Software and Tools
Access and download the software, tools, and methods that the SEI creates, tests, refines, and disseminates. Organizations and individuals worldwide use these technologies and management techniques to improve the results of software projects, the quality and behavior of software systems, and the security and survivability of networked systems.
Filter by
-
Mission-Based Prioritization Tool (Coded)
• Software
By None
An alternate version of the tool to implement the mission-based prioritization of agile backlogs that includes a small amount of Visual Basic code that creates a tab containing the sorted …
DOWNLOAD -
Mission-Based Prioritization Tool (Code Free)
• Software
By None
A no-frills tool to implement the mission-based prioritization of agile backlogs that accounts for restrictions on government computers; the results must be manually sorted.
DOWNLOAD -
KalKi Platform Main Repository
• Software
By Sebastián Echeverría
KalKi is an IoT platform for allowing untrusted IoT devices to connect to a network in a secure way, protecting both the IoT device and the network from malicious attackers.
DOWNLOAD -
SEI-ACE
• Software
By Grace Lewis , Sebastián Echeverría
SEI-ACE is an extension of the ACE Working Group proposal to support authentication and authorization of devices in disadvantaged environments.
DOWNLOAD -
DSOI-ALL / devops-microcosm
• Software
By None
Hands-on guidance to build DevSecOps pipeline
DOWNLOAD -
SCAIFE-API YAML Specification
• Software
By None
The YAML file specifies the SCAIFE-API definition in a format developers can use to view, modify, and automatically generate code from.
DOWNLOAD -
Supplementary Materials for a Case Study of Analysis Contracts with the ACTIVE tool
• Dataset
By None
This archive contains the source code of the ACTIVE tool, and models/data from a case study of analysis contracts in two domains: thread scheduling, and battery design.
DOWNLOAD -
Analysis Pipeline
• Software
By None
The Analysis Pipeline supports inspection of flow records as they are created.
DOWNLOAD -
CERT quilt
• Software
By None
Quilt is a JavaScript tool used to to build and manage anything from website backends to complex distributed systems.
DOWNLOAD -
CERT Linux Forensics Tools Repository
• Software
By None
The CERT Linux Forensics Tools Repository provides many useful packages for cyber forensics acquisition and analysis practitioners.
DOWNLOAD -
CERT fixbuf
• Software
By None
CERT fixbuf is a compliant implementation of the IPFIX Protocol.
DOWNLOAD -
CERT super_mediator
• Software
By None
CERT super_mediator is an IPFIX mediator for use with the YAF and SiLK tools.
DOWNLOAD -
Clang-Tidy
• Software
By None
Clang-Tidy is Clang-based C++ "linter" tool that provides an extensible framework for diagnosing and fixing typical programming errors.
DOWNLOAD -
CERT Tapioca
• Software
By None
CERT Tapioca is a network-layer MITM proxy utility that checks for apps that fail to validate certificates and investigates content of network traffic, including HTTP and HTTPS.
DOWNLOAD -
CERT SiLK IPset
• Software
By None
CERT SiLK IPset can be used to build and manipulate IPset files.
DOWNLOAD -
CERT pyfixbuf
• Software
By None
CERT pyfixbuf is a Python API for libfixbuf that can be used to write applications that collect and export IPFIX.
DOWNLOAD -
CERT snarf
• Software
By None
CERT snarf is a distributed alert reporting system that sends send network alert messages.
DOWNLOAD -
PDFrankenstein
• Software
By None
PDFrankenstein is a Python tool for bulk malicious PDF feature extraction.
DOWNLOAD -
Insider Threat Test Dataset
• Dataset
By None
The Insider Threat Test Dataset is a collection of synthetic insider threat test datasets that provide both background and malicious actor synthetic data.
DOWNLOAD -
Automated Assurance of Security Policy Enforcement (AASPE)
• Software
By None
AASPE is a set of modeling tools for security analysis and a code generator to produce code for the seL4 platform from AADL models.
