State of the Art technology developed by NSA

in #nsa7 years ago (edited)

State of the Art technology developed by NSA (national security agency)
There is contribution from NSA for computer socecity, specially in security domain.
Today i am listing few of the tools developed by NSA. Microsoft is bound to petriotic Act, they have to share everything with NSA but not Linux community. then they developed these tool for linux OS. might be thwy wanna have backdoor access. SElinux one of the tool came preinstalled in Redhat based OS.

SELinux
A mandatory access control mechanism in the Linux kernel that checks for allowed operations after standard discretionary access controls are checked. It can enforce rules on files and processes in a Linux system, and on the actions they perform, based on defined policies. SELinux has been part of the Linux kernel since version 2.6.0.

WALKOFF
An Active Cyber Defense development framework enabling orchestration capabilities to be written once and then deployed across WALKOFF-enabled orchestration tools.

UNFETTER
Provides a mechanism for network defenders, security professionals, and decision makers to quantitatively measure the effectiveness of their security posture

SCAP
Delivers security guidance, baselines, and associated validation mechanisms using the Security Content Automation Protocol (SCAP)

Control Flow Integrity
This project captures research to effectively fix the lack of underlying control flow enforcement that would prevent memory corruption exploitation. This mechanism does not exist today but could be implemented in the future by the IT industry.

LemonGrenade
LemonGrenade was designed as an automation system capable of smartly linking together systems, data sources, or capabilities - or combinations of such - without requiring the end-user manually specify linkages. The driving concept is let the data drive the dataflow; instead of a box-and-line workflow, the data and end-user intent drives a dynamic process without relying on process dependency lists. LemonGrenade offers an alternative to precomputation of graphs, instead building graphs on demand from data sources or processes. Use cases include iterative correlation and recursive file processing.

QGIS D3 Date and Time Heatmap
This plugin creates a D3 circular histogram heatmap using date, time, and custom categories in the data. An optional legend can be included.
The plugin works by counting the number of date/time/category events using two axis and displays the results as a circular heatmap. It allows you to analyze the temporal distribution of data and how much of it exists across time, based on two frequencies.

SIMP Cutomized
The System Integrity Management Platform (SIMP) is an Open Source framework designed around the concept that individuals and organizations should not need to repeat the work of automating the basic components of their operating system infrastructure.

DCP
DCP - Copy and Profile files and directories securily. use cutomized ssl to make it more secure.

SharkPy
A python module to dissect, analyze, and interact with network packet data as native Python objects using Wireshark and libpcap capabilities. sharkPy dissect modules extend and otherwise modify Wireshark's tshark. SharkPy packet injection and pcap file writing modules wrap useful libpcap functionality.

SharkPy finds its origin in NSA's Codebreaker Challenge. SharkPy was written (rather quickly) to support the needs of the network analysis portion of the 2016 Challenge. In particular, we needed to generate hundreds of PCAP variations using a template PCAP as source. Was used to vary data elements at link layer, network layer, transport layer, application layer, and other items such as packet timestamps and ordering (among several other things). SharkPy did its job but the fact that it was put together quickly can be seen in its less than ideal code.

Timely
Timely is a time series database application that provides secure access to time series data. Timely is written in Java and designed to work with Apache Accumulo and Grafana.

Lemongraph
LemonGraph is a log-based transactional graph (nodes/edges/properties) database engine that is backed by a single file. The primary use case is to support streaming seed set expansion. The core of the graph library is written in C, and the Python (2.x) layer adds friendly bindings, a query language, and a REST service. LemonGraph rides on top of (and inherits a lot of awesome from) Symas LMDB - a transactional key/value store that the OpenLDAP project developed to replace BerkeleyDB.

Qonduit
Qonduit is a secure web socket proxy for Apache Accumulo.
Qonduit is a Java server process that uses Netty for a secure web socket transport and Spring for pluggable security modules. Qonduit uses Jackson for serialization and deserialization of CBOR encoded request/response objects. Qonduit discovers custom request and response types and server side logic using the Java Service Loader mechanism. Qonduit differs from the Accumulo Proxy in the following ways:
Qonduit uses secure web sockets to provide an asychronous and secure transport between the client and the Qonduit server.
Qonduit can optionally authenticate users using client supplied credentials and a Spring Security configuration on the Qonduit server.
Qonduit does not provide a strict proxy for the Accumulo client API, it is designed to be extended with pluggable server side logic and custom request and response typesNSA.jpeg

#hacking #security #tools #linux
7 years ago in #nsa by
$0.04
  • Past Payouts $0.04
  • - Author $0.03
  • - Curators $0.01
2 votes
Reply 2
Sort:  
  • Trending
    • [-]
     7 years ago  

    Interesting tools they have and its fishy that its aimed for linux. Thanks for the share

    [-]
     7 years ago  

    Next article we will post about the NSA hacked and the tools they used to hack.