Open Source BSD Security Software - Page 4
Sort By:
Security Software for BSD
-
Get the most trusted enterprise browserDefend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
pamtester is a tiny utility program to test the pluggable authentication modules (PAM) facility, specifically designed to help PAM module authors to intensively test their own modules.
-
2
PLEASE NOTE that we are in the process of moving to GitHub: https://github.com/jasypt/jasypt Jasypt (Java Simplified Encryption) is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works. PLEASE NOTE that we are in the process of moving to GitHub: https://github.com/jasypt/jasypt
-
3
secure rm
srm is a command-line program to delete files securely.
srm (secure rm) is a command-line compatible rm(1) which overwrites file contents before unlinking. The goal is to provide drop in security for users who wish to prevent recovery of deleted information, even if the machine is compromised. -
4
Keytool is an Eclipse plugin that maintains keystores and certificates. It allows you to create certificates and put them in a keystore. You can from Eclipse, open and inspect certificates that are stored as .cer, or in a given keystore.
-
Level Up Your Cyber Defense with External Threat ManagementMove beyond alerts. Gain full visibility, context, and control over your external attack surface to stay ahead of every threat.
-
5
IOS6 and recent iTunes updates have broken a few features. We have made some partial fixes, but they are not complete. If you'd like to help support our development, or take over the development please let us know. Explore the internal file structure of your iphone (or of a seized phone in the case of forensic teams) using either the iphone's own backup files or (for jail broken iphones) ssh. Viewing of plist, sqlite, and hex are supported. IOS 5 is now supported iOS 6 only partially works at the moment (some features fail or are missing). Unfortunately paid work means we can't fix this right now, but would welcome anyone else submitting patches.
-
6
Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng
-
7
GlobalPlatform
Implementation of GlobalPlatform smart card specification
The GlobalPlatform card specification is a standard for the management of the contents on a smart card. Mainly this comprises the installation and the removal of applications. This project offers a C library and a command line shell. Find more information on https://kaoh.github.io/globalplatform/ -
8
BadUSB
Flipper Zero badusb payload library
This project explores USB device emulation attacks—commonly called BadUSB—by demonstrating how commodity USB hardware can impersonate keyboards, network adapters, or storage devices to perform scripted actions on a host. It typically contains firmware examples, payloads, and explanations showing how a device presenting as a Human Interface Device (HID) can inject keystrokes, open shells, or orchestrate data exfiltration when plugged into a machine. The codebase is frequently intended for security research and defensive testing: defenders and red teams use it to validate endpoint controls, USB whitelisting, and user training. Due to the dual-use nature of such techniques, responsible repositories emphasize lab-only experiments, consent-based testing, and mitigations like disabling autorun, enforcing device policies, and using endpoint detection. -
9
Sploitware
Vulnerability analytics
Sploitware is a curated repository that maps the world of exploit development, offensive security, and binary exploitation into organized learning material. It brings together links to tutorials, tools, writeups, and CTF resources so that security learners don’t have to hunt across the internet for a coherent path. The focus is on practical exploitation skills: understanding memory corruption, reverse engineering, shellcode, privilege escalation, and platform specifics. By being a single, public list, it lowers the barrier for newcomers who want to go from “I know nothing about exploitation” to “I can follow a CTF writeup” in a guided way. It is also helpful for defenders and security engineers who want to understand offensive techniques to harden systems. The repo is community-friendly and can grow as new techniques, tools, and writeups appear. -
Simple, Secure Domain RegistrationRegister or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.
