Open Source Mac Security Software - Page 16

This project automates the reporting of improper Internet use by the X-ARF format. The two schemas specified abuse_login-attack and abuse_malware are currently implemented. Fixing a Bug and the Date / Timestamp issues. Now it should work fine :)

Set of tools to generate XUL based forms with xforms support.

A gpg crypto module for apache. This is an add-on module for the popular apache webserver to provide gpg functionality to web pages via an xmlrpc interface.

YASeMI (Yet Another Security Monitoring Interface) consists of a Web interface that can be of aid to SysAdmins and Security Admins, in detecting possible anomaly or intrusion behaviour in their network, based on Netflow data their routers emit.

IDS via ACL log management, including basic reporting via PHP

A web-based system to assign a set of known persons anonymous ids, such that every person only receives one id. The ids cannot be mapped to the corresponding persons afterwards.

Anticeptron is an attempt to do what people expect from every captcha: a strong system with the ability to prevent bots from doing unauthorized access.

Upon successful authentication, a cookie (named TOKEN) with the value of a signed JWT is set and the user redirected back to the originally requested path. Upon each request, Lambda@Edge checks the JWT for validity (signature, expiration date, audience and matching hosted domain) and will redirect the user to configured provider's login when their session has timed out. If your CloudFront distribution is pointed at a S3 bucket, configure origin access identity so S3 objects can be stored with private permissions. (Origin access identity requires the S3 ACL owner be the account owner. Use our s3-object-owner-monitor Lambda function if writing objects across multiple accounts.) Enable SSL/HTTPS on your CloudFront distribution; AWS Certificate Manager can be used to provision a no-cost certificate. Session duration is defined as the number of hours that the JWT is valid for. After session expiration, cloudfront-auth will redirect the user to the configured provider to re-authenticate.

Main function is to see which cert a server is using show cert details and calculate fingerprints Second function is to see which ciphers a server is willing to connect to make sure that weak cipher on the server are disabled and therefore fail. By default collect_ssl_info with option -p try all ciphers openssl has build in. This ist mostly sufficient for a check. required - actual as possible openssl - gawk licence http://www.gnu.org/licenses/gpl-3.0-standalone.html

d3vscan is a simple yet powerful network and Bluetooth scanner which is based on PyGTK.

Collection of all projects from me and friends

devialog is a behavior/anomaly-based syslog intrusion detection system which detects unknown attacks via anomalies in syslog. It can generate signatures for ease of management, act upon anomalies in a predefined fashion or perform as a standard log parser

distributedPHP client is a simple PHP script that can simultaneously activate/send data to as many web scripts as you want. You must open and configure the distributedPHP .php file prior to running it. ditributedPHP client supports activating scripts without data, sending the same data to all scripts, sending unique data to each script or sending user input to each script. Examples of use include: distributed math computation, encryption breaking, SETI@home/folding@home (well, if they made the projects in php..) distributed bruteforce attacks, ddos attacks, distributed processing, etc.. distributedPHP client can be configured to distribute computing to scripts written in a language other than php as long as the script supports html form input (or doesn't require input at all).

eXlent2k7 is a CMS based on the most modern technologies (XHTML 1.1, CSS 2.1, PHP 5 objects, PDO, XML, DOM) with good security (CSRF protection, XSS prevention in template system, JavaScript can be disabled, SQL injection prevention in database class).

A robust and reliable user management sub-system is critical to an enterprise application system. Esecurity is a web services-based user management component that provides services for user authentication, access control, user profile management etc.

EvilSentinel is basely an universal security system for php web applications . The software offers a completely configurable filtering system, wich allows ,depending on the situation, to block, sanitize or simply to ignore malevole input datas .

Flash/PHP adaptation of the XTEA encryption algorithm. Allows encryption/decryption of sensitive data using 128-bit key. May be used for network data (HTTP) or offline for implementations like secure CD-ROM projects.

The gruft library is a fast implementation of several cryptographic functions in JavaScript: MD5, SHA-1, SHA-256, Tiger/192, AES-Rijndael.

A simple native java network library containing ftp, smtp and port knocking clients. Designed to be easily extended or customized this library will adapt smoothly in any java project

A vulnerable toolkit & lab for IT Security Professionals, Hackers and Students. This is a Linux based Operating System & has been developed for those concerned with IT Security. Contains various software, exploits and is vulnerable to attacks. This project is a fork of the project MyLab@Home developed by Huzaib Shafi (http://www.shafihuzaib.com)

iddin is a PHP/HTML-Obfuscator written in Perl.

intra:Q is a content management system designed for intranet use. The system is modular, and can provide an intranet site, content filtering, and replacements for standard browser widgets.

Iron is synonym for chain and bar is a synonym for block. This project is to develop an SSI system using block chain protocol that can be used in authentication scenerios like games. It's not limited to games, just an example. see https://github.com/tatmanblue/ironbar

J2EP is a reverse proxy running on a J2EE engine. The proxy is written in java and was originally designed with Tomcat in mind, but any engine should work fine. A set of basic mapping rules are included but they can easily be extended to your own needs.

jRevProxy is a lightweight reverse proxy server fully written in Java. jRevProxy accepts HTTP and HTTPS requests and translates these into new requests based on a set of rules. HTTPS with client side authentication (X509 certificates) is supported.