This is a list of available software and hardware tools that are designed for or are particularly suited to various kinds of security assessment and security testing. == Operating systems and tool suites == Several operating systems and tool suites provide bundles of tools useful for various types of security assessment. === Operating system distributions === Kali Linux (formerly BackTrack), a penetration-test-focused Linux distribution based on Debian Pentoo, a penetration-test-focused Linux distribution based on Gentoo ParrotOS, a Linux distro focused on penetration testing, forensics, and online anonymity. == Tools ==
Business Controls Corporation
Business Controls Corporation is a privately held computer company that developed an application-program-generator and also a series of accounting software packages. These packages were widely enough used for various business magazines to have back-of-the-book ads for companies seeking accountants with experience in one or more of them. Computer magazines ran coverage for their SB-5 application-program-generator as from time to time new versions were released, each with new or improved features. == Early days == The company's initial offerings were packages for the DEC PDP-8, although Business Controls Corporation also wrote custom-written programs for customers. Large customers with mainframes who also used smaller systems for departmental use and distributed processing also used BCC's services. == SB-5 == The addition of an application-program-generator named SB-5 that, from specifications, could generate COBOL code was a major step forward. Although this began with supporting the DEC PDP-11, they subsequently began to support COBOL on DEC's DECsystem-10 & DECSYSTEM-20. VAX support came later. The specifications also permitted COBOL inserts and overrides: SB-5 could build an application that was all COBOL, yet only code the portions that varied from BCC's "vanilla" accounting packages. === Similar offerings === A similar idea was done for the IBM mainframe world in the form of a series of application-program-generators from Dylakor Corporation. They were named DYL-250, DYL-260, DYL-270 & DYL-280. Dylakor was acquired by Computer Associates. The specific syntax was different, but it had wider use, and - a mark of success and recognition in the industry - syntax-compatible implementations were released by a competitor. Still another alternative was Peat Marwick Mitchell's PMM2170 application-program-generator package. Like the others, it supported COBOL inserts and overrides. === Extended integration === Business Controls Corporation subsequently extended SB-5's feature set to provide support for System 1022, a product for the DECsystem-10 & DECSYSTEM-20; 1022's vendor also had a VAX/VMS (later OpenVMS) product, System 1032.
Nobody (username)
In many Unix variants, "nobody" is the conventional name of a user identifier which owns no files, is in no privileged groups, and has no abilities except those which every other user has. It is normally not enabled as a user account, i.e. has no home directory or login credentials assigned. Some systems also define an equivalent group "nogroup". == Uses == The pseudo-user "nobody" and group "nogroup" are used, for example, in the NFSv4 implementation of Linux by idmapd, if a user or group name in an incoming packet does not match any known username on the system. It was once common to run daemons as nobody, especially on servers, in order to limit the damage that could be done by a malicious user who gained control of them. However, the usefulness of this technique is reduced if more than one daemon is run like this, because then gaining control of one daemon would provide control of them all. The reason is that processes owned by the same user have the ability to send signals to each other and use debugging facilities to read or even modify each other's memory. Modern practice, as recommended by the Linux Standard Base, is to create a separate user account for each daemon.
