Security Tools

Dell SecureWorks' Security Research Group has developed several security tools that are publicly available. All tools are released under the GNU General Public License (GPL) and are provided "as-is", with no warranty and no support.

AMI Exposed

AMI Exposed is a Ruby framework for testing Amazon Machine Images (AMIs) for common security weaknesses and credential exposures.

Fess

Fess is a Perl-based exploit scanner for email that uses a signature language similar to Snort IDS.

Foregone

Foregone is a forensic file recovery tool written in Perl.

Mumsie

Mumsie is the Malicious URL Monitor and Snort Injection Engine, a program used to log HTTP client request headers when Snort alerts on malicious content from a webserver.

Truman

Truman is a "sandnet", a behavioral analysis system for malware that provides an Internet-like environment to the target, and doesn't depend on virtual machines.

Wind Pill

Wind Pill is a tool that assists in automating the tasks involved in debugging the Windows kernel.

Caffeine Monkey

Caffeine Monkey is a tool that helps researchers discover different ways hackers hide their malicious JavaScript.

Dell SecureWorks Snort Plug-in Pack

The SecureWorks Snort Plug-in Pack is a collection of dynamic preprocessor plug-ins for the Snort intrusion detection and prevention system.

Untorpig

Untorpig is a program for incident responders to decode/decrypt data stolen by the Torpig (Anserin, Sinowal, Mebroot) Trojan in HTTP traffic logs.