Welcome to RSAC’s Community Open Source Tools information page. As part of our effort to provide as much value to the community as possible, we’ve created this guide to help you more easily find the open source resources and tools presented during Conference so that you can quickly access what you need to get up and running. 

This page provides project-specific information for the different tools. Listed in alphabetical order, we’ve highlighted the following for each project:

  • Description – a brief textual description of the project
  • Project page – a link to the main project page URL
  • User documentation – a link to the primary usage documentation for the project
  • Community discussion – a link to the forum, mailing list, or community discussion page
  • Upcoming sessions – a link to the RSAC session in which the project is to be discussed
Description7-Zip is a file archiver with a high compression ratio. (source: 7-Zip project page)
Project Pagehttps://www.7-zip.org/
User Documentationhttps://www.7-zip.org/faq.html
Community Discussionhttps://sourceforge.net/p/sevenzip/discussion/45797/
Related Sessions
DescriptionRed team operations involve miscellaneous skills, last several months and are politically sensitive; they require a lot of monitoring, consolidating and caution. Wavestone’s red team operations management software, Abaddon, has been designed to make red team operations faster, more repeatable, stealthier, while including value-added tools and bringing numerous reporting capabilities. (source: Abaddon project page)
Project Pagehttps://github.com/wavestone-cdt/abaddon
User Documentationhttps://github.com/wavestone-cdt/abaddon
Related Sessions
AES Crypt
DescriptionAES Crypt is a file encryption software available on several operating systems that uses the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files. (source: AES Crypt project page)
Project Pagehttps://www.aescrypt.com/
User Documentationhttps://www.aescrypt.com/documentation/
Community Discussionhttps://forums.packetizer.com/viewforum.php?f=72
Related Sessions
DescriptionAnchore Engine allows developers to perform detailed analysis on container images, generating a software bill of materials. Through seamless integration with CI/CD systems, Anchore Engine can prevent publication of images containing known vulnerabilities. (source: Anchore project page)
Project Pagehttps://anchore.com/
User Documentationhttps://docs.anchore.com/current/docs/engine/engine_installation/
Community Discussionhttps://info.anchore.com/cs/c/?cta_guid=4f5d4a04-f0b1-43e2-95f5-f620c7798bf9&placement_guid=42e35164-b959-4507-8bc1-7de82d60252e&portal_id=2317501&canon=https%3A%2F%2Fanchore.com%2Fopensource%2F&redirect_url=APefjpEnW6mLKHkUToXql6rUZ7zAiYYZ1FWM_0rG_WtLVR7IMJHBQ2xsdqJs9hWv2A62hjQp7HZZQ-OmNl-bZ8x9AGhQyKc04W3d1KMLQ81B3RyNflLLeyj1iDRt3KiRHnAHpu0CwzficpWa1v2iQ6OuvHAk7YYXYpI1KkywJ1tCWDPKV_K6WZGhg3MLjcMaxF-dqcmRKWieQzRxU49xAFvKoidr-ELmOB9Eq6DrDWyEJZXjpyLPjt8dUuez55f2OXpdn2fedOsy1FvRzg6XBxCxdr6y8yAhu90qKxx_4C0NtY_yhgsAKiQ&click=0d65cf80-1566-46fc-a0e8-d344251d2be5&hsutk=6e41b04dc1322cacf54904afba465292&signature=AAH58kFx-Mv2C13dc-n0FTZh_j-R3GTVJg&utm_referrer=https%3A%2F%2Fanchore.com%2F&__hstc=167043041.6e41b04dc1322cacf54904afba465292.1579120625248.1579120625248.1580763966194.2&__hssc=167043041.3.1580763966194&__hsfp=2444234737&contentType=standard-page
Related Sessions
Atomic Red Team
DescriptionAtomic Red Team allows every security team to test their controls by executing simple "atomic tests" that exercise the same techniques used by adversaries (all mapped to Mitre's ATT&CK). (source: Atomic Red Team project page)
Project Pagehttps://github.com/redcanaryco/atomic-red-team
User Documentationhttps://atomicredteam.io/testing
Community Discussionhttps://slack.atomicredteam.io/
Related Sessions
DescriptionAutopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It is used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card. (source: Autopsy project page)
Project Pagehttps://www.sleuthkit.org/autopsy/
User Documentationhttp://sleuthkit.org/autopsy/docs/user-docs/4.14.0/
Community Discussionhttps://sleuthkit.discourse.group/
Related Sessions
DescriptionA self-hosted server for source code parsing (source: bblfshd project page)
Project Pagehttps://github.com/bblfsh/bblfshd
Related Sessions
DescriptionBust-a-Kube is an intentionally-vulnerable Kubernetes cluster, intended to help people self-train on attacking and defending Kubernetes clusters. (source: Bust-a-Kube project page)
Project Pagehttps://www.bustakube.com/
User Documentationhttps://www.bustakube.com/installing
Related Sessions
CAINE (Computer Aided INvestigative Environment)
DescriptionCAINE (Computer Aided INvestigative Environment) is an Italian GNU/Linux live distribution created as a Digital Forensics project (source: CAINE project page)
Project Pagehttps://www.caine-live.net/
User Documentationhttps://www.caine-live.net/page8/page8.html
Related Sessions
DescriptionCALDERA is a cyber security framework designed to easily run autonomous breach-and-simulation exercises. It can also be used to run manual red-team engagements or automated incident response. (source: CALDERA project page)
Project Pagehttps://github.com/mitre/caldera
User Documentationhttps://caldera.readthedocs.io/en/latest/
Related Sessions
DescriptionThe cfn-nag tool looks for patterns in CloudFormation templates that may indicate insecure infrastructure. (source: cfn-nag project page)
Project Pagehttps://github.com/stelligent/cfn_nag
User Documentationhttps://github.com/stelligent/cfn_nag
Related Sessions
DescriptionLibrary and CLI tool for analysing CloudFormation templates and check them for security compliance. (source: CFRipper project page)
Project Pagehttps://github.com/Skyscanner/cfripper/
User Documentationhttps://cfripper.readthedocs.io/en/0.14.2/
Related Sessions
DescriptionCheckov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform and detects security and compliance misconfigurations. (source: Checkov project page)
Project Pagehttps://github.com/bridgecrewio/checkov
User Documentationhttps://www.checkov.io/
Community Discussionhttps://www.checkov.io/
Related Sessions
DescriptionChocolatey is an open source project that provides developers and admins alike a better way to manage Windows software. (source: Chocolatey project page)
Project Pagehttps://chocolatey.org/
User Documentationhttps://chocolatey.org/docs
Related Sessions
Cuckoo Sandbox
DescriptionCuckoo Sandbox is the leading open source automated malware analysis system. (source: Cuckoo Sandbox project page)
Project Pagehttps://cuckoosandbox.org/
User Documentationhttps://cuckoo.sh/docs/
Community Discussionhttps://cuckoosandbox.org/discussion
Related Sessions
DescriptionDependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a given dependency. If found, it will generate a report linking to the associated CVE entries. (source: Dependency-Check project page)
Project Pagehttps://github.com/jeremylong/DependencyCheck
User Documentationhttps://jeremylong.github.io/DependencyCheck/
Community Discussionmailto:dependency-check+subscribe@googlegroups.com
Related Sessions
DescriptionThis lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and some best practices when it comes to system logging configurations. It can easily be modified to fit most needs or expanded to include additional hosts. (source: DetectionLab project page)
Project Pagehttps://github.com/clong/DetectionLab
User Documentationhttps://github.com/clong/DetectionLab
Related Sessions
DescriptionEnarx aims to make it simple to deploy workloads to a variety of different TEEs in the cloud, on your premises or elsewhere, and to allow you to have confidence that your application workload is as secure as possible.
