Open Source web security Testing Tools

Watcher

Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as operational configuration issues. Watcher provides pen-testers hot-spot detection for vulnerabilities, developers quick sanity checks, and auditors PCI compliance auditing. It looks for issues related to mashups, user-controlled payloads (potential XSS), cookies, comments, HTTP headers, SSL, Flash, Silverlight, referrer leaks, information disclosure, Unicode, and more.

---

Wapiti

File Handling Errors (Local and remote include/require, fopen, readfile...)Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable. Capable of handling following. Wapiti supports Database Injection, XSS Injection, LDAP Injection, Command Execution detection, CRLF Injection and many others.

---

WebSecurify

Websecurify is an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated as well as manual vulnerability tests and it is constantly improved and fine-tuned by a team of world class web application security penetration testers and the feedback from an active open source community. WebSecurify supports SQL Injection, Local and Remote File Include, Cross Site Scripting/Request Forgery, Information Disclousre Problems, Session Security Problems to name a few among many others.

---

Nikto2

Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

---

Skipfish

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

SQL, PHP, Command, XML/XPath Injection along with String/Integer vulnerabilities, Directory/File intrusions, Script/CSS vulnerabilities, Password/MIME types vulnerabilities, SSL/HTTP/HTML Forms realted vulnerabilities, Failed Website Resource vulnerabilities are very few of the vulnerabilities to mention that Skipfish can address among other host of features.

---

Ettercap

Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. It supports Linux, Mac, Windows, Solairs platforms with easy installation.

---

Flawfinder

Flawfinder searches through C/C++ source code looking for potential security flaws. Flawfinder is designed in Pyton and produces a list of ‘‘hits’’ (potential security flaws), sorted by risk; the riskiest hits are shownfirst. The risk level is shown inside square brackets and varies from 0, very little risk, to 5, great risk. This risk level depends not only on the function, but on the values of the parameters of the function. For example, constant strings are often less risky than fully variable strings in many contexts, and in those contexts the hit will have a lower risk level

---

Honeyd

Honeyd is a small daemon that creates virtual hosts on a network. The hosts can be configured to run arbitrary services, and their personality can be adapted so that they appear to be running certain operating systems. Honeyd enables a single host to claim multiple addresses. Honeyd improves cyber security by providing mechanisms for threat detection and assessment. It also deters adversaries by hiding real systems in the middle of virtual systems.

---

Wireshark

Wireshark, formerly known as Ethereal, is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Wireshark supports Multi-platform and runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others. Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility.

---

BFBTester

BFBTester is good for doing quick, proactive security checks of binary programs. BFBTester will perform checks of single and multiple argument command line overflows and environment variable overflows. It can also watch for tempfile creation activity to alert the user of any programs using unsafe tempfile names.



By

chandru

OPen Source Live Web messenger

Open Web Messenger is an open source live support / chat application.

It enables customers / visitors to chat with an operator & get support (where all the chats are logged).

The application supports unlimited operators, visitors & chats. With a web-based admin interface, operators or admins can:

• Send canned messages
• Track where visitors clicked from
• Search porevious chat conversations
• Reassign/transfer chat to another operator
• Mark/highlight nuisance visitors
• View active chats (admins) & more

When there is no available operator, visitors can leave a message & they can be contacted later.

The look & feel of the chat window can be totally customized with the theme support.

This free live support application requires PHP 5 & MySQL 5 to run

Demo : Click here

Cisco Router & Firewall Audit Tool

Secure Cisco Auditor -
state of the art Next Generation network security auditing software for Cisco firewalls, routers and switches along with different Router audit tools and Network security Software.


Secure Cisco Auditor (SCA) is the most advanced user friendly network security auditing software in its domain. Cisco security audit tools are specially designed for network devices such as the Cisco ASA firewall, PIX firewall, routers and switches, as they are normally placed at the entrance and backbone of a company. If Cisco ASA firewall, PIX firewall, router or switch is compromised then most probably the entire network goes down with it. Security risks associated with Cisco ASA firewall, PIX firewall, routers and switches can be avoided by using this network security auditing software.

Download Link: Audit Tool

Open Source Network Monitoring Tools

OpenNMS

www.opennms.org

Features

• Event Management and Notifications


• Discovery and Provisioning


• Service Monitoring


• Data Collection


• Additional Features

I checked out the demo it looks pretty decent

Hyperic

Hyperic’s web infrastructure monitoring and management software automates and streamlines data center operations. HQ helps you reduce operations workload, increase your company’s IT management maturity level, and drive improvements in availability and infrastructure health.

Hyperic offers two versions of its flagship HQ product:

• Hyperic HQ – Hyperic’s open source offering is licensed under GNU GPL v2.

