Most Popular
Yasat v1.70a - Yet Another Stupid Audit Tool
YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut).
WinScanX v1.0 - Windows auditing tool
WinScanX is a state-of-the-art Windows auditing tool designed to help you get your Windows audit done quickly. It’s easy to use and no installation is required.
Lynis version 1.2.9 just released
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
Graudit v1.5 released
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
Lynis v1.2.8 released
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
Lynis v1.2.7 released (updated)
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
Graudit v1.4 released
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
Hyena v8.0 32-bit & 64-bit released
Hyena is a tool for day-to-day administration of Windows NT and Windows XP/2000/2003 systems. Now Windows 7 too.
Hyena brings together all of the administrative tools from Windows NT such as User Manager, Server Manager, and File Manager/Explorer, and many of the MMC components from Windows 2000/2003 into a single, easy-to-use, centralized program. Hyena arranges all system objects, such as users, servers, and groups, in a hierarchical tree for easy and logical system administration.
iWatch v0.2.2 - realtime filesystem monitoring program
iWatch is a realtime filesystem monitoring program. Its purpose is to monitor any changes in a specific directory or file and send email notification immediately after the change.
PDFResurrect v0.9 released
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions.
RATS v2.3 - Rough Auditing Tool for Security
RATS (Rough Auditing Tool for Security), is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions.
Origami v1.0.0-beta1b released
Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents.
Web Security Dojo v0.2 released
An open source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo. For learning and practicing web app security testing techniques. It does
not need a network connection since it contains tools, targets, and
documentation. Thus making it ideal for training classes and conferences.
Lynis updated to version 1.2.7
Lynis is an auditing tool for Unix (specialists). It scans the system and available software, to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes.
Graudit v1.3 released
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
DirSnatch v2.0 - listing directory
This tool allows for export of directory listings of your web root. The essence of the tool is very basic. If you want a nice and neat directory listing in a format ready to request in an automated fashion this is your tool.
OpenSCAP v0.5.4 - released
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities.
DB Audit updated to v4.2.24.8
DB Audit Expert is a professional database auditing solution for Oracle, Sybase, DB2, MySQL and Microsoft SQL Server. DB Audit Expert enables database and system administrators, security administrators, auditors and operators to track and analyze any database activity including database security, access and usage, data creation, change or deletion. What makes DB Audit really unique is its built-in support for multiple auditing methods giving you the flexibility to choose the best fit for your database security requirements.
OpenSCAP Version 0.5.3 released
The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP
Origami v1.0.0-beta1 released
Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. This is NOT a PDF rendering library. It aims at providing a scripting tool to generate and analyze malicious PDF files. As well, it can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents.