Software Map

Tcl provides a portable scripting environment for Unix, Windows, and Macintosh that supports string processing and pattern matching, native file system access, shell-like control over other programs, TCP/IP networking, timers, and event-driven I/O. Tcl has traditional programming constructs like variables, loops, procedures, namespaces, error handling, script packages, and dynamic loading of DLLs. Tk provides portable GUIs on UNIX, Windows, and Macintosh. A powerful widget set and the concise scripting interface to Tk make it a breeze to develop sophisticated user interfaces.

Tcpreplay is a set of Unix tools which allows the editing and replaying of captured network traffic in pcap (tcpdump) format. It can be used to test a variety of passive and inline network devices, including IPS's, UTM's, routers, firewalls, and NIDS.

RESTClient is a Java Swing application to test RESTful Web services.

Linux Test Project is a joint project started by SGI, OSDL, and Bull developed and maintained by IBM, Cisco, Fujitsu, SUSE, Red Hat, Oracle, and others. The project goal is to deliver tests that validate the reliability, robustness, and stability of Linux. Currently it contains more than 1000 syscall test cases, I/O and AIO stress test cases, a few Linux kernel device drivers, a well maintained fork of the Open POSIX Testsuite, a real-time test suite, and more.

OWASP Zed Attack Proxy (ZAP) is an easy-to-use integrated penetration testing tool for finding vulnerabilities in Web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen tester's toolbox. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

Tsung is a distributed load testing tool. It is protocol-independent and can currently be used to stress HTTP, WebDAV, PostgreSQL, MySQL, LDAP, AMQP, and XMPP/Jabber servers. It simulates user behavior using an XML description file, reports many measurements in real time (statistics can be customized with transactions, and graphics generated using gnuplot). For HTTP, it supports 1.0 and 1.1, has a proxy mode to record sessions, supports GET, POST, PUT, and DELETE methods, cookies, and basic/digest authentication. It also has support for SSL, WebSocket, and BOSH.

Valgrind is a tool that helps you find memory management problems in programs. When a program is run under Valgrind's supervision, all reads and writes of memory are checked, and calls to malloc/new/free/delete are intercepted. As a result, Valgrind can detect problems such as use of uninitialized memory, reading/writing of memory after it has been freed, reading/writing off the end of malloced blocks, reading/writing inappropriate areas on the stack, memory leaks in which pointers to malloced blocks are lost forever, passing of uninitialized and/or unaddressable memory to system calls, and mismatched use of malloc/new/new [] vs. free/delete/delete [].

Electric Fence (efence) stops your program on the exact instruction that overruns (or underruns) a malloc() memory buffer. GDB will then display the source-code line that causes the bug. It works by using the virtual-memory hardware to create a red-zone at the border of each buffer - touch that, and your program stops. Catch all of those formerly impossible-to-catch overrun bugs that have been bothering you for years.

PushToTest TestMaker is a distributed test automation platform for application performance management and monitoring. It repurposes tests written in Selenium, soapUI, TestGen4Web, and Mozmill, and unit tests in Java, .NET, Jython, Groovy, PHP, Ruby, and Perl into functional tests, load and performance tests, and business service monitors. TestMaker is ideal for Web applications, Service Oriented Architecture (SOA) applications, Rich Internet Application (RIA using Ajax, Flex, Flash) and Business Process Management (BPM) applications.

Aegis is a transaction-based software configuration management system. It provides a framework within which a team of developers may work on many changes to a program independently, and Aegis coordinates integrating these changes back into the master source of the program, with as little disruption as possible. Aegis supports geographically distributed development.

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do about the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

CMake is a cross-platform, open-source build system. It is used to control the software compilation process using simple platform and compiler independent configuration files. It generates native makefiles and workspaces that can be used in the compiler environment of your choice. CMake is quite sophisticated: it is possible to support complex environments requiring system configuration, pre-processor generation, and code generation.