Project Pagehttps://enarx.io/
User Documentationhttps://github.com/enarx/enarx/wiki
Community Discussionhttps://gitter.im/enarx/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge
Related Sessions
    DescriptionGitrob is a tool to help find potentially sensitive files pushed to public repositories on Github. Gitrob will clone repositories belonging to a user or organization down to a configurable depth and iterate through the commit history and flag files that match signatures for potentially sensitive files. The findings will be presented through a web interface for easy browsing and analysis. (source: Gitrob project page)
    Project Pagehttps://github.com/michenriksen/gitrob
    Related Sessions
    Infection Monkey
    DescriptionThe Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that assesses the resiliency of private and public cloud environments to post-breach attacks and lateral movement. (source: Infection Monkey project page)
    Project Pagehttps://www.guardicore.com/infectionmonkey/
    User Documentationhttps://www.guardicore.com/infectionmonkey/wt/
    Related Sessions
    DescriptionKali Linux is a Debian-based Linux distribution aimed at advanced Penetration Testing and Security Auditing. Kali contains several hundred tools which are geared towards various information security tasks, such as Penetration Testing, Security research, Computer Forensics and Reverse Engineering. Kali Linux is developed, funded and maintained by Offensive Security, a leading information security training company. (source: Kali project page)
    Project Pagehttps://www.kali.org/
    User Documentationhttps://www.kali.org/docs/
    Community Discussionhttps://forums.kali.org/
    Related Sessions
    DescriptionA tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. The tool was published as part of the "Securing Kubernetes Clusters by Eliminating Risky Permissions" research https://www.cyberark.com/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions/. (source: KubiScan project page)
    Project Pagehttps://github.com/cyberark/KubiScan
    User Documentationhttps://github.com/cyberark/KubiScan
    Related Sessions
    DescriptionLucet is a native WebAssembly compiler and runtime. It is designed to safely execute untrusted WebAssembly programs inside your application. (source: Lucet project page)
    Project Pagehttps://github.com/bytecodealliance/lucet
    User Documentationhttps://bytecodealliance.github.io/lucet/
    Related Sessions
    Lyft Cartography
    DescriptionCartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. (source: Cartography project page)
    Project Pagehttps://github.com/lyft/cartography
    User Documentationhttps://github.com/lyft/cartography
    Related Sessions
    Metasploit Framework
    DescriptionMetasploit is a penetration testing platform that enables you to find, exploit, and validate vulnerabilities. (source: Metasploit project page)
    Project Pagehttps://metasploit.com/
    User Documentationhttps://metasploit.help.rapid7.com/docs/quick-start-guide
    Community Discussionhttps://join.slack.com/t/metasploit/shared_invite/enQtOTMxMjg5ODY3NDYxLTYyZTVlNDM1ZTI3ZGQ0YTQ0NmI1YjgxMGEwYzFhOWNiZWQ4NDNmNTE1MWNiYzJhMzgwMGY0ZWY2NTY0MjA2M2I
    Related Sessions
    Microsoft Attack Surface Analyzer
    DescriptionAttack Surface Analyzer takes a snapshot of your system state before and after the installation of other software product(s) and displays changes to a number of key elements of the system attack surface. It also allows developers to view changes in the attack surface resulting from the introduction of their code to assess the aggregate attack surface of an organization's line of business applications or on potential customer systems. (source: Attack Surface Analyzer project page)
    Project Pagehttps://github.com/microsoft/attacksurfaceanalyzer
    User Documentationhttps://www.microsoft.com/en-us/download/details.aspx?id=58105
    Related Sessions
    Microsoft MYSTICPY
    DescriptionMicrosoft Threat Intelligence Python Security Tools. The msticpy package was initially developed to support Jupyter Notebook authoring for Azure Sentinel. Many of the included tools can be used in other security scenarios for threat hunting and threat investigation. There are three main sub-packages that include (1) sectools - Python security tools to help with data enrichment, analysis or investigation. (2)nbtools - Jupyter-specific UI tools such as widgets, plotting and other data display. (3) data - data layer and pre-defined queries for Azure Sentinel, MDATP and other data sources. (source: Microsoft Threat Intelligence Python Security Tools project page)
    Project Pagehttps://github.com/microsoft/msticpy
