Open Source Perl Security Software for Solaris

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.

Introduction Sudoscriptd/sudoshell are a pair of Perl scripts that provide an audited shell using sudo(8) and script(1).

sudosh is a sudo shell, filter and can be used as a login shell. Sudosh records all keystrokes and output and can play back the session as just like a VCR.

Alist is a program that collects hardware and software information about systems and stores it in a database for users to browse and search via a Web interface. The program consists of three parts: a client portion that collects the information, a daemon

Advisory Check is a tool for monitoring the security of installed software. It gathers security advisories using RSS/RDF/XML feeds, compares them against a list of known software, and alerts you if you're vulnerable. Let advchk read advisories for you!

Automaton: An Automated Forensic Auditing, Security & Control Framework

Chaosreader is a freeware tool to fetch application data from snoop or tcpdump logs. Supported protocols include TCP, UDP, IPv4, IPv6, ICMP, telnet, FTP, HTTP, SMTP, IRC, X11, VNC, ...

DEEEP is a open source static analysis tool to detect, in C programs, integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. It uses the tools Lint and Splint, and runs over Open Solaris and Linux operating systems. This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis. Type checking is used for finding bugs on the way integers are handled, and data-flow analysis is used to see if hazardous functions (eg. memcpy, strcpy) are accessible from outside the program. After this two analyses, the tool correlates the results from the previous phases to attain if the data that comes from the inputs are affected by vulnerabilities from porting to LP64, and if these are handled by dangerous functions (memcpy, strcpy,...). In resume, identify if the found bugs

EyeLog is a flexible and extensible log analyzer for any type of log file. It allows one to define custom regular expressions (perl-style) for pattern matching and custom printf formats for reporting. The goal is to provide a universal log analysis tool.

GridAuth is a user credential management system for distributed data and computational grids. GridAuth is configurable and extensible to just about any system requiring credential management, advanced authorization and secure authentication.

PHP, Perl and MySql based web interface for the Nessus security scanner and Nmap port scanner. The system presents scan results via a Email notification, a HTML interface, or exported to a PDF file.

Designed to use what is known about users via the /etc/passwd file on unix/linux systems to generate a dynamic dictionary or csv file of more accurate guesses as to what their possible password may be, to look for bad password protection practices.

Pace-IDS is an Intrusion Detection system designed to replace Tripwire, in that it is faster, and more effective of detecting trojan activity, and is easier to configure. All you have to do usually is simply change one variable to your email address.

GNU Firewalling tools. Formerly known on Freshmeat as ipchains-firewall.

The Saint Jude Project is a Project to develop Kernel-Level IDS mechinisms to protect the integrity of host systems.

The Solitox Community system provides an integrated real-time chat service, web interface, and a scalable infrastructure for adding more services with common credentials. These interfaces allow a greater level of communication for your users.

The UnifiedSessionsManager supports the integrated management of user sessions within Private-Clouds, comprising heterogeneous IT landscapes of various physical and virtual machines, hypervisor management, and virtual user sessions with remote desktops. Extracted documents see https://sourceforge.net/projects/ctys-doc.

UPDATE: As of Fri. April 10th, 2009, UserTracking 2 will be hosted on sourceforge again. It's previous hosting site, http://uitwisselplatform.nl, an initiative from the Dutch Government, has been terminated due to lack of resources to maintain the site.

Set of tools and libs for managing structured data in a very flexible way: Imp./Exp. ASCII, XML, SQL, PS, Tex/LaTex, RTF GUI: X-Windows, MS-Windows Interface to C++, DBs, Perl, PHP, Java, TCP/IP LISP-like interpreter written in C++ using C-LIB

An essential utility, passgen was written in response to the lack of a useful password generator, which should be standard issue for any multi-user machine. passgen generates passwords which comply to security stds recommended by CERT, NIST and others.

sfick (pronounced as "s-fick") is a two part software system whose function is to assist system administrators with the process of verifying the integrity of critical files. Given a system compromise, system administrators must be able to verify the integ

This tool will allow obfuscation of UNIX scripts listing an interpreter as the first line. It is most useful for distributing functionality in a commercial product or a high user volume environment where you wish to hide proprietary information.

Single-honeypot is a powerfull tool, for security interest about the estudies of techniques of breaking systems. This is, a singular or little honeypot for test your networks for hostiles visitors. This made in perl script. Simulate different servi