticpy |
User Documentation | https://msticpy.readthedocs.io/en/latest/ |
Related Sessions | |
mimikatz | |
Description | ...extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. (source: mimikatz project page) |
Project Page | https://github.com/gentilkiwi/mimikatz |
User Documentation | https://github.com/gentilkiwi/mimikatz/wiki |
Related Sessions | |
nmap | |
Description | Nmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. (source: Nmap project page) |
Project Page | https://nmap.org/ |
User Documentation | https://nmap.org/docs.html |
Community Discussion | https://seclists.org/nmap-dev/ |
Related Sessions | |
NPK | |
Description | NPK is a distributed hash-cracking platform built entirely of serverless components in AWS including Cognito, DynamoDB, and S3. It was designed for easy deployment and the intuitive UI brings high-power hash-cracking to everyone. (source: NPK project page) |
Project Page | https://github.com/Coalfire-Research/npk |
User Documentation | https://github.com/Coalfire-Research/npk |
Related Sessions | |
OpenSSH | |
Description | OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options. (source: OpenSSH project page) |
Project Page | https://www.openssh.com/ |
User Documentation | https://www.openssh.com/list.html |
Community Discussion | https://www.openssh.com/list.html |
Related Sessions | |
OpenSSL | |
Description | OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. (source: OpenSSL project page) |
Project Page | https://www.openssl.org/ |
User Documentation | https://www.openssl.org/docs/ |
Community Discussion | https://www.openssl.org/community/ |
Related Sessions | |
OpenVAS | |
Description | OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test. (source: OpenVAS project page) |
Project Page | https://www.openvas.org/ |
User Documentation | https://docs.greenbone.net/ |
Community Discussion | https://community.greenbone.net/ |
Related Sessions | |
Parrot | |
Description | ParrotOS (Parrot Security, ParrotOS) is a free and open source GNU/Linux distribution based on Debian Testing designed for security experts, developers and privacy aware people. It includes a full portable arsenal for IT security and digital forensics operations, but it also includes everything you need to develop your own programs or protect your privacy while surfing the net. The operating system ships with the MATE desktop environment preinstalled and is available in several flavors to fit your needs. (source: ParrotOS project page) |
Project Page | https://parrotlinux.org/ |
User Documentation | https://docs.parrotlinux.org/ |
Community Discussion | https://nest.parrotsec.org/explore/groups |
Related Sessions | |
Peirates | |
Description | Peirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster. (source: Peirates project page) |
Project Page | https://github.com/inguardians/peirates |
User Documentation | https://www.inguardians.com/peirates/ |
Related Sessions | |
RITA | |
Description | RITA is an open source framework for network traffic analysis (source: RITA project page) |
Project Page | https://github.com/activecm/rita |
User Documentation | https://github.com/activecm/rita |
Related Sessions | |
Security Onion | |
Description | Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! (source: Security Onion project page) |
Project Page | https://securityonion.net/ |
User Documentation | https://securityonion.readthedocs.io/en/latest/ |
Community Discussion | https://securityonion.readthedocs.io/en/latest/mailing-lists.html |
Related Sessions | |
SEDATED | |
Description | The SEDATED℠ Project (Sensitive Enterprise Data Analyzer To Eliminate Disclosure) focuses on preventing sensitive data such as user credentials and tokens from being pushed to Git. (source: SEDATED project page) |
Project Page | https://github.com/owasp/SEDATED |
User Documentation | https://github.com/owasp/SEDATED |
Related Sessions | |
SELKS | |
Description | SELKS is a free and open source Debian (with LXDE X-window manager) based IDS/IPS platform released under GPLv3 from Stamus Networks (source: SELKS project page) |
Project Page | https://github.com/StamusNetworks/SELKS |
User Documentation | https://github.com/StamusNetworks/SELKS/wiki/First-time-setup |
Community Discussion | https://groups.google.com/forum/ |
Related Sessions | |
Semantic | |
Description | semantic is a Haskell library and command line tool for parsing, analyzing, and comparing source code. (source: Semantic project page) |
Project Page | https://github.com/github/semantic/ |
User Documentation | https://github.com/github/semantic/blob/master/docs/examples.md |
Related Sessions | |
sgrep | |
Description | sgrep, for syntactical (and occasionnally semantic) grep, is a tool to help find bugs by specifying code patterns using a familiar syntax. The idea is to mix the convenience of grep with the correctness and precision of a compiler frontend. (source: sgrep project page) |
Project Page | https://github.com/returntocorp/sgrep |
User Documentation | https://github.com/returntocorp/sgrep/blob/develop/docs/config.md |
Related Sessions | |
SIFT Workstation | |
Description | The SIFT Workstation is a group of free open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings. It can match any current incident response and forensic tool suite. SIFT demonstrates that advanced incident response capabilities and deep dive digital forensic techniques to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated. (source: SIFT Workstation project page) |
Project Page | https://digital-forensics.sans.org/community/downloads |
User Documentation | https://digital-forensics.sans.org/community/downloads |
Related Sessions | |
The Sleuth Kit | |
Description | The Sleuth Kit® (TSK) is a library and collection of command line tools that allow you to investigate disk images. The core functionality of TSK allows you to analyze volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. (source: The Sleuth Kit project page) |
Project Page | https://www.sleuthkit.org/index.php |
