From Collaborative RCE Tool Library

Jump to: navigation, search

Network Tools

Tool name:

Burp Suite

Currently5/5
1
2
3
4
5

Rating: 5.0 (2 votes)

Author:

PortSwigger

Website:

http://www.portswigger.net/suite/

Current version:

1.1

Last updated:

Direct D/L link:

http://portswigger.net/suite/download.html

License type:

Free / Open Source

Description:

Burp Suite is an integrated platform for attacking web applications. It contains all of the Burp tools with numerous interfaces between them designed to facilitate and speed up the process of attacking an application. All tools share the same robust framework for handling HTTP requests, authentication, downstream proxies, logging, alerting and extensibility.

Burp Suite allows you to combine manual and automated techniques to enumerate, analyse, attack and exploit web applications. The various Burp tools work together effectively to share information and allow findings identified within one tool to form the basis of an attack using another.

Key features unique to Burp Suite include:

* Ability to "passively" spider an application in a non-intrusive manner, with all requests originating from the user's browser.
* One-click transfer of interesting requests between tools, e.g. from the Burp Proxy request history, or the Burp Spider results tree.
* Detailed analysis and rendering of requests and responses.
* Extensibility via the IBurpExtender interface, which allows third-party code to extend the functionality of Burp Suite. Data processed by one tool can be used in arbitrary ways to affect the behaviour and results of other tools.
* Centrally configured settings for downstream proxies, web and proxy authentication, and logging.
* Tools can run in a single tabbed window, or be detached in individual windows.
* All tool and suite configuration is optionally persistent across program loads.
* Runs in both Linux and Windows.

New features in version 1.1 include:

* Improved analysis of HTTP requests and responses wherever they appear, with browser-quality HTML and media rendering.
* Burp Sequencer, a new tool for analysing session token randomness.
* Burp Decoder, a new tool for performing manual and intelligent decoding and encoding of application data.
* Burp Comparer, a new utility for performing a visual diff of any two data items.
* Support for custom client and server SSL certificates.
* Ability to follow 3xx redirects in Burp Intruder and Repeater attacks.
* Improved interception and match-and-replace rules in Burp Proxy.
* A "lean mode", for users who prefer less functionality and a smaller resource footprint.

Burp Suite is a Java application, and runs on any platform for which a Java Runtime Environment is available. It requires version 1.5 or later. The JRE can be obtained for free from java.sun.com.

Also listed in:

Web Application Tools, HTTP Proxy Tools, SSL Proxy Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Buster Sandbox Analyzer

Currently5/5
1
2
3
4
5

Rating: 5.0 (1 vote)

Author:

Buster

Website:

http://bsa.isoftware.nl/

Current version:

1.38

Last updated:

July 28, 2011

Direct D/L link:

http://bsa.isoftware.nl/bsa.rar

License type:

Free

Description:

Buster Sandbox Analyzer is a tool that has been designed to analyze the behaviour of sandboxed processes and the changes made to system and then evaluate if they are malware suspicious.

The changes made to system can be of several types: file system changes, registry changes and port changes.

A file system change happens when a file is created, deleted or modified. Depending of what type of file has been created (executable, library, javascript, batch, etc) and where was created (what folder) we will be able to get valuable information.

Registry changes are those changes made to Windows registry. In this case we will be able to get valuable information from the modified value keys and the new created or deleted registry keys.

Port changes are produced when a connection is done outside, to other computers, or a port is opened locally and this port starts listening for incoming connections.

From all these changes we will obtain necessary information to evaluate the "risk" of some of the actions taken by sandboxed applications.

Watching all these operations in an easy and safe manner is possible thanks to Sandboxie (http://sandboxie.com), an excellent tool created by Ronen Tzur.

Even if Buster Sandbox Analyzer´s main goal is to consider if sandboxed processes have a malware behaviour, the tool can be used also to simply obtain a list of changes made to system, so if you install a software you will know exactly what installs and where.

Additionally apart of system changes we can consider other actions as malware suspicious: keyboard logging, end the Windows session, load a driver, start a service, connect to Internet, etc.

