Development The development directory contains software that assists with secure software development, software auditing and runtime examination of systems/processes. o Source Code Auditing This directory contains a number of source code auditing tools for Unix, including RATS (Rough Auditing Tool for Security), its4, splint and pscan. # flawfinder flawfinder is a simple Python program for scanning source code for security problems. # ITS4 ITS4 is a tool that statically scans C and C++ source code for potential security vulnerabilities. It is a command-line tool that works across Unix environments (hopefully) and will also work under Windows. ITS4 scans code, looking for function calls that are potentially dangerous. For some calls, ITS4 tries to perform some code analysis to determine how risky the call is. In each case, ITS4 provides a problem report, including a short description of the potential problem and suggestions on how to fix the code. # pscan 'pscan' is a program which attempts to scan C source files for common function abuses, which often lead to buffer overflows. See the included file 'test.c' for examples of good, and bad programming practice. # RATS RATS, the Rough Auditing Tool for Security, is a security auditing utility for C, C++, Python, Perl and PHP code. RATS scans source code, finding potentially dangerous function calls. The goal of this project is not to definitively find bugs. The current goal is to provide a reasonable starting point for performing manual security audits. RATS is released under version 2 of the GNU Public License (GPL). # splint Splint is a tool for statically checking C programs for security vulnerabilities and coding mistakes. With minimal effort, Splint can be used as a better lint. If additional effort is invested adding annotations to programs, Splint can perform stronger checking than can be done by any standard lint. o Binary Editors This directory contains a number of binary and hex editors including biew, bed and hexcurse. # biew BIEW is a free, portable, advanced file viewer with built-in editor for binary, hexadecimal and disassembler modes. It contains a highlight PentiumIV/K7-Athlon/Cyrix-M2 disassembler, full preview of MZ, NE, PE, LE, LX, DOS.SYS, NLM, ELF, a.out, arch, coff32, PharLap, rdoff executable formats, a code guider, and lot of other features, making it invaluable for examining binary code. # hexcurse HexCurse is a versatile ncurses-based hex editor written in C that provides the user with many features. It currently supports hex and decimal address output, jumping to specified file locations, searching, ASCII and EBCDIC output, bolded modifications, an undo command, quick keyboard shortcuts, and more. o Development Libraries This directory contains a number of development libraries to intercept certain "dangerous" function calls in software that have been the subject of buffer overflows and string format issues. In addition to (or perhaps as an alternative to) using these libraries, we recommend you consult a guide to secure programming so such problems can be avoided in the first place. # libsafe The libsafe-1.3 library protects a process against the exploitation of buffer overflow vulnerabilities in process stacks. Libsafe-2.0 adds the capability of protecting against format string exploits. Libsafe works with any existing pre-compiled executable and can be used transparently, even on a system-wide basis. # privman Privman is a library that makes it easy for programs to use privilege separation, a technique that prevents the leak or misuse of privilege from applications that must run with some elevated permissions. o Source Control An essential part of the software development process is being able to work with others, manage changes to source code over time and manage releases and updates to the source code as they are required. This directory contains a number of source control tools including cvs (Concurrent Versions System), cvsweb and viewcvs (for viewing CVS trees on the web) and GNU RCS (for revision control). # CVS CVS is the Concurrent Versions System, the dominant open-source network-transparent version control system. CVS is useful for everyone from individual developers to large, distributed teams. # CVSWeb CVSWeb is a browser-based interface for CVS repositories. Browse the file hierarchy by selecting directories (designated with slashes after them, e.g. "www/"). When you click on a file, you can view the revision history for that file. Selecting a revision number downloads that revision of the file. Each revision includes a link to display differences between that revision and the previous one. A form at the bottom of the file revision history page allows you to display differences between arbitrary revisions. # GNU Revision Control System (RCS) The Revision Control System (RCS) manages multiple revisions of files. RCS automates the storing, retrieval, logging, identification, and merging of revisions. RCS is useful for text that is revised frequently, e.g., programs, documentation, graphics, papers, and form letters. # ViewCVS ViewCVS can browse directories, change logs, and specific revisions of files. It can display diffs between versions and show selections of files based on tags or branches. In addition, ViewCVS has "annotation" or "blame" support, Bonsai-like query facilities, template-based page generation, and support for individually configuring virtual hosts. o Other Development Tools This directory contains a number of other development tools, including GNU binutils (for examining files in various ways), strace (which traces syscalls made by an application under examination) and ltrace (which traces dynamic library calls made by an application under examination). # ELFIO ELFIO - ELF (Executable and Linkable Format) reader and producer implemented as a C++ library. # fenris Fenris is a multipurpose tracer, GUI debugger, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics - providing a structural program trace, interactive debugging capabilities, general information about internal constructions, execution path, memory operations, I/O, conditional expressions and much more. # GNU Binutils The GNU Binutils are a collection of binary tools. The main ones are ld the GNU linker and as the GNU assembler. # ltrace ltrace is a debugging tool, similar to strace, but it traces library calls instead of system calls. / HOME # Strace Strace is a system call trace, i.e. a debugging tool which prints out a trace of all the system calls made by a another process/program. The program to be traced need not be recompiled for this, so you can use it on binaries for which you don't have source. # UPX UPX is an advanced executable file compressor. UPX will typically reduce the file size of programs and DLLs by around 50%-70%, thus reducing disk space, network load times, download times and other distribution and storage costs. (Note: This list of software and information available at Wiretapped is not exhaustive. Users are encouraged to browse and search the archive and read any available "-README.txt" files that are available)