UML Tool for Fast UML Diagrams

UMLet is a free, open-source UML tool with a simple user interface: draw UML diagrams fast, produce sequence and activity diagrams from plain text, export diagrams to eps, pdf, jpg, svg, and clipboard, share diagrams using Eclipse, and create new, custom UML elements. UMLet runs stand-alone or as Eclipse plug-in on Windows, OS X and Linux. (Also, check out its sister tool PLOTlet to create chart grids and our other tools.)

via UML Tool for Fast UML Diagrams.

Linux Group Tests

The original objective in starting the compilation was to dispel the FUD that Linux does not have the necessary software to compete with Windows. Over time, the aim of the compilation was to enable Linux users, whatever their level of computing experience, to identify software of all types that is worth exploring. With the huge range of open source software available, there is simply not enough time for users to evaluate every application even within a single category of software.

The compilation is being frequently updated and new articles added on a regular basis.

via Linux Group Tests – Part 1 – Linux Links – The Linux Portal Site.

Grading Essays at College Level

EdX, the nonprofit enterprise founded by Harvard and the Massachusetts Institute of Technology to offer courses on the Internet, has just introduced such a system and will make its automated software available free on the Web to any institution that wants to use it. The software uses artificial intelligence to grade student essays and short written answers, freeing professors for other tasks.

via New Test for Computers – Grading Essays at College Level – NYTimes.com.

Top 8 Tools For Linux / Unix Memory Forensics Analysis

Memfetch

It is a simple utility to dump all memory of a running process, either immediately or when a fault condition is discovered. It is an attractive alternative to the vastly inferior search capabilities of many debuggers and tracers – and a convenient way to grab “screenshots” from many types of text-based interactive utilities. To install memfetch:

## FreeBSD ##
pkg_add -r -v memfetch

## other *nix user download it from the following url ##
wget http://lcamtuf.coredump.cx/soft/memfetch.tgz
tar xvf memfetch.tgz
cd memfetch && make

via Top 8 Tools For Linux / Unix Memory Forensics Analysis.

This looks like a useful tool.  From the README file:

Debuggers like gdb are pretty good for examining small sections
of code or memory, but are pretty much useless for massive  comparison, sophisticated searches and such. It’s good to be able to retrieve full memory image to run it thru grep, strings, your favorite viewer or any other tool. Quite obviously, I developed this code not because it’s extremely difficult to do it on your own, but because it is a valuable shell utility for all kinds of deep hacking activities that simply saves you time.

Memfetch is a convenient screenshot grabber for ssh or screen sessions, by  the way 😉

I chose memfetch from the eight since it seemed the most intuitive and simple.  The downloadable tarball contains a single .c file and a make file.  Unfortunately the installation isn’t as easy as portrayed in the above blurb.  On Fedora 14 I needed to futz with the C_INCLUDE_PATH and add the kernel…/asm-generic into the path.  I also had to symbolic link an asm to asm-generic in the kernel source include directory because the program wanted a asm/path.h file.  Things have changed since 2007 when this program was last updated.  But it works and it may prove useful.   I’m sure Backtrack 5 must have this tool, or tool like this, pre installed.

Sslstrip Tutorial

Description: SSLstrip was released by Moxie to demonstrate the vulnerabilities he spoke about at Blackhat 2009. In this video we will look at how to get started with SSLstrip. We setup 2 vmware machines, one running Widnows XP (victim) and the other Backtrack 3 (Attacker). Before we actually begin hacking using SSLstrip, we need to setup the entire Man in the Middle Mechanism and packet redirection / forwarding mechanism. We do this by using the following commands in sequence:

via Sslstrip Tutorial.

This tool assumes a man in the middle setup and that http traffic (port 80) gets redirected to a port sslstrip listens to on the attacker’s machine (port 10000 in this video).  Sslstrip then intercepts https traffic and returns to the victim http traffic.  The victim thinking his traffic is encrypted is  transmitting in plain text while sslstrip manages the ssl session with the victim’s destination (i.e. bank).  Since this attack is using http the victim does not need to validate an ssl certificate thus it’s transparent.  Detecting this attack is simple because the browser returns http in the displayed url instead of https so an alert victim should know.  But not everyone may notice this.

OpenShot Video Editor

OpenShot Video Editor is a free, open-source video editor for Linux. OpenShot can take your videos, photos, and music files and help you create the film you have always dreamed of. Easily add sub-titles, transitions, and effects, and then export your film to DVD, YouTube, Vimeo, Xbox 360, and many other common formats. Check out the full feature list, view screenshots, or watch videos of OpenShot in action!

via OpenShot Video Editor | About Us.

This installs with the rpm fusion distribution so it was simply `yum install openshot` on Fedora 14.   After running the editor it does seem useful and the GUI is intuitive.   When I have to edit another video I’ll compare it to Avidemux.  It doesn’t run on Windows however.

VoIPmonitor

VoIPmonitor is open source network packet sniffer with commercial frontend for SIP RTP and RTCP VoIP protocols running on linux. VoIPmonitor is designed to analyze quality of VoIP call based on network parameters – delay variation and packet loss according to ITU-T G.107 E-model which predicts quality on MOS scale. Calls with all relevant statistics are saved to MySQL or ODBC database. Optionally each call can be saved to pcap file with either only SIP protocol or SIP/RTP/RTCP/T.38/udptl protocols. VoIPmonitor can also decode speech and play it over the commercial WEB GUI or save it to disk as WAV. Supported codecs are G.711 alaw/ulaw and commercial plugins supports G.722 G.729a G.723 iLBC Speex GSM Silk iSAC. VoIPmonitor is also able to convert T.38 FAX to PDF.

via VoIPmonitor – VoIP monitoring software – quality analyzer – WAV recorder.

Secure shell (SSH) client for the Android platform

ConnectBot is a Secure Shell client for the Android platform. Its ultimate goal is to create a secure connection through which you can use a shell on a remote machine and transfer files back and forth to your phone.

via connectbot – Secure shell (SSH) client for the Android platform – Google Project Hosting.

Putty is also available for Android but it’s nice there are two options for doing this.