Open Source Python Security Software for Mac - Page 7

Konfidi is a trust framework that uses topical trust values from a social network of authenticated people. When you receive an email from someone you do not know, but he/she is in the network, Konfidi will compute an inferred trust value for you.

Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies. Furthermore, it comprises the ability to see some components of Kubernetes infrastructure and provides visualized attack paths of how hackers can advance their attacks.

A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk.

This is a steganogric program that uses images last bits to hide information ( files ). It can crypt data with a rotation and a xor key.

This is a program that watches your system log files, looking for hack attempts. It instanty reacts to potential security breaches by (for instance) adding firewall rules to cut off the attacker.

MINI is a secure service discovery protocol for the M2MI ad-hoc networking library and written in Java (and soon, Python).

MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely rewritten from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what better filters did, only better), allowing users to modify any type of traffic or protocol. The configuration file can be edited on-the-fly while MITMf is running, the changes will be passed down through the framework.

There are many password management applications out there, but they all lack a password generator which can create passwords a human can remember easily. PassGen fills this gap with a wide variety of possible password it can create. Among passwords consisting of random letters, numbers and punctuations it can also generate mnemonic passwords consisting of words, numbers and punctuations. These kind of password are also hard to guess, but much more easy to remember for a human brain.

Merovingian is very easy to use but powerful GUI interface for GnuPG. It intends to be well integrated with GNOME, but still usable with other desktop environments too.

This repository contains the standalone desktop application from the Midbar project. The app operates entirely offline and does not require an internet connection. GitHub repository: https://github.com/Northstrix/Midbar-Desktop-App

Midbar Firebase Edition - is the edition of Midbar that stores the encrypted data in the cloud while keeping the cryptographic keys on the device! It comes with the firmware for the hardware IoT data vault and the desktop app that's synced with the vault via the Google Firebase. A vault and an app can be used without one another. The GitHub repository is available at github.com/Northstrix/Midbar-Firebase-Edition Tutorial for V1 https://www.instructables.com/DIY-IoT-Data-Vault-With-Google-Firebase/ Tutorial for V2 https://medium.com/@Northstrix/syncing-mcu-password-vault-with-desktop-app-using-google-firebase-28963e060444 Tutorial for V3 https://www.instructables.com/DIY-Advanced-IoT-Password-Vault-Synced-With-Deskto/ GitHub Repository: https://github.com/Northstrix/Midbar-Firebase-Edition

Modbus traffic generator is a tool written in Python, and uses Scapy libraries to evaluate the effectiveness of SCADA security solutions. The tool generates Modbus/TCP packets, where the characteristics of these packets are extracted from Snort NIDS Modbus rules. The generated packets trigger related alerts in Snort NIDS. It is useful to anybody interested in evaluating and testing their SCADA security solution or other people solutions. Requirements: * Python 2.x or higher * Scapy * Snort NIDS (within the network)

With multilogger you may log keys, sound, webcam and the screen!

The Netbios Share Samba Scanner scan C classes and reveal all open shares. It will tell you all the information and even show the content of the shares. It will also show you shares that are not accessible.Also provide a username and password to it. To know more about SecPoint IT security solutions visit us at www.secpoint.com

Nuhe Client is a project related to the Nuhe Action Capable Log Monitor. This GUI client simplifies the administration of sensors and node managers, making it easier to control and monitor the network. Comes with a rule editor as well as a log monitor.

A generic, spec-compliant, thorough implementation of the OAuth request-signing logic for Python 3.8+. OAuthLib is a framework which implements the logic of OAuth1 or OAuth2 without assuming a specific HTTP request object or web framework. Use it to graft OAuth client support onto your favorite HTTP library, or provide support onto your favourite web framework. If you're a maintainer of such a library, write a thin veneer on top of OAuthLib and get OAuth support for very little effort.

OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives).

Download code, Learn code, Share code. The Ongoing Object-oriented Perl Project. scripts, tutorials, modules, case studies, anything OOPerl --not excluding contributions of OO discipline in other programming languages.

OpenSEED is open source implementation for SEED, the 128-bit Symmetric Block Cipher which is used widely among Korean Financial & Banking Companies. OpenSEED will implement TLS over SEED, also.

OpenSQLi-NG is the next generation open source sql injection tool. It silently test and exploit (on-demand) SQL injections conditions. Please refer to the project web site to have the complete description: http://opensqling.sourceforge.net/?page_id=8

OpenSessame is a personnel entry control and time tracking management system. Platform independent, multi-node, client-server system, written in Python, with wxPython/wxWidgets client, a web management gui and PostgreSQL database backend.

An ARP watch daemon for windows (portable to linux but it is already there...) which is able to be run as a service and logs to eventlog so one can collect the logs and react to events.

Python Advanced Wordlist Generator is an easy to use software to create profiled wordlists and make various operations on an existing wordlist. This software is part of the "Kalkulator's Knights" project.

PGP Individual UID Signer makes signing all the UIDs on all of the keys at a PGP Keysigning party much simpler. It prompts for verification fingerprints, and then signs each UID on each key separately and PGP/Mime encrypt-emails them to their recipient. NOTE: Developement now happens at GitHub: http://github.com/jaymzh/pius

PyKCS11: a complete PKCS#11 wrapper for Python, created using the SWIG compiler. API documentation: http://pkcs11wrap.sourceforge.net/api/