Human image synthesis
Human image synthesis is technology that can be applied to make believable and even photorealistic renditions of human-likenesses, moving or still. It has effectively existed since the early 2000s. Many films using computer generated imagery have featured synthetic images of human-like characters digitally composited onto the real or other simulated film material. Towards the end of the 2010s deep learning artificial intelligence has been applied to synthesize images and video that look like humans, without need for human assistance, once the training phase has been completed, whereas the old school 7D-route required massive amounts of human work. == Timeline of human image synthesis == In 1971 Henri Gouraud made the first CG geometry capture and representation of a human face. Modeling was his wife Sylvie Gouraud. The 3D model was a simple wire-frame model and he applied the Gouraud shader he is most known for to produce the first known representation of human-likeness on computer. The 1972 short film A Computer Animated Hand by Edwin Catmull and Fred Parke was the first time that computer-generated imagery was used in film to simulate moving human appearance. The film featured a computer simulated hand and face (watch film here). The 1976 film Futureworld reused parts of A Computer Animated Hand on the big screen. The 1983 music video for song Musique Non-Stop by German band Kraftwerk aired in 1986. Created by the artist Rebecca Allen, it features non-realistic looking, but clearly recognizable computer simulations of the band members. The 1994 film The Crow was the first film production to make use of digital compositing of a computer simulated representation of a face onto scenes filmed using a body double. Necessity was the muse as the actor Brandon Lee portraying the protagonist was tragically killed accidentally on-stage. In 1999 Paul Debevec et al. of USC captured the reflectance field of a human face with their first version of a light stage. They presented their method at the SIGGRAPH 2000 In 2003 audience debut of photo realistic human-likenesses in the 2003 films The Matrix Reloaded in the burly brawl sequence where up-to-100 Agent Smiths fight Neo and in The Matrix Revolutions where at the start of the end showdown Agent Smith's cheekbone gets punched in by Neo leaving the digital look-alike unnaturally unhurt. The Matrix Revolutions bonus DVD documents and depicts the process in some detail and the techniques used, including facial motion capture and limbal motion capture, and projection onto models. In 2003 The Animatrix: Final Flight of the Osiris a state-of-the-art want-to-be human likenesses not quite fooling the watcher made by Square Pictures. In 2003 digital likeness of Tobey Maguire was made for movies Spider-man 2 and Spider-man 3 by Sony Pictures Imageworks. In 2005 the Face of the Future project was an established. by the University of St Andrews and Perception Lab, funded by the EPSRC. The website contains a "Face Transformer", which enables users to transform their face into any ethnicity and age as well as the ability to transform their face into a painting (in the style of either Sandro Botticelli or Amedeo Modigliani). This process is achieved by combining the user's photograph with an average face. In 2009 Debevec et al. presented new digital likenesses, made by Image Metrics, this time of actress Emily O'Brien whose reflectance was captured with the USC light stage 5 Motion looks fairly convincing contrasted to the clunky run in the Animatrix: Final Flight of the Osiris which was state-of-the-art in 2003 if photorealism was the intention of the animators. In 2009 a digital look-alike of a younger Arnold Schwarzenegger was made for the movie Terminator Salvation though the end result was critiqued as unconvincing. Facial geometry was acquired from a 1984 mold of Schwarzenegger. In 2010 Walt Disney Pictures released a sci-fi sequel entitled Tron: Legacy with a digitally rejuvenated digital look-alike of actor Jeff Bridges playing the antagonist CLU. In SIGGGRAPH 2013 Activision and USC presented a real-time "Digital Ira" a digital face look-alike of Ari Shapiro, an ICT USC research scientist, utilizing the USC light stage X by Ghosh et al. for both reflectance field and motion capture. The end result both precomputed and real-time rendering with the modernest game GPU shown here and looks fairly realistic. In 2014 The Presidential Portrait by USC Institute for Creative Technologies in conjunction with the Smithsonian Institution was made using the latest USC mobile light stage wherein President Barack Obama had his geometry, textures and reflectance captured. In 2014 Ian Goodfellow et al. presented the principles of a generative adversarial network. GANs made the headlines in early 2018 with the deepfakes controversies. For the 2015 film Furious 7 a digital look-alike of actor Paul Walker who died in an accident during the filming was done by Weta Digital to enable the completion of the film. In 2016 techniques which allow near real-time