User Documentation | https://www.sleuthkit.org/sleuthkit/docs.php |
Community Discussion | https://sleuthkit.discourse.group/ |
Related Sessions | |
SNIPE-IT | |
Description | Snipe-IT is a Free Open Source (FOSS) project built on Laravel 5.5. Snipe-IT was made for IT asset management, to enable IT departments to track who has which laptop, when it was purchased, which software licenses and accessories are available, and so on. (source: Snipe-IT project page) |
Project Page | https://snipeitapp.com/ |
User Documentation | https://snipe-it.readme.io/docs |
Community Discussion | https://snipe.us2.list-manage.com/subscribe?u=f75c02e78cca38bd704fa0cbd&id=21e8f58291 |
Related Sessions | |
The Social-Engineer Toolkit (SET) | |
Description | The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio. (source: The Social-Engineer Toolkit project page) |
Project Page | https://www.trustedsec.com/tools/the-social-engineer-toolkit-set/ |
User Documentation | https://github.com/trustedsec/social-engineer-toolkit/raw/master/readme/User_Manual.pdf |
Related Sessions | |
Sublist3r | |
Description | Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS. (source: Sublist3r project page) |
Project Page | https://github.com/aboul3la/Sublist3r |
User Documentation | https://github.com/aboul3la/Sublist3r |
Related Sessions | |
Suricata | |
Description | Suricata is a free and open source, mature, fast and robust network threat detection engine. (source: Suricata project page) |
Project Page | https://suricata-ids.org/ |
User Documentation | https://suricata-ids.org/docs/ |
Community Discussion | https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users |
Related Sessions | |
Tails | |
Description | Tails is a live operating system that you can start on almost any computer from a USB stick or a DVD. It aims at preserving your privacy and anonymity, and helps you to (1) use the Internet anonymously and circumvent censorship;(2) all connections to the Internet are forced to go through the Tor network;(3) leave no trace on the computer you are using unless you ask it explicitly; (4) use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging. (source: Tails project page) |
Project Page | https://tails.boum.org/index.en.html |
User Documentation | https://tails.boum.org/doc/index.en.html |
Related Sessions | |
tcpdump | |
Description | A powerful command-line packet analyzer (source: tcpdump project page) |
Project Page | https://www.tcpdump.org/ |
User Documentation | https://www.tcpdump.org/manpages/tcpdump.1.html |
Community Discussion | https://www.tcpdump.org/index.html |
Related Sessions | |
tfsec | |
Description | tfsec uses static analysis of your terraform templates to spot potential security issues. Now with terraform v0.12+ support. (source: tfsec project page) |
Project Page | https://github.com/liamg/tfsec |
User Documentation | https://github.com/liamg/tfsec |
Related Sessions | |
TheHive | |
Description | A scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. |
Project Page | https://thehive-project.org/ |
User Documentation | https://github.com/TheHive-Project/TheHiveDocs |
Community Discussion | https://groups.google.com/a/thehive-project.org/forum |
Related Sessions | |
truffleHog | |
Description | Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. (source: truffleHog project page) |
Project Page | https://github.com/dxa4481/truffleHog |
User Documentation | https://github.com/dxa4481/truffleHog |
Related Sessions | |
Vega | |
Description | Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. (source: Vega project page) |
Project Page | https://subgraph.com/vega/ |
User Documentation | https://subgraph.com/vega/documentation/index.en.html |
Community Discussion | https://groups.google.com/forum/ |
Related Sessions | |
VeraCrypt | |
Description | VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux. Brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. (source: VeraCrypt project page) |
Project Page | https://www.veracrypt.fr/en/Home.html |
User Documentation | https://www.veracrypt.fr/en/Documentation.html |
Community Discussion | https://sourceforge.net/p/veracrypt/discussion/ |
Related Sessions | |
Volatility Framework | |
Description | The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. (source: The Volatility Framework project page) |
Project Page | https://www.volatilityfoundation.org/ |
User Documentation | https://github.com/volatilityfoundation/volatility/wiki |
Community Discussion | https://lists.volatilityfoundation.org/mailman/listinfo/vol-users |
Related Sessions | |
WebSploit | |
Description | WebSploit is an open source project which is used to scan and analysis remote system in order to find various type of vulnerabilites. This tool is very powerful and support multiple vulnerabilities (source: WebSploit project page) |
Project Page | https://sourceforge.net/projects/websploit/ |
User Documentation | https://sourceforge.net/p/websploit/wiki/Home/ |
Community Discussion | https://sourceforge.net/p/websploit/discussion/ |
Related Sessions | |
Wireshark | |
Description | Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. (source: Wireshark project page) |
Project Page | https://www.wireshark.org/ |
User Documentation | https://www.wireshark.org/docs/ |
Community Discussion | https://www.wireshark.org/lists/ |
Related Sessions | |
Zed Attack Proxy (ZAP) | |
Description | Zed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. (source: Zed Attack Proxy project page) |
Project Page | https://www.zaproxy.org/ |
User Documentation | https://www.zaproxy.org/docs/ |
Community Discussion | https://groups.google.com/forum/ |
Related Sessions | |
Zeek | |
Description | Zeek is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Zeek supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with trouble-shooting. (source: Zeek project page) |
Project Page | https://www.zeek.org/ |
User Documentation | https://www.zeek.org/documentation/index.html |
Community Discussion | http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek |
Related Sessions | |