AntiPhish and Antiphish IE|
AntiPhish is a Mozilla [Firefox] browser extension that aims to
protect users against spoofed web site-based phishing attacks. To this
end, AntiPhish tracks the sensitive information of a user and
generates warnings whenever the user attempts to give away this
information to a web site that is considered untrusted.
The idea has been also ported to the Internet Explorer.
Anubis: Analyzing Unknown Binaries|
Anubis is TTAnalyze's sucessor. It shares the same code base but has been improved in all aspects. Moreover, we have built a web-interface around it and are providing an online malware analysis service. Submit your Windows executable and receive an analysis report telling you what it does.
Virtual 802.11 Fuzzing|
Virtual 802.11 fuzzing enables to overcome many obstacles by providing a framework to test wireless communication software (typically a device driver) inside a virtual environment (our implementation is based on Qemu).
Fastcookie is a simple Mozilla browser extension that allows to
quickly enable and disable cookies. Whenever cookies are deactivated,
all cookies that are stored on your computer are all automatically
F-SPAN is an utility which tries to extract the names, types,
and sets of possible values for the parameters that are passed
to a web application. F-SPAN analyzes PHP files, since PHP is
arguably the most popular web programming language as of today.
The gained knowledge can then be used during the training phase
of a anomaly-based IDS.
NoForge is a server-side proxy for the dynamic prevention of
cross-site request forgery attacks (also known as XSRF, CSRF,
or Session Riding). In contrast to manual protection techniques,
NoForge is an automatic solution to the problem, and does not
require extensive changes to the source code of the protected
NoMoXSS (no more XSS) is an extension to the Firefox web browser
scripting (XSS) attacks are prevented by blocking the transfer of
sensitive information to third parties.
Noxes is, to the best of our knowledge, the first client-side solution to mitigate cross-site scripting attacks. Noxes acts as a web proxy and uses both manual and automatically generated rules to mitigate possible cross-site scripting attempts. Noxes effectively protects against information leakage from the user's environment.
Pixy is a static analyzer that scans PHP source code for cross-site scripting vulnerabilities. It can be used by Web developers for performing fast and automated security reviews of their applications.
SecuBat is a generic and modular web vulnerability scanner framework that,
similar to a port scanner, automatically analyzes web sites with the aim of
finding exploitable SQL injection and XSS vulnerabilities using a black-box
approach. Through its framework character, SecuBat enables the development
and execution of arbitrary new attack plugins.
TTAnalyze is a tool for analyzing the behavior of Windows
PE-executables with special focus on the analysis of malware. To this
end, the binary executable is run in an emulated environment and its
(security-relevant) actions are monitored. This makes it the ideal
tool for quickly getting an understanding of the purpose of an unknown
TQAna is an offline dynamic analysis tool to classify unknown BHOs (i.e., Internet Explorer plugins) according to their behavior as benign or malicious (i.e., Spyware). The focus on spyware that is implemented as BHOs is justified by the fact that the large majority of spyware has a component based on this technology.