counterfeiting of facial expressions in existing 2D video have been believably demonstrated. In 2016 a digital look-alike of Peter Cushing was made for the Rogue One film where its appearance would appear to be of same age as the actor was during the filming of the original 1977 Star Wars film. In SIGGRAPH 2017 an audio driven digital look-alike of upper torso of Barack Obama was presented by researchers from University of Washington. It was driven only by a voice track as source data for the animation after the training phase to acquire lip sync and wider facial information from training material consisting 2D videos with audio had been completed. Late 2017 and early 2018 saw the surfacing of the deepfakes controversy where porn videos were doctored using deep machine learning so that the face of the actress was replaced by the software's opinion of what another persons face would look like in the same pose and lighting. In 2018 Game Developers Conference Epic Games and Tencent Games demonstrated "Siren", a digital look-alike of the actress Bingjie Jiang. It was made possible with the following technologies: CubicMotion's computer vision system, 3Lateral's facial rigging system and Vicon's motion capture system. The demonstration ran in near real time at 60 frames per second in the Unreal Engine 4. In 2018 at the World Internet Conference in Wuzhen the Xinhua News Agency presented two digital look-alikes made to the resemblance of its real news anchors Qiu Hao (Chinese language) and Zhang Zhao (English language). The digital look-alikes were made in conjunction with Sogou. Neither the speech synthesis used nor the gesturing of the digital look-alike anchors were good enough to deceive the watcher to mistake them for real humans imaged with a TV camera. In September 2018 Google added "involuntary synthetic pornographic imagery" to its ban list, allowing anyone to request the search engine block results that falsely depict them as "nude or in a sexually explicit situation." In February 2019 Nvidia open sources StyleGAN, a novel generative adversarial network. Right after this Phillip Wang made the website ThisPersonDoesNotExist.com with StyleGAN to demonstrate that unlimited amounts of often photo-realistic looking facial portraits of no-one can be made automatically using a GAN. Nvidia's StyleGAN was presented in a not yet peer reviewed paper in late 2018. At the June 2019 CVPR the MIT CSAIL presented a system titled "Speech2Face: Learning the Face Behind a Voice" that synthesizes likely faces based on just a recording of a voice. It was trained with massive amounts of video of people speaking. Since 1 July 2019 Virginia has criminalized the sale and dissemination of unauthorized synthetic pornography, but not the manufacture., as § 18.2–386.2 titled 'Unlawful dissemination or sale of images of another; penalty.' became part of the Code of Virginia. The law text states: "Any person who, with the intent to coerce, harass, or intimidate, maliciously disseminates or sells any videographic or still image created by any means whatsoever that depicts another person who is totally nude, or in a state of undress so as to expose the genitals, pubic area, buttocks, or female breast, where such person knows or has reason to know that he is not licensed or authorized to disseminate or sell such videographic or still image is guilty of a Class 1 misdemeanor.". The identical bills were House Bill 2678 presented by Delegate Marcus Simon to the Virginia House of Delegates on 14 January 2019 and three-day later an identical Senate bill 1736 was introduced to the Senate of Virginia by Senator Adam Ebbin. Since 1 September 2019 Texas senate bill SB 751 amendments to the election code came into effect, giving candidates in elections a 30-day protection period to the elections during which making and distributing digital look-alikes or synthetic fakes of the candidates is an offense. Th
Cyber and Information Domain Service
The Cyber and Information Domain Service (CIDS; German: Cyber- und Informationsraum, lit. 'Cyber and Information space', pronounced [ˈsaɪbɐ ʔʊnt ʔɪnfɔʁmaˈtsi̯oːnsʁaʊm] ; CIR) is the youngest branch of the German Armed Forces, the Bundeswehr. The decision to form an organizational unit was presented by Defense Minister Ursula von der Leyen on 26 April 2016, becoming operational on 1 April 2017. It is headquartered in Bonn. == History == In November 2015, the German Ministry of Defense activated a Staff Group within the ministry tasked with developing plans for a reorganization of the Cyber, IT, military intelligence, geo-information, and operative communication units of the Bundeswehr. On 26 April 2016, Defense Minister Ursula von der Leyen presented the plans for the new military branch to the public and on 5 October 2016 the command's staff became operational as a department within the ministry of defense. On 1 April 2017, the Cyber and Information Domain Service (CIDS) was activated as a "military organizational unit" (Organisationsbereich), indicating its status below a full service