Poll
How much system resources could your security products consume at most?
Security Software Testing Suite
About the suite
Security Software Testing Suite (SSTS) is a set of tools used for testing personal firewalls and Internet security suites for Windows. SSTS is based on the idea of leak-tests, small independent programs that attempt to bypass an outbound protection of the security software. SSTS also consists of many independent programs that test specific features.
SSTS is used in our Firewall Challenge project, which goal is to rate and compare abilities of personal firewalls and similar software. This project replaced older Windows Personal Analysis project and its subproject – leak-testing. The advantages of using SSTS instead of the original leak-tests are obvious. SSTS is published with its source code, which makes the testing as transparent as possible. Unlike leak-tests, this suite tests many other features of the security software and not just the outbound protection. The tests in SSTS have a unified structure and user interface, hence using it is faster, easier and more efficient.
Changelog
- 2008-05-06: Three new tests have been added to the suite. PerfTCP and PerfUDP have been added to Level 1, SockSnif to Level 8.
- 2008-04-24: Seven new tests, namely Keylog1, Keylog2, Keylog3, Keylog4, Keylog5, Keylog6 and Keylog7, have been added.
- 2008-03-18: The first public version that contained 60 tests was released.
Download
Warning: This software is used for testing of security products and should never be used on production machines. Using this software may damage or erase your data. This software is provided "as is" and without warranty of any kind. More information about each test can be found in its source code file and in the shared source code files of the whole suite.
By using SSTS you agree with its licence that is included in the archive in licence.txt.
Contribution
If you are a security researcher, analyst or coder and you have an idea for a test, please share it with us. You can either send us just a description of your idea, a proof of concept or, ideally, a fully integrated test to the SSTS framework. We will analyse it and possibly include to the suite giving you a full credit for the new testing method. If you have such idea, please contact us.