This page lists open source software released by the Information Assurance mission at NSA and also hosts the code.gov code inventory file. See the NSA github.io web site and the NSA Technology Transfer Program web site for more information about open source software released by NSA.

AppLocker Guidance

Configuration guidance for implementing application whitelisting with AppLocker.

• Source: https://github.com/iadgov/AppLocker-Guidance

Atomic Watch

Intel Atom C2000 series discovery tool that parses log files and returns results if a positive match is found

• Source: https://github.com/iadgov/AtomicWatch

Certificate Authority Situational Awareness (CASA)

Identifies unexpected and prohibited certificate authority certificates on Windows systems.

• Source: https://github.com/iadgov/Certificate-Authority-Situational-Awareness
• Website: https://splunkbase.splunk.com/app/3113

Control Flow Integrity

A proposed hardware-based method for stopping known memory corruption exploitation techniques.

• Source: https://github.com/iadgov/Control-Flow-Integrity
• Website: http://landhere.galois.com

Event Forwarding Guidance

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding.

• Source: https://github.com/iadgov/Event-Forwarding-Guidance

goSecure

An easy to use and portable Virtual Private Network (VPN) system built with Linux and a Raspberry Pi.

• Source: https://github.com/iadgov/goSecure
• Website: https://iadgov.github.io/goSecure

GRASSMARLIN

Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments.

• Source: https://github.com/iadgov/GRASSMARLIN

Java PathFinder Mango (JPF-Mango)

A static code analysis tool, part of the NASA Ames Java PathFinder project, that uses formal methods to verify executable Java bytecode.

• Source: https://babelfish.arc.nasa.gov/hg/jpf/jpf-mango
• Website: https://babelfish.arc.nasa.gov/trac/jpf/wiki/projects/jpf-mango

LOCKLEVEL

A prototype that demonstrates a method for scoring how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies.

• Source: https://github.com/iadgov/LOCKLEVEL

MAPLESYRUP

Assesses CPU security of embedded devices.

• Source: https://github.com/iadgov/Maplesyrup

netfil

A kernel network manager with monitoring and limiting capabilities for macOS.

• Source: https://github.com/iadgov/netfil

netman

A userland network manager with monitoring and limiting capabilities for macOS.

• Source: https://github.com/iadgov/netman

OpenAttestation

Verifies system integrity by establishing a baseline measurement of a system's Trusted Platform Module (TPM) and monitors for changes in that measurement. OpenAttestion was originally based on NSA's National Information Assurance Research Laboratory (NIARL) Host Integrity at Startup (HIS) software.

• Source: https://github.com/OpenAttestation/OpenAttestation
• Website: https://01.org/openattestation

Pass-the-Hash Guidance

Configuration guidance for implementing Pass-the-Hash mitigations.

• Source: https://github.com/iadgov/Pass-the-Hash-Guidance

Splunk Assessment of Mitigation Implementations (SAMI)

Automatically scores how well Windows systems have implemented some of the top 10 Information Assurance mitigation strategies.

• Source: https://github.com/iadgov/Splunk-Assessment-of-Mitigation-Implementations
• Website: https://splunkbase.splunk.com/app/3114 and https://splunkbase.splunk.com/app/3115

SCAP Security Guide (SSG)

Security guidance, baselines, and compliance mechanisms using the Security Content Automation Protocol (SCAP) for hardening Linux systems and applications.

• Source: https://github.com/OpenSCAP/scap-security-guide
• Website: https://www.open-scap.org/security-policies/scap-security-guide

Secure Host Baseline (SHB)

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings.

• Source: https://github.com/iadgov/Secure-Host-Baseline

Security-Enhanced Linux (SELinux)

A mandatory access control mechanism for the Linux kernel.

• Source: https://github.com/SELinuxProject
• Website: https://selinuxproject.org

Security Enhancements (SE) for Android

A mandatory access control mechanism for Android.

• Source: https://android.googlesource.com and https://bitbucket.org/seandroid
• Website: https://source.android.com/security/selinux

Simon and Speck

Fast implementations of the Simon and Speck lightweight block ciphers for the SUPERCOP benchmark toolkit.

• Source: https://github.com/iadgov/simon-speck-supercop
• Website: https://iadgov.github.io/simon-speck

Unfetter

Identifies defensive gaps in security posture by leveraging Mitre's ATT&CK framework.

• Source: https://github.com/unfetter-analytic and https://github.com/unfetter-discover
• Website: https://iadgov.github.io/unfetter

WALKOFF

An active cyber defense development framework enabling orchestration capabilities to be written once and deployed across WALKOFF-enabled orchestration tools.

• Source: https://github.com/iadgov/WALKOFF and https://github.com/iadgov/WALKOFF-Apps
• Website: https://iadgov.github.io/WALKOFF

Windows Event Log Messages

Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats.

• Source: https://github.com/iadgov/Windows-Event-Log-Messages
• Website: https://iadgov.github.io/Windows-Event-Log-Messages

License

See INTENT (see code.mil for more information) and LICENSE.

Disclaimer

See DISCLAIMER.