    User Documentationhttps://msticpy.readthedocs.io/en/latest/
    Related Sessions
    Description...extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. (source: mimikatz project page)
    Project Pagehttps://github.com/gentilkiwi/mimikatz
    User Documentationhttps://github.com/gentilkiwi/mimikatz/wiki
    Related Sessions
    DescriptionNmap ("Network Mapper") is a free and open source utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. (source: Nmap project page)
    Project Pagehttps://nmap.org/
    User Documentationhttps://nmap.org/docs.html
    Community Discussionhttps://seclists.org/nmap-dev/
    Related Sessions
    DescriptionNPK is a distributed hash-cracking platform built entirely of serverless components in AWS including Cognito, DynamoDB, and S3. It was designed for easy deployment and the intuitive UI brings high-power hash-cracking to everyone. (source: NPK project page)
    Project Pagehttps://github.com/Coalfire-Research/npk
    User Documentationhttps://github.com/Coalfire-Research/npk
    Related Sessions
    DescriptionOpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods, and sophisticated configuration options. (source: OpenSSH project page)
    Project Pagehttps://www.openssh.com/
    User Documentationhttps://www.openssh.com/list.html
    Community Discussionhttps://www.openssh.com/list.html
    Related Sessions
    DescriptionOpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library. (source: OpenSSL project page)
    Project Pagehttps://www.openssl.org/
    User Documentationhttps://www.openssl.org/docs/
    Community Discussionhttps://www.openssl.org/community/
    Related Sessions
    DescriptionOpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test. (source: OpenVAS project page)
    Project Pagehttps://www.openvas.org/
    User Documentationhttps://docs.greenbone.net/
    Community Discussionhttps://community.greenbone.net/
    Related Sessions
    DescriptionParrotOS (Parrot Security, ParrotOS) is a free and open source GNU/Linux distribution based on Debian Testing designed for security experts, developers and privacy aware people. It includes a full portable arsenal for IT security and digital forensics operations, but it also includes everything you need to develop your own programs or protect your privacy while surfing the net. The operating system ships with the MATE desktop environment preinstalled and is available in several flavors to fit your needs. (source: ParrotOS project page)
    Project Pagehttps://parrotlinux.org/
    User Documentationhttps://docs.parrotlinux.org/
    Community Discussionhttps://nest.parrotsec.org/explore/groups
    Related Sessions
    DescriptionPeirates, a Kubernetes penetration tool, enables an attacker to escalate privilege and pivot through a Kubernetes cluster. It automates known techniques to steal and collect service accounts, obtain further code execution, and gain control of the cluster. (source: Peirates project page)
    Project Pagehttps://github.com/inguardians/peirates
    User Documentationhttps://www.inguardians.com/peirates/
    Related Sessions
    DescriptionRITA is an open source framework for network traffic analysis (source: RITA project page)
    Project Pagehttps://github.com/activecm/rita
    User Documentationhttps://github.com/activecm/rita
    Related Sessions
    Security Onion
    DescriptionSecurity Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, CyberChef, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! (source: Security Onion project page)
    Project Pagehttps://securityonion.net/
    User Documentationhttps://securityonion.readthedocs.io/en/latest/
    Community Discussionhttps://securityonion.readthedocs.io/en/latest/mailing-lists.html
    Related Sessions
    DescriptionThe SEDATED℠ Project (Sensitive Enterprise Data Analyzer To Eliminate Disclosure) focuses on preventing sensitive data such as user credentials and tokens from being pushed to Git. (source: SEDATED project page)
    Project Pagehttps://github.com/owasp/SEDATED
    User Documentationhttps://github.com/owasp/SEDATED
    Related Sessions
    DescriptionSELKS is a free and open source Debian (with LXDE X-window manager) based IDS/IPS platform released under GPLv3 from Stamus Networks (source: SELKS project page)
    Project Pagehttps://github.com/StamusNetworks/SELKS
    User Documentationhttps://github.com/StamusNetworks/SELKS/wiki/First-time-setup
    Community Discussionhttps://groups.google.com/forum/
    Related Sessions
    Descriptionsemantic is a Haskell library and command line tool for parsing, analyzing, and comparing source code. (source: Semantic project page)
    Project Pagehttps://github.com/github/semantic/
    User Documentationhttps://github.com/github/semantic/blob/master/docs/examples.md