All the above operations can be considered as not malicious but if they are performed when it´s not expected, that´s something we must take in consideration. Therefore it´s not only important to consider what actions are performed. It´s also important to consider if it´s reasonable certain actions are performed.

6. Program history

Version 1.38

Released on 28 July 2011:

* Added risk evaluation module
* Added several improvements
* Fixed several bugs

Version 1.37

Released on 17 July 2011

* Improved hiding feature
* Updated BSA.DAT
* Removed evaluation risk feature
* Fixed several bugs
* Added "Version Information" feature

Version 1.36

Released on 24 June 2011

Added support for ssdeep

Improved the support for DLL files

Report informations can be selected individually

Updated BSA.DAT

Fixed several bugs

Version 1.35

Released on 17 June 2011

Added HideDriver again

Added LOG_API version for 64 bit systems

Fixed several bugs

Version 1.34

Released on 25 May 2011

Added a feature to copy/move processed files in automatic mode

Added a feature to export RegHive to .REG format

Updated LOG_API

Removed HideDriver

Fixed a bug

Version 1.33

Released on 21 May 2011

Added a feature to run BSA from command line in automatic mode

Added Exeinfo support

Updated BSA.DAT

Updated LOG_API

Added extra information of dropped files

Fixed a bug

Version 1.32

Released on 09 May 2011

Added a feature to include av identifications from VirusTotal on reports.

Improved “Automated Setup” feature

Version 1.31

Released on 25 April 2011

Improved malware behaviour detections

Updated LOG_API library (normal and verbose)

Added a feature to delete folder contents

Fixed some bugs

Version 1.30

Released on 20 April 2011

Added a feature to automate setups when running in automatic mode

Added a feature to run a custom command after an automatic analysis finishes

BSA will report the creation of hidden folders

Fixed a cosmetic bug

Version 1.29

Released on 09 April 2011

Added a feature to resume automatic mode analysis

Added a feature to close certain window messages when running in automatic mode

Version 1.28

Released on 28 March 2011

Included two versions of LOG_API.DLL: One of them will not show file/registry operations so BSA will run faster

Invalid Win32 PE files will be reported

Added a feature to include Digital Signature information for dropped files

Added a feature to rename automatically processed files to their proper extension

Added a feature to do not process unknown file types

Added a feature that allows to adjust the time limit in minutes or seconds

Added a feature to take screenshots of sandboxed windows when running in automatic mode

When a non PE file is processed the file being processed will appear at report and the application that launched it too

Version 1.27

Released on 15 March 2011

Added an option to remember last position on screen

Added a feature to include file entropy information of Win32 files.

Added a feature to include file type information on new created files.

Version 1.26

Released on 06 March 2011

Added new entry to BSA.DAT

BSA will remember last used Sandbox folder

Improved the method to detect Sandboxie´s presence

Fixed some bugs

Version 1.25

Released on 16 January 2011

Included an utility to load DLL files.

Fixed a bug in Buster Sandbox Analyzer.

Version 1.24

Released on 16 November 2010

Fixed a bug in Buster Sandbox Analyzer.

Version 1.23

Released on 01 June 2010

Fixed a bug in Buster Sandbox Analyzer.

Version 1.22

Released on 30 May 2010

Added automatic malware analysis.

Added digital signature checking.

Removed "Check Ports" feature.

Updated LOG_API library.

Version 1.21

Released on 13th May 2010

Added a time limit for analysis.

Changes in BSA.DAT:

Added [Custom_Folder_Entries] section.

Upated [File_Types_Modified] section to [File_Types_Created_Modified].

Updated Capture-BAT Log Analyzer feature.

Updated malware analysis in Buster Sandbox Analyzer.

Version 1.20

Released on 06th May 2010

Added Capture-BAT Log Analyzer feature.

Fixed bugs in Buster Sandbox Analyzer.

Updated LOG_API library.

Version 1.19

Released on 22th April 2010

Added Pcap Explorer feature.

Improved the packet sniffer.

Updated LOG_API library.

