twit88.com

Obfuscar is a basic obfuscator for .NET assemblies. It uses massive overloading to rename metadata in .NET assemblies (including the names of methods, properties, events, fields, types and namespaces) to a minimal set, distinguishable in most cases only by signature.

For example, if a class contains only methods that accept different parameters, they can all be renamed ‘A’. If another method is added to the class that accepts the same parameters as an existing method, it could be named ‘a’.

It makes decompiled code very difficult to follow. The wiki has more details about WhatItDoes.

Babel is an obfuscator for .NET assemblies. Babel is a console based application, if you like you can run Babel from Reflector using the addin made by Jason Haley:

http://www.jasonhaley.com/blog/post/2009/08/18/ReflectorBabel-Addin.aspx

SPIKE
When you need to analyze a new network protocol for buffer overflows or similar weaknesses, the SPIKE is the tool of choice for professionals. While it requires a strong knowledge of C to use, it produces results second to none in the field. SPIKE is available for the Linux platform only.

SPIKE Proxy
Not all web applications are built in the same ways, and hence, many must be analyzed individually. SPIKE Proxy is a professional-grade tool for looking for application-level vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL Injection and cross-site-scripting, but it’s completely open Python infrastructure allows advanced users to customize it for web applications that other tools fall apart on. SPIKE Proxy is available for Linux and Windows.

oSpy is a tool which aids in reverse-engineering software running on the Windows platform.

With the amount of proprietary systems that exist today (synchronization protocols, instant messaging, etc.), the amount of work required to keep up when developing interoperable solutions will quickly become a big burden when limited to traditional techniques. However, when the sniffing is done on the API level it allows a much more fine-grained view of what’s going on. Seeing return-addresses for each recv/send call (for example), can prove useful when you want to look at the processing code at that spot in a debugger or static analysis tool. And if an application uses encrypted communication it’s easy to intercept these calls as well.

oSpy already intercepts one such API, and is the API used by MSN Messenger, Google Talk, etc. for encrypting/decrypting HTTPS data. Another neat feature is when wanting to see how an application behaves when in a firewalled environment. Normally you would have to simulate such an environment by configuring firewalls etc., which not only is time-consuming, but might also cripple the rest of the applications you’ve got running. oSpy solves this problem by a feature called softwalling which allows you to set rules based on the type of function-call, the return-address, local/remote address/port, etc., and lets you choose which error to signal back to the application when the rule matches. This way you can make the application think that for example a connect() timed out, connection was refused, there was no route to host, etc.

Cheops-ng is a Network management tool for mapping and monitoring your network. It has host/network discovery functionality as well as OS detection of hosts. Cheops-ng has the ability to probe hosts to see what services they are running. On some services, cheops-ng is actually able to see what program is running for a service and the version number of that program.

ScanLine is a command-line port scanner for all Windows platforms.
It can perform traditional ICMP "pinging", optional additional ICMP
TimeStamp scanning, can show host response times and number of hops, do
TCP scanning, simple UDP scanning, banner grabbing and hostname resolving.
Scanning is performed in a fast highly parallel fashion without resorting to
using multiple threads. It can handle huge numbers and ranges of IP addresses
without a problem.

strobe is a network/security tool that locates and describes all listening tcp ports on a (remote) host or on many hosts in a bandwidth utilisation maximising, and process resource minimizing manner. strobe approximates a parallel finite state machine internally. In non-linear multi-host mode it attempts to apportion bandwidth and sockets amoung the hosts very efficiently. This can reap appreciable gains in speed for multiple distinct hosts/routes. On a machine with a reasonable number of sockets, strobe is fast enough to port scan entire Internet sub domains. It is even possible to survey an entire small country in a reasonable time from a fast machine on the network backbone, provided the machine in question uses dynamic socket allocation or has had its static socket allocation increased very appreciably (check your kernel options). In this very limited application strobe is said to be faster than ISS2.1 (a high quality commercial security scanner by [email protected] and friends) or PingWare (also commercial). (from rpm description)

Achievo is a flexible web-based resource management tool for business environments. Achievo’s resource management capabilities will enable organisations to support their business processes in a simple, but effective manner.

Project Management – This part includes management of projects, phases, tasks, notes, statistics, planning, members en project templates.

Time Registration – The time-registration part is the part where employees can register time on project/phase/activity combinations.

Scheduler – Achievo’s scheduler enables users to share a schedule with the other users.

20 Languages – Achievo’s core is available in about 20 languages.

KNIME, pronounced [naim], is a modular data exploration platform that enables the user to visually create data flows (often referred to as pipelines), selectively execute some or all analysis steps, and later investigate the results through interactive views on data and models.