    Related Sessions
    Descriptionsgrep, for syntactical (and occasionnally semantic) grep, is a tool to help find bugs by specifying code patterns using a familiar syntax. The idea is to mix the convenience of grep with the correctness and precision of a compiler frontend. (source: sgrep project page)
    Project Pagehttps://github.com/returntocorp/sgrep
    User Documentationhttps://github.com/returntocorp/sgrep/blob/develop/docs/config.md
    Related Sessions
    SIFT Workstation
    DescriptionThe SIFT Workstation is a group of free open-source incident response and forensic tools designed to perform detailed digital forensic examinations in a variety of settings. It can match any current incident response and forensic tool suite. SIFT demonstrates that advanced incident response capabilities and deep dive digital forensic techniques to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated. (source: SIFT Workstation project page)
    Project Pagehttps://digital-forensics.sans.org/community/downloads
    User Documentationhttps://digital-forensics.sans.org/community/downloads
    Related Sessions
    The Sleuth Kit
    DescriptionThe Sleuth Kit® (TSK) is a library and collection of command line tools that allow you to investigate disk images. The core functionality of TSK allows you to analyze volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence. (source: The Sleuth Kit project page)
    Project Pagehttps://www.sleuthkit.org/index.php
    User Documentationhttps://www.sleuthkit.org/sleuthkit/docs.php
    Community Discussionhttps://sleuthkit.discourse.group/
    Related Sessions
    DescriptionSnipe-IT is a Free Open Source (FOSS) project built on Laravel 5.5. Snipe-IT was made for IT asset management, to enable IT departments to track who has which laptop, when it was purchased, which software licenses and accessories are available, and so on. (source: Snipe-IT project page)
    Project Pagehttps://snipeitapp.com/
    User Documentationhttps://snipe-it.readme.io/docs
    Community Discussionhttps://snipe.us2.list-manage.com/subscribe?u=f75c02e78cca38bd704fa0cbd&id=21e8f58291
    Related Sessions
    The Social-Engineer Toolkit (SET)
    DescriptionThe Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio. (source: The Social-Engineer Toolkit project page)
    Project Pagehttps://www.trustedsec.com/tools/the-social-engineer-toolkit-set/
    User Documentationhttps://github.com/trustedsec/social-engineer-toolkit/raw/master/readme/User_Manual.pdf
    Related Sessions
    DescriptionSublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Sublist3r enumerates subdomains using many search engines such as Google, Yahoo, Bing, Baidu and Ask. Sublist3r also enumerates subdomains using Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS. (source: Sublist3r project page)
    Project Pagehttps://github.com/aboul3la/Sublist3r
    User Documentationhttps://github.com/aboul3la/Sublist3r
    Related Sessions
    DescriptionSuricata is a free and open source, mature, fast and robust network threat detection engine. (source: Suricata project page)
    Project Pagehttps://suricata-ids.org/
    User Documentationhttps://suricata-ids.org/docs/
    Community Discussionhttps://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
    Related Sessions
    DescriptionTails is a live operating system that you can start on almost any computer from a USB stick or a DVD. It aims at preserving your privacy and anonymity, and helps you to (1) use the Internet anonymously and circumvent censorship;(2) all connections to the Internet are forced to go through the Tor network;(3) leave no trace on the computer you are using unless you ask it explicitly; (4) use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging. (source: Tails project page)
    Project Pagehttps://tails.boum.org/index.en.html
    User Documentationhttps://tails.boum.org/doc/index.en.html
    Related Sessions
    DescriptionA powerful command-line packet analyzer (source: tcpdump project page)
    Project Pagehttps://www.tcpdump.org/
    User Documentationhttps://www.tcpdump.org/manpages/tcpdump.1.html
    Community Discussionhttps://www.tcpdump.org/index.html
    Related Sessions
    Descriptiontfsec uses static analysis of your terraform templates to spot potential security issues. Now with terraform v0.12+ support. (source: tfsec project page)
    Project Pagehttps://github.com/liamg/tfsec
    User Documentationhttps://github.com/liamg/tfsec
    Related Sessions
    DescriptionA scalable, open source and free Security Incident Response Platform, tightly integrated with MISP (Malware Information Sharing Platform), designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly.