branch. The CIDS Headquarters took command of all existing electronic warfare, signals, IT, military intelligence, geoinformation, and psychological operations units. As part of a wider restructuring of higher command in the Bundeswehr in 2024, it was decided to upgrade it from a military organizational unit to the fourth full military service branch, alongside Heer (army), Luftwaffe (air force) and Deutsche Marine (navy). == Organisation == The CIDS is commanded by the Chief of the Cyber and Information Domain Service (Inspekteur des Cyber- und Informationsraum InspCIR), a three-star general position, based in Bonn. As of April 2023, it is structured as follows: Cyber and Information Domain Service Command (Kommando Cyber- und Informationsraum KdoCIR), in Bonn Reconnaissance and Effects Command (Kommando Aufklärung und Wirkung KdoAufkl/Wirk), in Gelsdorf 911th Electronic Warfare Battalion 912th Electronic Warfare Battalion, mans the Oste-class SIGINT/ELINT and reconnaissance ships 931st Electronic Warfare Battalion 932nd Electronic Warfare Battalion, provides airborne troops for operations in enemy territory Cyber-Operations Centre (Zentrum Cyber-Operationen ZSO) Central Imaging Reconnaissance (Zentrale Abbildende Aufklärung ZAbbAufkl), operating the SAR-Lupe satellites Central Bundeswehr Investigation Authority for Technical Reconnaissance (Zentrale Untersuchungsstelle der Bundeswehr für Technische Aufklärung ZU-StelleBwTAufkl) Signals Reconnaissance Centre North (Fernmeldeaufklärungszentrale Nord FmAufklZentr NORD) Signals Reconnaissance Centre South (Fernmeldeaufklärungszentrale Süd FmAufklZentr SÜD) Information Technology Services Command (Kommando Informationstechnik-Services der Bundeswehr KdoIT-SBw), in Bonn 281st Information Technology Battalion 282nd Information Technology Battalion 292nd Information Technology Battalion 293rd Information Technology Battalion 381st Information Technology Battalion 383rd Information Technology Battalion Bundeswehr Geoinformation Centre (Zentrum für Geoinformationswesen der Bundeswehr), in Euskirchen Bundeswehr Cyber-Security Centre (Zentrum für Cyber-Sicherheit der Bundeswehr ZCSBw) Bundeswehr Software Digitalisation Centre (Zentrum Digitalisierung der Bundeswehr und Fähigkeitsentwicklung Cyber- und Informationsraum ZDigBw) Bundeswehr Operational Communications Centre (Zentrum Operative Kommunikation der Bundeswehr ZOpKomBw) Training Centre CIDS (Ausbildungszentrum CIR AusbZ CIR)
Live Transcribe
Live Transcribe is a mobile app for real-time captioning, developed by Google for the Android operating system. Development on the application began in partnership with Gallaudet University. It was publicly released as a free beta for Android 5.0+ on the Google Play Store on February 4, 2019. As of early 2023 it had been downloaded over 500 million times. == Development == Researchers Dimitri Kanevsky, Sagar Savla and Chet Gnegy at Google developed the app in collaboration with researchers at Gallaudet University, an American university for the education of the deaf and hard of hearing. The app uses machine learning to generate captions, similar to YouTube's auto-generated captions. In August 2019, Google made Live Transcribe an open-source project. == Features == The app uses speech recognition to generate live captions in over 80 languages with varying accuracy. The app, which requires connection to the Internet to function, is available to download on the Google Play Store. A later update to the app displayed information on sounds such as clapping, laughter, music, applause, and whistling. In May 2020, the app started supporting transcription in Albanian, Burmese, Estonian, Macedonian, Mongolian, Punjabi, and Uzbek, supporting 70 languages. In March 2022, the app was updated with support to transcribe offline, without Internet connection, so long as the appropriate language pack has been installed. The offline mode is only available for devices with 6GB of RAM and certain Google Pixel devices.
Blanking (video)
In analog video, blanking occurs between horizontal lines and between frames. In raster scan equipment, an image is built up by scanning an electron beam from left to right across a screen to produce a visible trace of one scan line, reducing the brightness of the beam to zero (horizontal blanking), moving it back as fast as possible to the left of the screen at a slightly lower position (the next scan line), restoring the brightness, and continuing until all the lines have been displayed and the beam is at the bottom right of the screen. Its intensity is then reduced to zero again (vertical blanking), and it is rapidly moved to the top left to start again, creating the next frame. In television, in particular, the vertical blanking interval is long to accommodate the slow equipment available at the time the standard was set. Fast modern electronics allows digital information to be encoded into the signal during the vertical blanking interval; it is not displayed on screen as the beam is blanked, but can be processed by appropriate circuitry.