Reaver performs a brute force attack against an access point's Wi-Fi Protected Setup (WPS) PIN. Once the PIN is found, the WPA passphrase can be recovered and the AP's wireless settings can be reconfigured.

With this package you can monitor and filter incoming requests for network services. It includes a library which may be used by daemons to transparently check connection attempts against an access control list.

ENet's purpose is to provide a relatively thin, simple and robust network communication layer on top of UDP. The primary feature it provides is optional reliable, in-order delivery of packets. ENet omits certain higher level networking features such as authentication, server discovery, encryption, or other similar tasks that are particularly application specific so that the library remains flexible, portable, and easily embeddable.

Wireless networking GUI front-end for iwd, with supported functionality similar to that of iwctl. Features include viewing and connecting to available networks, managing known networks, provisioning new networks via WPS or Wi-Fi Easy Connect, and an indicator icon displaying connection status and signal strength.

lcsync is a tool to sync files over IPv6 multicast or the local filesystem. It splits the file into blocks, hashes them, and compares them in order to efficiently transfer a minimal amount of data.

Open vSwitch is a multilayer virtual switch. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, 802.1ag).

This package provides a control tool for the B.A.T.M.A.N. mesh networking routing protocol provided by the Linux kernel module batman-adv, for Layer 2.

Wireshark is a network protocol analyzer, or packet sniffer, that lets you capture and interactively browse the contents of network frames.

Bandwidth Monitor NG is a small and simple console based live network and disk I/O bandwidth monitor.

NDisc6 is a collection of tools for IPv6 networking diagnostics. It includes the following programs:

• ndisc6: ICMPv6 Neighbor Discovery tool.

• rdisc6: ICMPv6 Router Discovery tool.

• tcptraceroute6: IPv6 traceroute over TCP.

• traceroute6: IPv6 traceroute over UDP.

• rdnssd: Recursive DNS Servers discovery daemon.

yggtray is an Yggdrasil tray and control panel. It allows the user to configure, run and control the Yggdrasil daemon.

iPerf is a tool to measure achievable bandwidth on IP networks. It supports tuning of various parameters related to timing, buffers and protocols (TCP, UDP, SCTP with IPv4 and IPv6). For each test it reports the bandwidth, loss, and other parameters.

Hashcash is a proof-of-work algorithm, which has been used as a denial-of-service countermeasure technique in a number of systems.

A hashcash stamp constitutes a proof-of-work which takes a parametrizable amount of work to compute for the sender. The recipient can verify received hashcash stamps efficiently.

This package contains a command-line tool for computing and verifying hashcash stamps.

libndp contains a library which provides a wrapper for IPv6 Neighbor Discovery Protocol. It also provides a tool named ndptool for sending and receiving NDP messages.

knockd is a port-knock daemon. It listens to all traffic on an ethernet or PPP interface, looking for special "knock" sequences of port-hits (UDP/TCP packets sent to a server port). This port need not be open, since knockd listens at the link-layer level.

mbuffer is a tool for buffering data streams with a large set of features:

• direct support for TCP based network targets (IPv4 and IPv6)

• ability to send to multiple targets in parallel (distribution mode)

• support for multiple volumes

• I/O rate limitation

• high/low watermark based restart criteria

• configurable buffer size

• on the fly MD5 hash calculation

• highly efficient, multi-threaded implementation

Phantomsocks is an Internet censorship circumvention tool based on the desync technique, which was introduced in the 2017 paper Your State is Not Mine: A Closer Look at Evading Stateful Internet Censorship.

Further information on the usage could be found on the Wikibooks page Phantomsocks.

This library allows controlling basic functions in SocketCAN from user-space. It requires a kernel built with SocketCAN support.

Socket6 binds the IPv6 related part of the C socket header definitions and structure manipulators for Perl.

Iodine tunnels IPv4 data through a DNS server. This can be useful in different situations where internet access is firewalled, but DNS queries are allowed. The bandwidth is asymmetrical, with limited upstream and up to 1 Mbit/s downstream.

NetHogs is a small 'net top' tool for Linux. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process.

NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and immediately see which PID is causing this. This makes it easy to identify programs that have gone wild and are suddenly taking up your bandwidth.

This package provides a multi-threaded TFTP server that implements all options, including all extensions, as specified in RFC 1350, RFC 2090, RFC 2347, RFC 2348, RFC 2349 and RFC7440. Atftpd also supports a multicast protocol known as mtftp, which was defined in the PXE specification.

The server is socket activated by default but supports being started from inetd as well as in daemon mode.

This package provides CAN utilities in the following areas:

• Basic tools to display, record, generate and replay CAN traffic

• CAN access via IP sockets

• CAN in-kernel gateway configuration

• CAN bus measurement and testing

• ISO-TP (ISO15765-2:2016 - this means messages with a body larger than eight bytes) tools

• Log file converters

• Serial Line Discipline configuration for slcan driver

This package provides a modern, but Linux-specific implementation of the traceroute command that can be used to follow the route taken by packets on an IP network on their way to a given host. It utilizes the IP protocol's time to live (TTL) field and attempts to elicit an ICMP TIME_EXCEEDED response from each gateway along the path to the host. Compared to other implementations, this traceroute command allows some traces for unprivileged users.