Open Source Linux Software Testing Tools

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based tools-tools the software using the CLI (command line interface) and GUI (graphical user interface) to perform its operations. Now Dracos currently already up to version 3.1.5 with the code name "KUNTILANAK WITH REMASTERED".

VoIPER is a VoIP security testing toolkit incorporating several VoIP fuzzers and auxilliary tools to assist the auditor. It can currently generate over 200,000 SIP tests and H.323/IAX modules are in development. It's also a damn cool project name ;)

Using templated message formats with customisable placeholders, run in configurable sequences that can selectively reuse data between steps, must allows more intelligent testing of syslog receivers with realistic data, as well as longer soak testing and stress testing. must was created to fill a gap found when trying to stress test Splunk as real, indexable and meaningful data was needed. must will (eventually) be provided as a standalone tool that uses XML configs (for quick use and consultancy etc) and as a web-based tool (for more permanent/pretty deployment (with historical reporting and live stats). SUPPORT: The best way of contacting me is via Twitter below, NEWS: (16/Mar/15) A beta of v2 is finally released - apologies for the long delay!

The csvdatamix project aims to randomize CSV input data files in order to conceal the original state of the data. Similar to data masking or data transformation. Also has mapping abilities to translate back to the original state of the data.

SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).

Hyenae NG is an advanced cross-platform network packet generator and the successor of Hyenae. It features full network layer spoofing, pattern based address randomization and flood detection breaking mechanisms. *** Please check out the latest source from my GitHub repository and check the Build informations. https://github.com/r-richter/hyenae-ng/

IdMUnit is an xUnit automated testing framework for Identity Management solutions.

Publish your junit test report in pdf format. Plug and Play integration. Home page: http://junitpdfreport.sourceforge.net/

LeakTrack provides memory leak tracking and out-of-range access checks for acquired memory blocks for you C/C++ applications on each platform.

Syn Flood Attacks SYNFlood with static source port SYNFlood with random source port SYNFlood with static source ip address SYNFlood with random source address SynFlood with fragmented packets ACK Flood Attacks ACK Flood with static source port ACK Flood with random source port ACK Flood with static source ip address ACK Flood with random source address ACK Flood with fragmented packets FIN Flood Attacks FIN Flood with static source port FIN Flood with random source port FIN Flood with static source ip address FIN Flood with random source address FIN Flood with fragmented packets UDP Flood Attacs Static source port udp flood UDP flood with random source port UDP Flood with static source ip address UDP Flood with random source address UDP Flood with fragmented packets ICMP Flood ICMP Flood with all options random(source ip, icmp type, code) HTTP Flood ... More info: http://sf.net/p/netstressng/wiki/Home/

Network Traffic Manipulation Framework

Sanshi is HTTP requests generator. You can use Sanshi as a web application security test tool. It can find vulnerabilities automatically.

The sandbox libraries (libsandbox & pysandbox) are an open-source suite of software components for C/C++ and Python developers to create automated profiling tools and watchdog programs. The API's are designed for executing and instrumenting simple (single process) tasks, featuring policy-based behavioral auditing, resource quota, and statistics collecting. The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education. See project page at https://github.com/openjudge/sandbox for details.

hwk is an easy-to-use application used to attack and discover wireless networks. It's providing various modes such as authentication/deauthentication flood, beacon and probe response fuzzing.