KNIME was developed (and will continue to be expanded) by the Chair for Bioinformatics and Information Mining at the University of Konstanz, Germany. The group headed by Michael Berthold also uses KNIME for teaching and research at the University. Quite a number of new data analysis methods developed at the chair are integrated in KNIME. Let us know if you are looking for something in particular, not all of those modules are part of the standard KNIME release just yet…

The KNIME base version already incorporates over 100 processing nodes for data I/O, preprocessing and cleansing, modeling, analysis and data mining as well as various interactive views, such as scatter plots, parallel coordinates and others. It integrates all analysis modules of the well known Weka data mining environment and additional plugins allow R-scripts to be run, offering access to a vast library of statistical routines.

KNIME is based on the Eclipse platform and, through its modular API, easily extensible. When desired, custom nodes and types can be implemented in KNIME within hours thus extending KNIME to comprehend and provide first-tier support for highly domain-specific data. This modularity and extensibility permits KNIME to be employed in commercial production environments as well as teaching and research prototyping settings. If you would like to read a more detailed description of the software, please download the attached White Paper.

KNIME is released under a dual licensing scheme. The open source license (GPL) allows KNIME to be downloaded, distributed, and used freely. See license arrangements for complete details.

Go is a new systems programming language from Google.

The goal of the project, as quoted below

No major systems language has emerged in over a decade, but over that time the computing landscape has changed tremendously. There are several trends:

• Computers are enormously quicker but software development is not faster.
• Dependency management is a big part of software development today but the “header files” of languages in the C tradition are antithetical to clean dependency analysis—and fast compilation.
• There is a growing rebellion against cumbersome type systems like those of Java and C++, pushing people towards dynamically typed languages such as Python and JavaScript.
• Some fundamental concepts such as garbage collection and parallel computation are not well supported by popular systems languages.
• The emergence of multicore computers has generated worry and confusion.

We believe it’s worth trying again with a new language, a concurrent, garbage-collected language with fast compilation. Regarding the points above:

• It is possible to compile a large Go program in a few seconds on a single computer.
• Go provides a model for software construction that makes dependency analysis easy and avoids much of the overhead of C-style include files and libraries.
• Go’s type system has no hierarchy, so no time is spent defining the relationships between types. Also, although Go has static types the language attempts to make types feel lighter weight than in typical OO languages.
• Go is fully garbage-collected and provides fundamental support for concurrent execution and communication.
• By its design, Go proposes an approach for the construction of system software on multicore machines.

PowerCommands is a set of useful extensions for the Visual Studio adding additional functionality to various areas of the IDE. The source code is included and requires the VS SDK for VS 2008 to allow modification of functionality or as a reference to create additional custom PowerCommand extensions.

Enable/Disable PowerCommands in Options dialog
This feature allows you to select which commands to enable in the Visual Studio IDE. Point to the Tools menu, then click Options. Expand the PowerCommands options, then click Commands. Check the commands you would like to enable.
Note: All power commands are initially defaulted Enabled.

Format document on save / Remove and Sort Usings on save
The Format document on save option formats the tabs, spaces, and so on of the document being saved. It is equivalent to pointing to the Edit menu, clicking Advanced, and then clicking Format Document. The Remove and sort usings option removes unused using statements and sorts the remaining using statements in the document being saved.
Note: The Remove and sort usings option is only available for C# documents.
Note: Format document on save and Remove and sort usings both are initially defaulted OFF.

Clear All Panes
This command clears all output panes. It can be executed from the button on the toolbar of the Output window.

Copy Path
This command copies the full path of the currently selected item to the clipboard. It can be executed by right-clicking one of these nodes in the Solution Explorer:
The solution node; A project node; Any project item node; Any folder.

Email CodeSnippet
To email the lines of text you select in the code editor, right-click anywhere in the editor and then click Email CodeSnippet.

Insert Guid Attribute
This command adds a Guid attribute to a selected class. From the code editor, right-click anywhere within the class definition, then click Insert Guid Attribute.

Show All Files
This command shows the hidden files in all projects displayed in the Solution Explorer when the solution node is selected. It enhances the Show All Files button, which normally shows only the hidden files in the selected project node.

Undo Close
This command reopens a closed document , returning the cursor to its last position. To reopen the most recently closed document, point to the Edit menu, then click Undo Close. Alternately, you can use the CtrlShiftZ shortcut.
To reopen any other recently closed document, point to the View menu, click Other Windows, and then click Undo Close Window. The Undo Close window appears, typically next to the Output window. Double-click any document in the list to reopen it.