Version 1.18

Released on 24th March 2010

Fixed a problem with memory usage

Version 1.17

Released on 22th March 2010

Improved File Hash and RegHive Explorer features

Fixed bugs in Buster Sandbox Analyzer, File Hash and RegHive Explorer features

Version 1.16

Released on 16th March 2010

Added RegHive Explorer feature

Updated LOG_API library

Version 1.15

Released on 09th March 2010

Added Memory Explorer feature

Updated BSA.DAT

Updated LOG_API library

Updated Buster Sandbox Analyzer

Fixed a bug in Buster Sandbox Analyzer

Version 1.14

Released on 01st March 2010

Added PE Explorer feature

Added File Disassembler feature

Version 1.13

Released on 25th February 2010

Added Process Explorer feature

Fixed bugs in Buster Sandbox Analyzer and LOG_API library

Version 1.12

Released on 13th February 2010

Added File Scanner feature

Version 1.11

Released on 09th February 2010

Added File Hex Editor feature

Version 1.10

Released on 04th February 2010

Added File Hash, File Strings and some other features

Version 1.09

Released on 28th January 2010

Added File Signatures feature

Updated LOG_API library

Version 1.08

Released on 23th January 2010

Added a packet sniffer

Updated BSA.DAT

Updated LOG_API library

Version 1.07

Released on 12th January 2010

Added detection of new malicious activities

Updated BSA.DAT

Updated LOG_API library

Version 1.06

Released on 01th January 2010

Added Sandboxie hidden capabilities

Improved BSA.DAT (thanks to nick s)

Fixed a bug in Buster Sandbox Analyzer

LOG_API library completely rewritten

Version 1.05

Released on 13th December 2009

Added "Assorted suspicious actions"

Fixed several bugs in Buster Sandbox Analyzer

Updated LOG_API library

Version 1.04

Released on 09th December 2009

Added support for network shares

Added a feature to allow wildcards in BSA.DAT

Added a feature to ignore when sandbox folder is not empty

Added a feature to check for updates on start

Updated LOG_API library

Version 1.03

Released on 07th December 2009

Updated BSA.DAT with new registry AutoStart locations

Added a feature to save user settings

Added a feature to include in Report.TXT the hashes of created files

Improved Report.TXT information

Updated LOG_API library

Fixed a few bugs in Buster Sandbox Analyzer

Version 1.02

Released on 04th December 2009

Added MD5, SHA1 and SHA256 hashing

Added custom registry entry checking

Added a feature to check for updates

Fixed a few bugs in Buster Sandbox Analyzer

Fixed a bug in LOG_API library

Version 1.01

Released on 28th November 2009

Added backdoor and keylogger detection capabilities

Added Event and Service creation detection capabilities

Added malware analyzer detection capabilities

Added the option of visualizing report files directly from the tool

Fixed a bug related to the creation of port differences

Version 1.0

Released on 23th November 2009

First official version of Buster Sandbox Analyzer

Also listed in:

File Monitoring Tools, File System Diff Tools, Network Monitoring Tools, Registry Diff Tools, Registry Monitoring Tools, X86 Sandboxes

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Rohitab API Monitor

Currently5/5
1
2
3
4
5

Rating: 5.0 (1 vote)

Author:

Rohitab Batra

Website:

http://www.rohitab.com/apimonitor

Current version:

v2 (Alpha-r9)

Last updated:

December 1, 2011

Direct D/L link:

http://www.rohitab.com/downloads

License type:

Freeware

Description:

API Monitor is a free software that lets you monitor and control API calls made by applications and services. Its a powerful tool for seeing how applications and services work or for tracking down problems that you have in your own applications.