    Project Pagehttps://thehive-project.org/
    User Documentationhttps://github.com/TheHive-Project/TheHiveDocs
    Community Discussionhttps://groups.google.com/a/thehive-project.org/forum
    Related Sessions
      DescriptionSearches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accidentally committed. (source: truffleHog project page)
      Project Pagehttps://github.com/dxa4481/truffleHog
      User Documentationhttps://github.com/dxa4481/truffleHog
      Related Sessions
      DescriptionVega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting (XSS), inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. (source: Vega project page)
      Project Pagehttps://subgraph.com/vega/
      User Documentationhttps://subgraph.com/vega/documentation/index.en.html
      Community Discussionhttps://groups.google.com/forum/
      Related Sessions
      DescriptionVeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux. Brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. (source: VeraCrypt project page)
      Project Pagehttps://www.veracrypt.fr/en/Home.html
      User Documentationhttps://www.veracrypt.fr/en/Documentation.html
      Community Discussionhttps://sourceforge.net/p/veracrypt/discussion/
      Related Sessions
      Volatility Framework
      DescriptionThe Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research. (source: The Volatility Framework project page)
      Project Pagehttps://www.volatilityfoundation.org/
      User Documentationhttps://github.com/volatilityfoundation/volatility/wiki
      Community Discussionhttps://lists.volatilityfoundation.org/mailman/listinfo/vol-users
      Related Sessions
      DescriptionWebSploit is an open source project which is used to scan and analysis remote system in order to find various type of vulnerabilites. This tool is very powerful and support multiple vulnerabilities (source: WebSploit project page)
      Project Pagehttps://sourceforge.net/projects/websploit/
      User Documentationhttps://sourceforge.net/p/websploit/wiki/Home/
      Community Discussionhttps://sourceforge.net/p/websploit/discussion/
      Related Sessions
      DescriptionWireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. (source: Wireshark project page)
      Project Pagehttps://www.wireshark.org/
      User Documentationhttps://www.wireshark.org/docs/
      Community Discussionhttps://www.wireshark.org/lists/
      Related Sessions
      Zed Attack Proxy (ZAP)
      DescriptionZed Attack Proxy (ZAP) is a free, open-source penetration testing tool being maintained under the umbrella of the Open Web Application Security Project (OWASP). ZAP is designed specifically for testing web applications and is both flexible and extensible. (source: Zed Attack Proxy project page)
      Project Pagehttps://www.zaproxy.org/
      User Documentationhttps://www.zaproxy.org/docs/
      Community Discussionhttps://groups.google.com/forum/
      Related Sessions
      DescriptionZeek is a passive, open-source network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link in depth for signs of suspicious activity. More generally, however, Zeek supports a wide range of traffic analysis tasks even outside of the security domain, including performance measurements and helping with trouble-shooting. (source: Zeek project page)
      Project Pagehttps://www.zeek.org/
      User Documentationhttps://www.zeek.org/documentation/index.html
      Community Discussionhttp://mailman.icsi.berkeley.edu/mailman/listinfo/zeek
      Related Sessions