Collapse Projects
This command collapses a project or projects in the Solution Explorer starting from the root selected node. Collapsing a project can increase the readability of the solution. This command can be executed from three different places: solution, solution folders and project nodes respectively.

Copy Class
This command copies a selected class entire content to the clipboard, renaming the class. This command is normally followed by a Paste Class command, which renames the class to avoid a compilation error. It can be executed from a single project item or a project item with dependent sub items.

Paste Class
This command pastes a class entire content from the clipboard, renaming the class to avoid a compilation error. This command is normally preceded by a Copy Class command. It can be executed from a project or folder node.

Copy References
This command copies a reference or set of references to the clipboard. It can be executed from the references node, a single reference node or set of reference nodes.

Paste References
This command pastes a reference or set of references from the clipboard. It can be executed from different places depending on the type of project. For CSharp projects it can be executed from the references node. For Visual Basic and Website projects it can be executed from the project node.

Copy As Project Reference
This command copies a project as a project reference to the clipboard. It can be executed from a project node.

Edit Project File
This command opens the MSBuild project file for a selected project inside Visual Studio. It combines the existing Unload Project and Edit Project commands.

Open Containing Folder
This command opens a Windows Explorer window pointing to the physical path of a selected item. It can be executed from a project item node

Open Command Prompt
This command opens a Visual Studio command prompt pointing to the physical path of a selected item. It can be executed from four different places: solution, project, folder and project item nodes respectively.

Unload Projects
This command unloads all projects in a solution. This can be useful in MSBuild scenarios when multiple projects are being edited. This command can be executed from the solution node.

Reload Projects
This command reloads all unloaded projects in a solution. It can be executed from the solution node.

Remove and Sort Usings
This command removes and sort using statements for all classes given a project. It is useful, for example, in removing or organizing the using statements generated by a wizard. This command can be executed from a solution node or a single project node.

Extract Constant
This command creates a constant definition statement for a selected text. Extracting a constant effectively names a literal value, which can improve readability. This command can be executed from the code editor by right-clicking selected text.

Clear Recent File List
This command clears the Visual Studio recent file list. The Clear Recent File List command brings up a Clear File dialog which allows any or all recent files to be selected.

Clear Recent Project List
This command clears the Visual Studio recent project list. The Clear Recent Project List command brings up a Clear File dialog which allows any or all recent projects to be selected.

Transform Templates
This command executes a custom tool with associated text templates items. It can be executed from a DSL project node or a DSL folder node.

Close All
This command closes all documents. It can be executed from a document tab.

Here is another Java framework that I am experimenting now..

Play Framework is a Java framework by web developers which makes it easier to build web applications with Java.

The features

Fix the bug and hit reload! Edit your Java files, save, refresh your browser and see the results immediately! No need to compile, deploy or restart the server.

Stateless model Play is a real "Share nothing" system. Ready for REST, it is easily scaled by running multiple instances of the same application on several servers.

Efficient template system A clean template system based on Groovy as an expression language. It provides template inheritence, includes and tags.

Resolve errors quickly When an error occurs, play shows you the source code and the exact line containing the problem. Even in templates.

All you need to create a cool web application Provides integration with Hibernate, OpenID, Memcached… And a plugin system.

Pure Java Code with Java, use any Java library and develop with your preferred IDE. Integrates nicely with eclipse or netbeans.

Really fast Starts fast and runs fast!

dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.

AirFart is a wireless tool created to detect wireless devices, calculate their signal strengths, and present them to the user in an easy-to-understand fashion. It is written in C/C++ with a GTK front end. Airfart supports all wireless network cards supported by the linux-wlan-ng Prism2 driver that provide hardware signal strength information in the "raw signal" format (ssi_type 3). Airfart implements a modular n-tier architecture with the data collection at the bottom tier and a graphical user interface at the top.

WifiScanner is a tool that has been designed to discover wireless node (i.e access point and wireless clients). It is distributed under the GPL License.
It work with CISCO® card and prism card with hostap driver or wlan-ng driver, prism54g, Hermes/Orinoco, Atheros, Centrino, …
An IDS system is integrated to detect anomaly like MAC usurpation.

SiteDigger searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.

• The tool requires Google web services API license key. Browse to http://www.google.com/apis/ and follow the instructions to get the license key.
• Provide the license key at the bottom-right box on the tool.
• Enter the domain / sub-domain information. (.mil, nasa.gov, usc.edu, etc).
• Select search categories using signature tab.
• Hit the search button. Use the export results button to view the results in tabular format.

