AirSAM is a desktop GUI that compliments the Web based Snort Alert Monitor. AirSAM gives up to date insight into who might be attacking your network. The ultimate goal is to give audio/visual cues right at the time of the attack. AirSAM is an Adobe Air application and should run on Mac OS, Linux, and Windows.
The Subukan Sensor is a complete Network Intrusion Detection System (NIDS) platform. It is not simply an application one can install on an existing operating system. Rather, Subukan is a total software solution including both an operating system and a unique compilation of security tools. It is based on a single file image or firmware that transforms almost any hardware equipment into a fully functional NIDS appliance. Appliance- based technology simplifies administration and provides the capability for remote upgrades.
The sniffy project can trace/log the data of any pseudo terminal in the system. Due to the way the terminal works, such a terminal trace provides complete information of what happened on the terminal screen, and sniffy is able to display/replay this information. It consists of a kernel module able to connect/hook on the pseudo terminal, a program to display the contents of any pseudo terminal on the fly, a daemon process tracing the pseudo terminal content into the file, and a replay program to replay any stored pseudo terminal session.
Zibu is a small tool that allows you to cyclically compare access permissions and checksums of files provided by users, with a database generated at first run (to be exact, generated with --init or --update mode). But its main feature is restoring valid access permissions, and/or executing your commands when checksums are invalid.
The Google Serial Graphics Adapter BIOS, or SGABIOS, provides a means for legacy x86 software to communicate with an attached serial console as if a video card were attached. It is designed to be inserted into a BIOS as an option ROM to provide over a serial port the display and input capabilities normally handled by a VGA adapter and a keyboard, and additionally provide hooks for logging displayed characters for later collection after an operating system boots. It is designed to handle all text mode output sent to the legacy video BIOS int 10h service routine. Int 10h is the most common method for displaying characters in 16-bit legacy x86 code.
Picviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events.