Open Source PHP Security Software for ChromeOS

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.

Laravel Passport is an OAuth2 server and API authentication package that is simple and enjoyable to use. Laravel Passport provides a full OAuth2 server implementation for your Laravel application in a matter of minutes. Passport is built on top of the League OAuth2 server that is maintained by Andy Millington and Simon Hamp. Before getting started, you may wish to determine if your application would be better served by Laravel Passport or Laravel Sanctum. If your application absolutely needs to support OAuth2, then you should use Laravel Passport. However, if you are attempting to authenticate a single-page application, or mobile application, or issue API tokens, you should use Laravel Sanctum. Laravel Sanctum does not support OAuth2; however, it provides a much simpler API authentication development experience.

This module provides attack surface reduction enhancements against the HTTP Flood Attacks at the web application level. Massive crawling/scanning tools, HTTP Flood tools can be detected and blocked by this module via htaccess, firewall or iptables, etc. (like mod_evasive) You can use this module by including "iosec.php" to any PHP file which wants to be protected. You can test module here: http://www.iosec.org/test.php (demo) Watch the Proof of Concept video: http://goo.gl/dSiAL Hakin9 IT Security Magazine Article about IOSEC http://goo.gl/aQM4Di (different format -> http://goo.gl/JKMUPN) IJNSA Article at http://goo.gl/LLxRdX WP Plugin Page http://goo.gl/nF5nD CHANGES v.1.8.2 - Iptables Auto Ban Bash Script Included - Token Access via Implicit Deny - Reverse Proxy Support - reCAPTCHA Support Do you want more features? Check for third party addons http://sf.net/projects/iosecaddons Gökhan Muharremoğlu

phpLDAPadmin is a web-based LDAP administration tool for managing your LDAP server. With it you can browse your LDAP tree, view LDAP schema, perform searches, create, delete, copy and edit LDAP entries. You can even copy entries between servers.

GPL PHP AntiVirus for webmasters. Scans your web server's file system for dangerous and malicious code in public HTML, PHP, CGI and text files, usually caused by defacement or security holes in shared hosting accounts.

multiOTP is a PHP class, a powerful command line utility and a web interface developed by SysCo systèmes de communication sa in order to provide a completely free and easy operating system independent server side implementation for strong two factors authentication solution. multiOTP supports hardware and software tokens with different One-Time Password algorithms like OATH/HOTP, OATH/TOTP and mOTP (Mobile-OTP). QRcode generation is also embedded in order to support provisioning of Google Authenticator software tokens. SMS code sending is currently implemented for several providers (ASPSMS, Clickatell and IntelliSMS). The data storage of the command line utility is by default flat files based in order to simplify deployment in a few minutes, but MySQL backend is supported too. multiOTP can be easily integrated in RADIUS servers like FreeRADIUS under Linux/Windows or TekRADIUS LT under Windows. multiOTP is also the engine of the credential provider multiOTP Credential Provider.

The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers

PasswordMaker - One Password To Rule Them All!

Warning: moved to https://github.com/nuxsmin/sysPass sysPass es un moderno sistema de gestión de claves basado en web para un entorno multiusuario de uso empresarial y personal. Claves encriptadas con una clave maestra, acceso basado en grupos y perfiles, subida de archivos, integración con LDAP/Active Directory, auditoría de eventos y más... Detalles de instalación y log de cambios en Wiki Wiki: http://wiki.syspass.org DEMO: http://demo.syspass.org ------------------------------------------------------------- sysPass is the a modern web based password manager to run in a multiuser environment for business and personal use Accounts passwords are encrypted with a unique master password, group/profile based access, file uploading, LDAP/Active Directory integration, auditing and more.... Installation instructions and changelog at Wiki Wiki: http://wiki.syspass.org DEMO: http://demo.syspass.org

Mod of the original Faucet-in-a-Box faucet PHP script (based on its revision 69). Includes pre-installed Anti-Bot Links 5.75, full support of user balances, countdown timer and some other improvements and cool features. ======================================== Minimum requirements: PHP 5.4.4+ (5.5 recommended) MySQL (5.6 recommended) ======================================== CHANGELOG { [F] - bugfixes, [+] - new features, [!] - known issues } Current release (version 7): [+]: CACert.pem updated to latest version. [+]: FaucetHub.php was replaced with native FaucetHub library! [+]: Faucet now has page "Currency rate", where you can see USD price of selected currency. [+]: Anti-Bot Links were updated to version 5.75 [F]: + various related fixes & small changes. [!]: Script has no support for FaucetHub's "last_status" code and "checkAddress()" fn (at least, now)

Hexjector is an Opensource,Cross Platform PHP script to automate Site Pentest for SQL Injection Vulnerabilties.

Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org

This tool can create XAdES (XML) signatures based upon ETSI TS 101 903 v1.3.2 standard. It also includes handling of ITU-T X.509 certificates and RFC 3161 timestamps.

The open-source security analytics. tirreno helps you to understand, monitor, and protect your platforms from cyber fraud, account threats, and abuse. Proactively defend against internal and external threats, ensure sovereignty through on-premises deployment, and secure your digital platforms.

ACID is a PHP-based analysis engine to search and process a database of security incidents generated by security-related software such as IDSes and firewalls (e.g. Snort, ipchains).

Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.

Cryptomak contains cipher and tools for encryption utility written in php such as substitution, vigenere, affine, transposition and index of coincidence. It is powered by Phrame platform which implements MVC design and Smarty template engine.

Lizard Cart CMS offers an easy way for people with limited HTML experience to manage the content and products of their websites.It uses PHP/MySql/Java Script comes complete with a WYSIWYG online editor.

Maci web shell is a single-file multi-purpose multi-platform script written using PHP. It will work (With some exceptions) in any system that uses Apache+PHP. You just need to copy the script to the web server working dir and the script will allow you to browse files remotely, run commands, upload content and watch the configuration. By the way. The default password is -easywebshell- The difference with most other webshells out there is that this one has been designed to be more simple and easy to use, with nice looking icons and thumbnails.

** Guys I have built a much more powerful Fully Featured CMS system at: https://github.com/MacdonaldRobinson/FlexDotnetCMS Macs CMS is a Flat File ( XML and SQLite ) based AJAX Content Management System. It focuses mainly on the Edit In Place editing concept. It comes with a built in blog with moderation support, user manager section, roles manager section, SEO / SEF URL

MsTasty is a free, PHP-based and modular IRC bot

"My session" is a class that stores session data in a database rather than files. This method in most secure than the default session system of PHP

A one-time password system that is simple and can be integrated with most current pages! We are sorry we have no website setup but we are having problems with shell access, we plan to have at least a demo up and running soon!

PDit is a PHP Auditing and Analyzing Tool, it will cover the most common and significant vulnerabilities that can be found in a php pages/scripts.

Sistema Integrado de Protección Venezolano con capacidades de Videovigilancia, Control de Acceso y Carnetización para el resguardo físico de instalaciones.