* Supports monitoring of 32-bit and 64-bit applications and services
* API Definitions for over 11,000 API’s from 181 DLL’s and over 14,000 methods from 1100+ COM Interfaces (Shell, Web Browser, DirectShow, DirectSound, DirectX, Direct2D, DirectWrite, Windows Imaging Component, Debugger Engine, MAPI etc)
* Decode and display 2000 different structures and unions, 1000+ Enumerated data types, 800+ flags. Buffers and arrays within structures can also be viewed
* Display input and output buffers
* Call Tree display which shows the hierarchy of API calls
* Decode Parameters and Return Values
* Control the target application by setting breakpoints on API calls
* Memory Editor that lets you view, edit and allocate memory in any process
* Dynamic Call Filtering capabilities which allows you to hide or show API calls based on a certain criteria
* Supports monitoring of COM Interfaces
* Decode error codes and display friendly messages by calling an appropriate error function to retrieve additional information about the error
* Capture and view the call stack for each API call
* Custom DLL Monitoring - Supports creating definitions for any DLL or COM Interface
* Support for filtering calls by threads
* Displays the duration for each API call

Also listed in:

API Monitoring Tools, COM Monitoring Tools, File Monitoring Tools, Memory Dumpers, Memory Patchers, Monitoring Tools, Network Monitoring Tools, Registry Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

TCPView

Currently5/5
1
2
3
4
5

Rating: 5.0 (1 vote)

Author:

Mark Russinovich

Website:

http://www.microsoft.com/technet/sysinternals/Networking/TcpView.mspx

Current version:

2.54

Last updated:

March 17, 2009

Direct D/L link:

http://download.sysinternals.com/Files/TcpView.zip

License type:

Free

Description:

TCPView is a Windows program that will show you detailed listings of all TCP and UDP endpoints on your system, including the local and remote addresses and state of TCP connections. On Windows Server 2008, Vista, NT, 2000 and XP TCPView also reports the name of the process that owns the endpoint. TCPView provides a more informative and conveniently presented subset of the Netstat program that ships with Windows. The TCPView download includes Tcpvcon, a command-line version with the same functionality.

Also listed in:

Network Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

tcpdump

Currently5/5
1
2
3
4
5

Rating: 5.0 (2 votes)

Author:

The Tcpdump team

Website:

http://www.tcpdump.org/

Current version:

4.0.0

Last updated:

July 18, 2009

Direct D/L link:

http://www.tcpdump.org/release/tcpdump-4.0.0.tar.gz

License type:

BSD

Description:

From wikipedia's entry for tcpdump:

tcpdump is a common computer network debugging tool that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. It was originally written by Van Jacobson, Craig Leres and Steven McCanne who were, at the time, working in the Lawrence Berkeley Laboratory Network Research Group.

Distributed under a permissive free software licence, tcpdump is free software.

Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, Mac OS X, HP-UX and AIX among others. In those systems, tcpdump uses the libpcap library to capture packets.

There is also a port of tcpdump for Windows called WinDump; this uses WinPcap, which is a port of libpcap to Windows.

In some Unix-like operating systems, a user must have superuser privileges to use tcpdump because the packet capturing mechanisms on those systems require elevated privileges. However, the -Z option may be used to drop privileges to a specific unprivileged user after capturing has been set up. In other Unix-like operating systems, the packet capturing mechanism can be configured to allow non-privileged users to use it; if that is done, superuser privileges are not required.

The user may optionally apply a BPF-based filter to limit the number of packets seen by tcpdump; this renders the output more usable on networks with a high volume of traffic.

Also listed in:

Network Sniffers

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Wireshark

Currently5/5
1
2
3
4
5

Rating: 5.0 (5 votes)

Author:

Gerald Combs

Website:

http://www.wireshark.org

Current version:

1.2.1

Last updated:

July 20, 2009

Direct D/L link:

http://www.wireshark.org/download/win32/wireshark-win32-1.2.1.exe

License type:

Free / Open Source

Description:

Wireshark (previously Ethereal) is the world's foremost network protocol analyzer, and is the standard in many industries.

It is the continuation of a project that started in 1998. Hundreds of developers around the world have contributed to it, and it is still under active development.