-
10
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for personal data encryption, backup use-cases, scripting encryption workflows, and embedding encryption in tools. Because of its design philosophy, it avoids the bloat of many older encryption utilities while maintaining strong cryptographic hygiene. It’s especially useful for developers or system administrators who want to adopt encryption without learning a multitude of options. -
11
malware-samples
A collection of malware samples and relevant dissection information
This repo is a public collection of malware samples and related dissection/analysis information, maintained by InQuest. It gathers various kinds of malicious artifacts, executables, scripts, macros, obfuscated documents, etc., with metadata (e.g., VirusTotal reports), file carriers, and sample hashes. It’s intended for malware analysts/researchers to help study how malware works, how they are delivered, and how it evolves. -
12
-
13
Foremost is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file
-
14
Rcracki_mt can be used to perform a rainbow table attack on password hashes. It is intended for indexed&perfected rainbow tables, mainly generated by the distributed project www.freerainbowtables.com
-
15
SSHGuard
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf. -
16
-
17
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. Narrow down your search with Proxyman's Multiple Filters. You can combine complex filtered criteria like Protocol, Content-Type, URL, Request Header, Response Header, Body, etc that find exact what you're looking for. -
18
Awesome Privacy
A curated list of privacy & security-focused software and services
Awesome Privacy is a curated directory of privacy-respecting alternatives to mainstream apps and services, organized across many categories like browsers, search, email, messaging, cloud storage, and operating systems. It aims to help you choose tools that reduce tracking, fingerprinting, and data collection without sacrificing usability. Each entry highlights the project’s core properties—such as open source status, end-to-end encryption, and platform availability—so you can evaluate trade-offs quickly. Because product landscapes change fast, the list emphasizes ongoing maintenance and community discussion around quality and trust. It’s useful for privacy newcomers planning a gradual migration as well as experts building a hardened toolchain. The project also surfaces learning resources and practical guidance so you can understand the broader privacy landscape, not just pick tools in isolation. -
19
Flashbang
Project "Flashbang" - An open-source Flash-security helper
Flashbang is an open-source Flash-security helper tool designed to extract and display flashVars from a SWF that is “naked” (i.e. not wrapped in a bigger application) so that security testers can begin analysis (e.g. for XSS or other vectors) without decompiling the whole SWF. It is built atop Mozilla’s Shumway project. It works in modern browsers via HTML/JS, can also be run locally, and does not upload SWFs to servers (processing stays local). It is still considered alpha quality. Clone the repo using the --recursive flag, so that all necessary submodules are cloned as well. Ideally, clone it into an Apache web-root (or any other web server). Prepare the environment for Shumway to work properly. -
20
Infosec Reference
An Information Security Reference That Doesn't Suck
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, protocol deep dives, incident response playbooks, and threat actor profiles—all organized under accessible categories (network, web, host, cryptography, auditing). The repo is built as a living wiki of sorts: practitioners contribute updates, expand sections, or refine explanations as the threat landscape evolves. Because security spans many domains, Infosec Reference helps consolidate high-value, battle-tested knowledge into one place, reducing the need to scour scattered blogs or notes. It often contains links to external references, example commands, common workflows, and template policies or checklists. For newer security professionals or teams looking to build a shared reference, it serves as a catalog of contextually verified insights, a starting point for training, or a hub for standardized practices. -
21
Personal Security Checklist
A compiled checklist of 300+ tips for protecting digital security
Personal Security Checklist is a comprehensive, plain-language checklist for improving personal digital security and privacy across devices, accounts, and everyday workflows. It’s organized so that complete beginners can make quick, high-impact changes, while advanced users can dig into deeper hardening steps. The guidance spans topics like passwords, 2FA, device encryption, browser hygiene, network safety, backups, and incident response planning. Each section breaks recommendations into actionable, bite-sized items with brief explanations, helping you understand the “why” as well as the “how.” The repository is continuously refined by a large community, which keeps the content practical, vendor-neutral, and up to date with evolving threats and best practices. It also encourages threat modeling, matching the steps you take to the risks you actually face, so you can prioritize effectively without getting overwhelmed. -
22
JPassword Recovery Tool
Password recovery tool for compressed archives and md5, sha-1/2 hashes
This is a simple but sophisticated open source password recovery tool for M$ Windows, it can effectively 'crack' any password protected archive that can be decompressed by 7zip given enough time and resources. It can also bruteforce MD2, MD5, SHA-1 and SHA-2 hashes (SHA-256, SHA-384, SHA-512), CRC16, CRC32, CRC64 and Adler32 hashed passwords for both Windows, and Linux. It requires java 7u4 and above, and 7-zip v9.20 and up for archive recovery. Keeping these above applications up to date ensures peak performance. if you have any ideas, bugs, tips/improvements and/or suggestions please dont hesitate to contact me NB AS OF V1.07 PLEASE MAKE SURE 'resources' FOLDER IS IN THE SAME DIRECTORY AS THE JPasswordRecoveryTool.jar Known Bugs(v1.09): -although md2 was selceted by default for hash recovery if you did not slected another value and reselect md2 it would use md5 by default -
23
Crypto++ is a free C++ class library of cryptographic schemes originally written by Wei Dai. The library is now maintained by a community of volunteers. The Crypto++ website is located at https://cryptopp.com/, and the source code is located at https://github.com/weidai11/cryptopp. The repository was moved in response to developer requests for Git access. The SourceForge site will remain in "read only" mode for historical purposes. You should visit the Crypto++ website at https://cryptopp.com/ or GitHub at https://github.com/weidai11/cryptopp to view the latest news, download the latest source code, file bugs and request features. We thank SourceForge for hosting us through the years.
-
24
Magstripper is a magnetic card reader and decoder that takes raw waveform information from a magnetic audio head (soldered directly to a mono audio jack) and processes it via a mic input. It also includes a multi-user door lock access control system.
-
25
PortableSigner is a tool for digital signing (with X.509 certificates) of PDF files