Open Source Python Security Software for Mac - Page 7

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website. Search for exposed GraphQL development consoles (GraphiQL, GraphQL Playground, and other standard consoles) Use a custom GraphQL tab displayed on each HTTP request/response containing GraphQL- Leverage the templates generation by sending those requests to Burp's Repeater tool ("Send to Repeater"). Leverage the templates generation and editor support by sending those requests to embedded GraphIQL ("Send to GraphiQL") Configure the tool by using a custom settings tab.

Insidias is a next-generation intrusion detection engine, with a focus on speed, efficiency, advanced pattern matching, parallel-processing, modularity, and expandability.

An open source tool written in python, to easily manage the passwords of the accounts that you might hold in various websites.It is a small stand-alone tool that can remember your internet passwords in an independent, portable and transparent way.

Konfidi is a trust framework that uses topical trust values from a social network of authenticated people. When you receive an email from someone you do not know, but he/she is in the network, Konfidi will compute an inferred trust value for you.

Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies. Furthermore, it comprises the ability to see some components of Kubernetes infrastructure and provides visualized attack paths of how hackers can advance their attacks.

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

This is a steganogric program that uses images last bits to hide information ( files ). It can crypt data with a rotation and a xor key.

This is a program that watches your system log files, looking for hack attempts. It instanty reacts to potential security breaches by (for instance) adding firewall rules to cut off the attacker.

MINI is a secure service discovery protocol for the M2MI ad-hoc networking library and written in Java (and soon, Python).

MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely rewritten from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what better filters did, only better), allowing users to modify any type of traffic or protocol. The configuration file can be edited on-the-fly while MITMf is running, the changes will be passed down through the framework.

There are many password management applications out there, but they all lack a password generator which can create passwords a human can remember easily. PassGen fills this gap with a wide variety of possible password it can create. Among passwords consisting of random letters, numbers and punctuations it can also generate mnemonic passwords consisting of words, numbers and punctuations. These kind of password are also hard to guess, but much more easy to remember for a human brain.

Merovingian is very easy to use but powerful GUI interface for GnuPG. It intends to be well integrated with GNOME, but still usable with other desktop environments too.

This repository contains the standalone desktop application from the Midbar project. The app operates entirely offline and does not require an internet connection. GitHub repository: https://github.com/Northstrix/Midbar-Desktop-App

Midbar Firebase Edition - is the edition of Midbar that stores the encrypted data in the cloud while keeping the cryptographic keys on the device! It comes with the firmware for the hardware IoT data vault and the desktop app that's synced with the vault via the Google Firebase. A vault and an app can be used without one another. The GitHub repository is available at github.com/Northstrix/Midbar-Firebase-Edition Tutorial for V1 https://www.instructables.com/DIY-IoT-Data-Vault-With-Google-Firebase/ Tutorial for V2 https://medium.com/@Northstrix/syncing-mcu-password-vault-with-desktop-app-using-google-firebase-28963e060444 Tutorial for V3 https://www.instructables.com/DIY-Advanced-IoT-Password-Vault-Synced-With-Deskto/ GitHub Repository: https://github.com/Northstrix/Midbar-Firebase-Edition

Modbus traffic generator is a tool written in Python, and uses Scapy libraries to evaluate the effectiveness of SCADA security solutions. The tool generates Modbus/TCP packets, where the characteristics of these packets are extracted from Snort NIDS Modbus rules. The generated packets trigger related alerts in Snort NIDS. It is useful to anybody interested in evaluating and testing their SCADA security solution or other people solutions. Requirements: * Python 2.x or higher * Scapy * Snort NIDS (within the network)

With multilogger you may log keys, sound, webcam and the screen!

The Netbios Share Samba Scanner scan C classes and reveal all open shares. It will tell you all the information and even show the content of the shares. It will also show you shares that are not accessible.Also provide a username and password to it. To know more about SecPoint IT security solutions visit us at www.secpoint.com

Nixory is a light and handy antispyware tool aimed at removing malicious tracking cookies. It currently supports Mozilla Firefox, Google Chrome and Internet Explorer and it runs on all major OS including Windows, Linux and MacOSx.

Nuhe Client is a project related to the Nuhe Action Capable Log Monitor. This GUI client simplifies the administration of sensors and node managers, making it easier to control and monitor the network. Comes with a rule editor as well as a log monitor.

A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.8+. OAuthLib is a framework which implements the logic of OAuth1 or OAuth2 without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you're a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort.

OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives).

Download code, Learn code, Share code. The Ongoing Object-oriented Perl Project. scripts, tutorials, modules, case studies, anything OOPerl --not excluding contributions of OO discipline in other programming languages.

OpenSEED is open source implementation for SEED, the 128-bit Symmetric Block Cipher which is used widely among Korean Financial & Banking Companies. OpenSEED will implement TLS over SEED, also.

OpenSQLi-NG is the next generation open source sql injection tool. It silently test and exploit (on-demand) SQL injections conditions. Please refer to the project web site to have the complete description: http://opensqling.sourceforge.net/?page_id=8

OpenSessame is a personnel entry control and time tracking management system. Platform independent, multi-node, client-server system, written in Python, with wxPython/wxWidgets client, a web management gui and PostgreSQL database backend.