Wireshark has a rich feature set which includes the following:

* Hundreds of protocols are supported, with more being added all the time
* Live capture and offline analysis are supported
* Standard three-pane packet browser
* Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
* Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
* The most powerful display filters in the industry
* Rich VoIP analysis
* Read/write many different capture file formats: tcpdump (libpcap), Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
* Capture files compressed with gzip can be decompressed on the fly
* Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
* Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
* Coloring rules can be applied to the packet list, which eases analysis
* Output can be exported to XML, PostScript®, CSV, or plain text

Also listed in:

Network Sniffers

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

SysAnalyzer

Currently4/5
1
2
3
4
5

Rating: 4.0 (2 votes)

Author:

David Zimmer (iDefense Labs)

Website:

http://labs.idefense.com/software/malcode.php#more_malcode+analysis+pack

Current version:

Last updated:

March 21, 2011

Direct D/L link:

http://labs.idefense.com/software/download/?downloadID=15

License type:

GPL2

Description:

SysAnalyzer is an automated malcode run time analysis application that monitors various aspects of system and process states. SysAnalyzer was designed to enable analysts to quickly build a comprehensive report as to the actions a binary takes on a system. SysAnalyzer can automatically monitor and compare:

* Running Processes
* Open Ports
* Loaded Drivers
* Injected Libraries
* Key Registry Changes
* APIs called by a target process
* File Modifications
* HTTP, IRC, and DNS traffic

SysAnalyzer also comes with a ProcessAnalyzer tool which can perform the following tasks:

* Create a memory dump of target process
* parse memory dump for strings
* parse strings output for exe, reg, and url references
* scan memory dump for known exploit signatures

Full GPL source for SysAnalyzer is included in the installation package.

Also listed in:

API Monitoring Tools, Disk Monitoring Tools, File Monitoring Tools, Install Monitoring Tools, Memory Dumpers, Network Monitoring Tools, Registry Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Echo Mirage

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Dave Armstrong <dave@bindshell.net>

Website:

http://www.bindshell.net/tools/echomirage

Current version:

1.2

Last updated:

December 16, 2006

Direct D/L link:

http://www.bindshell.net/tools/echomirage/EchoMirage-1-2.exe

License type:

Freeware

Description:

Echo Mirage is a generic network proxy. It uses DLL injection and function hooking techniques to redirect network related function calls so that data transmitted and received by local applications can be observed and modified.

Windows encryption and OpenSSL functions are also hooked so that plain text of data being sent and received over an encrypted session is also available.

Traffic can be intercepted in real-time, or manipulated with regular expressions and action scripts.

Also listed in:

API Monitoring Tools, Network Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Fport

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Foundstone, Inc.

Website:

http://www.foundstone.com/us/resources/proddesc/fport.htm

Current version:

2.0

Last updated:

2002

Direct D/L link:

Locally archived copy

License type:

Free

Description:

fport reports all open TCP/IP and UDP ports and maps them to the owning application. This is the same information you would see using the 'netstat -an' command, but it also maps those ports to running processes with the PID, process name and path. Fport can be used to quickly identify unknown open ports and their associated applications.

Usage:

C:\>fport
FPort v2.0 - TCP/IP Process to Port Mapper
Copyright 2000 by Foundstone, Inc.
http://www.foundstone.com

Pid Process Port Proto Path
392 svchost -> 135 TCP C:\WINNT\system32\svchost.exe
8 System -> 139 TCP
8 System -> 445 TCP
508 MSTask -> 1025 TCP C:\WINNT\system32\MSTask.exe
392 svchost -> 135 UDP C:\WINNT\system32\svchost.exe
8 System -> 137 UDP
8 System -> 138 UDP
8 System -> 445 UDP
224 lsass -> 500 UDP C:\WINNT\system32\lsass.exe
212 services -> 1026 UDP C:\WINNT\system32\services.exe

The program contains five (5) switches. The switches may be utilized using either a '/'
or a '-' preceding the switch. The switches are;

Usage:
/? usage help
/p sort by port
/a sort by application
/i sort by pid
/ap sort by application path

fport supports Windows NT4, Windows 2000 and Windows XP

Also listed in:

Network Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

LSOF

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Victor A. Abell

Website:

http://people.freebsd.org/~abe/

Current version:

Last updated:

Direct D/L link:

N/A

License type:

Free / Open Source

Description:

The lsof (LiSt Open Files) diagnostic and forensics tool lists information about any files that are open by processes currently running on the system. It can also list communications sockets open by each process.

