Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It’s capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

https://packetstormsecurity.com/files/166814/suricata-6.0.5.tar.gz

X0R Cryptor with DEC/N0T/R0R encoder plus random byte insertion.

https://packetstormsecurity.com/files/166760/xdnr.c

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on.

https://packetstormsecurity.com/files/166747/aiengine-2.1.0.tar.gz

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

https://packetstormsecurity.com/files/166689/haveged-1.9.18.tar.gz

This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

https://packetstormsecurity.com/files/166646/openssh-9.0p1.tar.gz

Wireshark is a GTK±based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

https://packetstormsecurity.com/files/166445/wireshark-3.6.3.tar.xz

Adversary3 is a tool to navigate the vast www.malvuln.com malware vulnerability dataset.

https://packetstormsecurity.com/files/166384/Adversary3-main.zip

nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.

https://packetstormsecurity.com/files/166345/nfstream-6.4.3.tar.gz

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide. The 3.x series is the current major version of OpenSSL.

https://packetstormsecurity.com/files/166342/openssl-3.0.2.tar.gz

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

https://packetstormsecurity.com/files/166341/openssl-1.1.1n.tar.gz

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

https://packetstormsecurity.com/files/166257/falco-0.31.1.tar.gz

UFONet abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

https://packetstormsecurity.com/files/166238/ufonet-v1.8.tar.gz

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

https://packetstormsecurity.com/files/166233/samhain-4.4.7.tar.gz

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It’s comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

https://packetstormsecurity.com/files/166190/graudit-3.4.tar.gz

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

https://packetstormsecurity.com/files/166140/packetfence-11.2.0.tar.gz

This is a Linux/portable port of OpenBSD’s excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen’s SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

https://packetstormsecurity.com/files/166127/openssh-8.9p1.tar.gz

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

https://packetstormsecurity.com/files/166098/i2psource_1.7.0.tar.bz2

OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images).

https://packetstormsecurity.com/files/166083/openstego-0.8.4.zip

testssl.sh is a free command line tool which checks a server’s service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.

https://packetstormsecurity.com/files/166082/testssl.sh-3.0.7.tar.gz

Collabfiltrator is a tool to exfiltrate blind remote code execution output over DNS via Burp Collaborator.

https://packetstormsecurity.com/files/166062/Collabfiltrator-2.1.zip