DOWNLOAD -
Error Model Version 2
• Software
By None
The Error Model Annex, Version 2 (EMV2), notation for architecture fault modeling supports safety, reliability, and security analyses as part of the OSATE toolset.
DOWNLOAD -
CERT netsa-python
• Software
By None
The netsa-python library is a collection of Python routines and frameworks to use when developing analyses using the SiLK toolkit.
DOWNLOAD -
CERT iSiLK
• Software
By None
iSiLK is a graphical front-end for the SiLK tools, designed to work with an existing installation of the SiLK analysis suite.
DOWNLOAD -
CERT Orcus
• Software
By None
Orcus is a system for analyzing passively-collected DNS information. It includes a capability for analyzing all DNS information that has been seen (the “resource record database”), as well as a …
DOWNLOAD -
KD-Cloudlet
• Software
By None
Cloudlets are discoverable, generic, stateless servers located in single-hop proximity of mobile devices that can operate in disconnected mode and are virtual-machine based.
DOWNLOAD -
Rosecheckers
• Software
By None
Rosecheckers is a tool that performs static analysis on C/C++ source files to enforce the rules in the CERT C Coding Standard.
DOWNLOAD -
Architecture Analysis and Design Language (AADL) Tool
• Software
By None
AADL provides a framework for analyzing system designs and supports architecture-centric, model-based development through the system lifecycle.
DOWNLOAD -
CERT Dranzer
• Software
By None
Dranzer is a tool that enables users to examine effective techniques for fuzz testing ActiveX controls.
DOWNLOAD -
CERT Prism
• Software
By None
Prism is a tool for visualizing flow data as a time series, broken down into several configurable bins by SiLK's rwfilter tool.
DOWNLOAD -
Compiler-Enforced Buffer Overflow Elimination
• Software
By None
This tool prevents buffer overflows from succeeding in multithreaded code using static and dynamic analysis.
DOWNLOAD -
CERT Stix2Cif
• Software
By None
CERT Stix2Cif parses STIX/Cybox documents into JSON CIF feed files with corresponding configuration files and feeds them to CIF.
DOWNLOAD -
CERT Triage Tools
• Software
By None
CERT Triage Tools consist of a triage script and a GNU Debugger (GDB) extension named 'exploitable' that classify Linux application defects by severity.
DOWNLOAD -
CERT Cif2Stix
• Software
By None
CERT Cif2Stix is a plug-in for CIF that takes JSON object or file inputs and outputs STIX/CyBox documents.
DOWNLOAD -
CERT Rayon
• Software
By None
CERT Rayon is a Python library and set of tools that generates basic two-dimensional statistical visualizations.
DOWNLOAD -
Controls Systems Code Samples Download
• Software
By None
The Controls Systems Code Samples help an organization protect text-based intellectual property, including source code repositories.
DOWNLOAD -
CERT JIRA Plugins
• Software
By None
CERT JIRA Plugins consist of Automated Task Creator, Email Attachment Handler, and Common Code.
DOWNLOAD -
Secure Coding Validation Suite
• Software
By None
The Secure Coding Validation Suite is a tool that performs a set of tests to validate the rules defined in ISO Technical Specification 17961.
DOWNLOAD -
CERT SQUARE for Privacy (P-SQUARE)
• Software
By None
P-SQUARE was designed for stakeholders, requirements engineers, and administrators and supports the security and privacy aspects of SQUARE.
DOWNLOAD -
CERT SQUARE for Acquisition (A-SQUARE)
• Software
By None
SQUARE-A is designed for stakeholders, requirements engineers, and contractors/vendors to use in acquisitions and provides documentation support for a variety of use cases.
DOWNLOAD -
Acquisition Strategy Development Tool
• Software
By None
The Acquisition Strategy Development Tool is a customized Excel workbook that helps acquisition planners work through their method and techniques.
DOWNLOAD