The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.

https://packetstormsecurity.com/files/169549/ZAP_2.12.0_Crossplatform.zip

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

https://packetstormsecurity.com/files/169542/gnunet-0.18.0.tar.gz

Wireshark is a GTK±based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

https://packetstormsecurity.com/files/169543/wireshark-4.0.1.tar.xz

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

https://packetstormsecurity.com/files/169532/nfstream-6.5.3.tar.gz

MutableSecurity is a Linux CLI program for making cybersecurity solution management easier and more accessible, from deployment and configuration to monitoring. It supports multiple solutions (teler as web IDS, Fail2ban as host IPS, Let’s Encrypt for generating SSL certificates, and ClamAV as antimalware), password-based and key-based SSH authentication, and parallel deployment to multiple remote hosts.

https://packetstormsecurity.com/files/169483/mutablesecurity-0.4.0.zip

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

https://packetstormsecurity.com/files/169456/falco-0.33.0-x86_64.tar.gz

GnuPG (the GNU Privacy Guard or GPG) is GNU’s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

https://packetstormsecurity.com/files/168747/gnupg-2.3.8.tar.bz2

GnuPG (the GNU Privacy Guard or GPG) is GNU’s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.

https://packetstormsecurity.com/files/168748/gnupg-2.2.40.tar.bz2

Google’s American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google’s afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

https://packetstormsecurity.com/files/168680/AFLplusplus-4.04c.tar.gz

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

https://packetstormsecurity.com/files/168681/openssl-3.0.6.tar.gz

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

https://packetstormsecurity.com/files/168682/openssl-1.1.1r.tar.gz

cryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.

https://packetstormsecurity.com/files/168676/cryptmount-6.1.0.tar.gz

Wireshark is a GTK±based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

https://packetstormsecurity.com/files/168633/wireshark-4.0.0.tar.xz

This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

https://packetstormsecurity.com/files/168603/openssh-9.1p1.tar.gz

testssl.sh is a free command line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

https://packetstormsecurity.com/files/168557/testssl.sh-3.0.8.tar.gz

Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. It is programmed in Python script and it allows us to check the security of a VoIP server using SIP protocol, over UDP, TCP and TLS protocols.

https://packetstormsecurity.com/files/168553/sippts-3.2.tar.gz

This tool packs up to 4KB of compressed shellcode into an executable binary, near-instantly. The output file will always have the same MD5 hash: 3cebbe60d91ce760409bbe513593e401. Currently, only Linux x86-64 is supported. It would be trivial to port this technique to other platforms, although each version would end up with a different MD5.

https://packetstormsecurity.com/files/168548/monomorph-20220929.zip

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It’s capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

https://packetstormsecurity.com/files/168546/suricata-6.0.8.tar.gz

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

https://packetstormsecurity.com/files/168544/nfstream-6.5.2.tar.gz

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It’s capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

https://packetstormsecurity.com/files/168537/suricata-6.0.7.tar.gz