OllyDbg is a 32-bit assembler level analysing debugger for Microsoft^® Windows^®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Special highlights are:

• Intuitive user interface, no cryptical commands
• Code analysis – traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings
• Directly loads and debugs DLLs
  
• Object file scanning – locates routines from object files and libraries
• Allows for user-defined labels, comments and function descriptions
• Understands debugging information in Borland^® format
• Saves patches between sessions, writes them back to executable file and updates fixups
• Open architecture – many third-party plugins are available
  
• No installation – no trash in registry or system directories

• Debugs multithread applications
• Attaches to running programs
• Configurable disassembler, supports both MASM and IDEAL formats
• MMX, 3DNow! and SSE data types and instructions, including Athlon extensions
• Full UNICODE support
• Dynamically recognizes ASCII and UNICODE strings – also in Delphi format!
• Recognizes complex code constructs, like call to jump to procedure
• Decodes calls to more than 1900 standard API and 400 C functions
• Gives context-sensitive help on API functions from external help file
• Sets conditional, logging, memory and hardware breakpoints
• Traces program execution, logs arguments of known functions
• Shows fixups
• Dynamically traces stack frames
• Searches for imprecise commands and masked binary sequences
• Searches whole allocated memory
• Finds references to constant or address range
• Examines and modifies memory, sets breakpoints and pauses program on-the-fly
• Assembles commands into the shortest binary form
• Starts from the floppy disk

Software from the book Geek House, published by Wiley, written by the authors of PC Toys. Project code is for a bar code inventory, security monitoring, a recipe database, a barbeque controller, and a soil moisture driven sprinkler controller.

The code is available at http://sourceforge.net/projects/geekhouse/

Metasploit provides useful information to people who perform penetration testing, IDS signature development, and exploit research. This project was created to provide information on exploit techniques and to create a useful resource for exploit developers and security professionals. The tools and information on this site are provided for legal security research and testing purposes only. Metasploit is an open source project managed by Rapid7.

The Metasploit Framework is a development platform for creating security tools and exploits. The framework is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

The framework consists of tools, libraries, modules, and user interfaces. The basic function of the framework is a module launcher, allowing the user to configure an exploit module and launch it at a target system. If the exploit succeeds, the payload is executed on the target and the user is provided with a shell to interact with the payload.

Moblin is an open source project focused on building a Linux-based platform optimized for the next generation of mobile devices including Netbooks, Mobile Internet Devices, and In-vehicle infotainment systems.

The Moblin Architecture is designed to support multiple platforms and usage models ranging from Netbooks to Mobile Internet Devices (MID), to various embedded usage models, such as the In Vehicle Infotainment systems. The central piece of the architecture is the common layer we call "Moblin Core", a hardware and usage model independent layer that provides one uniform way to develop such devices. Underneath the Moblin Core sits the Linux kernel and device drivers specific to the hardware platform, and above the Moblin Core are the specific user interface and user interaction model for the target device.

Acceleo is a code generator transforming models into code (MDA approach).

Acceleo is easy to use. It provides "off the shelf" generators (JEE, .Net, Php…) and template editors for Eclipse.

Acceleo is natively integrated with eclipse. It is completely merged with its interface for better efficiency and user experience.

Acceleo provides many features for template editing

• syntax highligthing
• meta-model and scripts based completion
• real time error detection
• real time preview

Acceleo is based on the main industry standards to guarantee high level compatibility, interoperability and durability.

Acceleo is especially compatible with XMI 1.x and XMI 2, ensuring compatiblity with the main UML modelers on the market (RSM, Together, Poseidon, …).

Datasoul  is an open source presentation software to display lyrics and text in churches services.

Datasoul keeps lyrics and display format independently. This means that when you want to change the font format or the background image, you don’t need to change tons of files. Take a look on how easy it is in Datasoul.

Beside the lyrics, Datasoul can also hold the chords for the songs. In this way, once you have selected the songs to next service you can easily retrieve the chords for that songs to print or send to the musicians.

In most churches, usually you need to display some announcements during the services. It’s a baby crying on the nursery or a car wrongly parked, something always happen. Know how Datasoul handles this situations.

Several churches use video cameras to record or transmit live images form the service. Datasoul can integrate in these systems and provide an effective solution for displaying lyrics.

Do you have all your songs in EasyWorship? There is an import tool available that converts it into Datasoul format. Once imported, you can also take your database to another operational system such as Linux or MacOS.