Pangolin is an automatic SQL injection penetration testing (Pen-testing) tool for Website manager or IT Security analyst. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications.

Similar to the the de-ice and pWn-OS pentest cds, holynix is an ubuntu server 8.04.4 vmware image that was deliberatly built to have security holes for the purpose of penetration testing. More of an obstacle course than a real world example.

Compiled Win32 versions of NMap SVN. Windows is the 2nd most popular NMap platform, yet there’s HUGE feature lag. I compile NMap SVN. There may be bugs, but it’s up to date. I’m NOT affiliated with Fyodor/nmap.org in any way.

mySQLenum is a command line automatic blind sql injection tool for web application that uses MySql server as its back-end. Its main goal is to provide an easy to use command line interface.

An advanced authorization system to protect information system represented in the Common Information Model (CIM). It provides support for Role-based Access Control (RBAC), hierarchical RBAC, conditional RBAC, security policies, etc.

Xtables-addons is a package that obsoletes the old patch-o-matic repository for the Linux kernel and iptables. Instead of patching the kernel source, extensions are built as modules and thus allow extending kernels without recompilation.

Thylacine is a security hardening tool for the latest GNU Linux 2.6 distribution. It is entirely written in bash script language. and uses the “think offensive” way, which means, the hardening features are grouped by threat family.

Cia project tries to develop an all-purpose security tool. It’s composed by ctools, the security tool; cfs, the app and cfs-server, a file & key server.