• HQ Enterprise – Hyperic’s industrial strength enterprise offering has all the capabilities of the open source version, plus advanced automation and control features for managing web applications at scale. HQ Enterprise is available as a free trial for download from Hyperic under a Commercial License. The enterprise trial is limited to 50 managed platforms, and typically expires within 30 to 45 days.

Open Source Web application firewalls

Web application firewalls provide security at the application layer. Essentially, WAF provides all your web applications a secure solution which ensures the data and web applications are safe.



A web application firewall applies a set of rules to HTTP conversation to identify and restrict the attacks of cross site scripting, SQL injections etc. You can also get web application framework and web based commercial tools, for providing security to web applications. Web Application Firewalls allows you to customize the rules by identifying and blocking malicious content. Some of the most popular and widely used open source web application firewalls for web application security are –

ModSecurity (Trustwave SpiderLabs)









ModSecurity is one of the oldest and widely used open source web application firewall which can detect application level threats on internet, and provides security against a range of security issues to web applications. It provides non viral open sources license and it can be integrated to Apache programs. Recently, ModSecurity released the version 2.6.0 which provides features for safe browsing API integration, sensitive data tracking and data modification features.






AQTRONIX WebKnight









AQTRONIX WebKnight is an open source application firewall designed specifically for web servers and IIS, and it is licensed through the GNU – General Public License. It provides the features of buffer overflow, directory traversal, encoding and SQL injection to identify / restrict the attacks.







ESAPI WAF









ESAPI WAF is developed by Aspect Security and it is designed to provide protection at the application layer instead of network layer. It is a Java based WAF which provides complete security from online attacks. Some of the unique features of the solution include outbound filtering features which reduce information leakage. It is configuration driven and not code based, and it enables easy installation by just adding configuration details in the text file.






WebCastellum









WebCastellum is a Java based web application firewall which can protect application against cross site scripting, SQL injections, command injections, parameter manipulation, and it can be integrated easily to a java based application. It is based on new technology and it can use existing code to provide protection.






Binarysec









Binarysec is web application software firewall for Apache, and it protects applications against illegitimate HTTP and blocks suspicious requests as well. It provides protection against cross site scripting, commend injections, parameter tampering, buffer overflow, directory traversal, SQL injection and attack obstruction. It takes not more than 10 minutes to install the software, and its user interface can manage Apache servers and many sites on one machine.






Guardian@JUMPERZ.NET









Guardian@JUMPERZ.NET is an open source application layer firewall for HTTPS / HTTP and it assesses the HTTP / HTTPS traffic to protect the web application from external attacks. Guardian@JUMPERZ.NET immediately disconnects the TCP connection when the application comes in contact with a malicious / unauthorized request.






OpenWAF









Art of defense is a San Francisco based web application security provider which started a project on open source OpenWAF in February 2011. It’s also the first company to provide distributed web application firewall for Apache servers.






Ironbee









Qualys created cloud based open source web application firewall - Ironbee which examines the HTTP instead of the traditional IP packets to evaluate a data. It can even track attacks on cross site scripting code. Ironbee is published through Apache License version 2 and it provides no copyright assignment. It has modular structure and is quite easy to use.






Profense









ZION security offers an open source web application firewall similar to ModSecurity, and is called Profense. The web application firewall provided by Zion is essentially a Layer-7 firewall (which is also called “proxy firewall”) and it inspects the traffic to block content.






Smoothwall









Smoothwall provides strong web security tools to manage emails. The open source web filtering engine of Smoothwall is called DansGuardian. It has flexible user rules and a fully integrated component for web filtering and security. What’s more, it provides authenticated network access and traffic blocking. Smoothwall free firewall has security hardened Linux GNU OS too.

Sophos Anti-Virus

Sophos Anti-Virus

Antivirus protection for Windows and Mac

* Designed for small businesses (less than 100 users)
* Antivirus and anti-spyware in one easy-to-use product
* Protects your company and personal data

Linux Now 20 yrs !!!!

Linux Now 20 yrs !!!!

Twenty years ago this summer, Linus Torvalds made a bold decision to share his operating system with the world. Not long after that, he chose to license it under the General Public License. Nothing in computing has been the same since.

In fact, today Linux is the largest collaborative development project in the history of computing, which means that the 20th Anniversary of Linux is an opportunity for the community to come together in celebration of this great success story and in collaboration on how it will define the next 20 years of Linux.

DNT SAY YOU ARE NOT USING LINUX.. Today there is no one can live without linux ..!!!!

Today Linux is literally everywhere: in your phone, at your ATM, in your TV, on your desktop, at the movies, in your car, and in more places

Where else : Google, Twitter and Facebook .... Android OS

Who is behind this
http://en.wikipedia.org/wiki/Linux_Torvalds
http://en.wikipedia.org/wiki/Richard_Stallman