Also listed in:

File Monitoring Tools, Network Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Malcode Analysis Pack

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

David Zimmer (iDefense Labs)

Website:

http://labs.idefense.com/files/labs/releases/previews/map/

Current version:

Last updated:

November 13, 2006

Direct D/L link:

http://labs.idefense.com/software/download/?downloadID=8

License type:

GPL2

Description:

The Malcode Analyst Pack contains a series of utilities that were found to be necessary tools while doing rapid malcode analysis.

Included in this package are:

• ShellExt - 4 explorer shell extensions
• socketTool - manual TCP Client for probing functionality.
• MailPot - mail server capture pot
• fakeDNS - spoofs dns responses to controlled ip's
• sniff_hit - HTTP, IRC, and DNS sniffer
• sclog - Shellcode research and analysis application
• IDCDumpFix - aids in quick RE of packed applications
• Shellcode2Exe - embeds multiple shellcode formats in exe husk
• GdiProcs - detect hidden processes

Also listed in:

Malware Analysis Tools, Process Monitoring Tools, TCP Proxy Tools, Network Sniffers, Import Editors, Reverse Engineering Frameworks, API Monitoring Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Matasano Port Forwarding Interceptor

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Matasano / s7ephen

Website:

http://github.com/s7ephen/projects/tree/master

Current version:

Last updated:

May 22, 2009

Direct D/L link:

Locally archived copy

License type:

Free / Open Source

Description:

Do you ever find yourself on a reversing or pen-testing project with the need to peek into a TCP stream and modify a little bit of data?

Do you find yourself annoyed, feeling that you’ve hacked together code to do this many times before, but simply can’t find it?

Do you find yourself hobbling together other tools to do what you need? Do you find yourself wishing you had a Burp for raw TCP connections?

No MORE! Using Matasano’s Port Forwarding Interceptor you have the tool you need right at your fingertips!

Also listed in:

TCP Proxy Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Paros Proxy

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Chinotec Technologies Company

Website:

http://www.parosproxy.org

Current version:

3.2.13

Last updated:

August 8, 2006

Direct D/L link:

Locally archived copy

License type:

Free / Open Source

Description:

A Java based HTTP/HTTPS proxy for assessing web application vulnerability. It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

Also listed in:

HTTP Proxy Tools, Web Application Tools, SSL Proxy Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Sandboxie

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Ronen Tzur

Website:

http://www.sandboxie.com

Current version:

3.42

Last updated:

December 1, 2009

Direct D/L link:

N/A

License type:

Shareware

Description:

Sandboxie runs your programs in an isolated space which prevents them from making permanent changes to other programs and data in your computer.

You can also access all the changes that were made during the program execution.

Also listed in:

File Monitoring Tools, File System Diff Tools, Network Monitoring Tools, Registry Diff Tools, Registry Monitoring Tools, X86 Sandboxes

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Tool name:

Stunnel

Currently0/5
1
2
3
4
5

Rating: 0.0 (0 votes)

Author:

Website:

http://www.stunnel.org

Current version:

4.20

Last updated:

November 30, 2006

Direct D/L link:

Locally archived copy

License type:

Free / Open Source

Description:

Stunnel -- Universal SSL Wrapper

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

The Stunnel source code is not a complete product -- you still require a functioning SSL library such as OpenSSL or SSLeay in order to compile stunnel. This means that stunnel can support whatever (and only) that which your SSL library can, without making any changes in the Stunnel code.

The Stunnel source code is available under the GNU General Public License, meaning it is free to use in both commercial and non commercial applications as you see fit, as long as you provide source code (and any modifications) with the software. Your compiled Stunnel binary is 'restricted' by whatever license your chosen SSL library is under, however both OpenSSL and SSLeay are open source and similarly liberal in their licensing.

Also listed in:

SSL Proxy Tools

More details:

Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)

Feed containing all updates and additions for this category.