Open Source PHP Security Software for Windows - Page 12

A more modern wiki focusing on open technologies like SOAP and XML, and upon a more focused form of wiki software that incorporates the elements of traditional content creation, such as from journals, books or periodicals.

A complex log parser that allows for the scripting of actions, updating databases, on-the-fly configuration and much more. Aggregate logs from disparate systems (i.e. Apache, IPS/IDS and various sensors) and take action on events through external scripts

ProxyDetector is a free & OpenSource Proxy detector using PHP4 or PHP5. Can be used on Linux (Unix, etc) and also on Win. He also can know if an user using the TOR network.

the PPHPLIB allows users to easy create standard web pages which are using a DB as a backend. In addition the library provides other functionallity, like classes for authentication and authorization, abstraction of DB layers and many more.

This is a free PHP login script that allows users to log in and sign up for pages on your website. You can have unlimited members, page, groups and permission masks. The administration panel and group panel use AJAX for fast functionality.

RC4Crypt is a petite library that allows you to use RC4 encryption easily in PHP. It's OO and can produce outputs in binary and hex.

Rapid Evidence Acquisition Project for Event Reconstruction (REAPER) - Open Source forensic environment for the complete automation of the digital investigation process. At its core is Debian Live and the Open Computer Forensics Architecture (OCFA).

NIDS written in PHP. A unified security package that allows for administration of: snort, firewalls, attackers, hosts, bandwidth, proxies. NIDS Frontend written in PHP.

An RSA library written in all languages allowing you to easily implement RSA in your software

RageFrame was created on April 16, 2016, a rapid development engine based on the Yii2 advanced framework, which is currently growing, the purpose is to integrate more basic functions, and no longer repeat the manufacture of wheels for the same basic functions, out of the box, making development easier. On September 10, 2018, version 2.0 was officially launched. After more than a year of open source feedback on version 1.0, it appeared in a better form. The 1.0 version has been refactored, optimized and perfected, and it is better for developers to carry out secondary development. Version 2.3.x optimizes the bottom layer, highlights the service layer, separates business logic, and supports multiple merchants. Strong extensibility, application, modularization, and agile development of plug-in mechanism.

Provides a simple site protection for static sites, using PHP and mod_rewrite.

For certain types you can't make comparisons out of the box in PHP but Validation brings support to a few of them. You can also create and use your own rules. To do this, you will need to create a rule and an exception to go with the rule. Each rule must have an Exception to go with it. Exceptions should be named with the name of the rule followed by the word Exception. The process of creating an Exception is similar to creating a rule but there are no methods in the Exception class. On oldest versions of Respect\Validation all validators treat input as optional and accept an empty string input as valid. Even though a useful feature that caused a lot of troubles for our team and neither was an obvious behavior. Also there was some people who likes to accept null as optional value, not only an empty string.

Security Configuration Assistant for Apache, MySQL and PHP (SCAAMP) is a security configuration vulnerability auditing and fixing tool for Apache HTTP Server, PHP Interpreter and MySQL Database Server.

SES brings back the uncrackable onetime pad, with a digital twist. It is well known that a random key of message-length is the only provably unbreakable cipher. SES uses cryptographic strength pseudo-random keys of message-length for its many encipherments, in addition to offering true one-time pad capability for the intrepid. SES is built on ISAAC, Bob Jenkins' unbroken CSPRNG, a fast and simple stream cipher placed in the Public Domain in 1996. SES now gives you the ability to efficiently cipher text of arbitrary length or files of any size or type. Use it with confidence. To achieve complete one-on-one privacy, SES traverses several levels en route to its output. The more words in your key-phrase, the more layers of encipherment SES applies. It is part Vigenere, part onetime pad, part cryptographic hash, not to mention the essential scrambler element, each component driven by ISAAC, with all key-derivation and stretching relying on Keccak in 512-bit configuration.

SIDSC (Snort IDS Console) is a browser-based console for viewing and managing Snort IDS alerts.

SIGOF (Security Information Graphics Oriented Forensic) aims at synthetizing security log, stored in a acid/base database schema, in order to provide a graphical / visual oriented security forensic and statistical analysis.

SIGVI is a vulnerability manager for enterprise environments. Uses vulnerability sources like NVD, auto-updates its repository and looks for vulnerable products installed on your servers, creating alerts and notifying their administrators.

Sudo inventory web-tool (SIWT) is a web interface to view and administer information related to /etc/sudoers files on multiple servers. The database contains data on servers, users, aliases, dates, etc. This tool is helpful for internal audits.

SMSec is a free , open source, GPLed implementation of two-factor authentication via SMS (Short Message Service). It uses SMSD to "talk" to GSM modems, provides a flexible XMLRPC web-service for web-developers integrate SMSec into their web-apps.

SQueRT - A Simple QUEry and Report Tool. SQueRT was created to make the data from Sguil more accessible for people that do not require the real-time event handling and analytical aspects of the TCL/TK Sguil client.

SSH Access Manager is a comprehensive access security management platform that permits IT professionals to easily establish and maintain an enterprise-wide SSH access security solution from a central location. It enables a team of system administrators to centrally manage and deploy ssh keys. This app is intended to be used in rather large environnements where access to unix accounts are handled with ssh keys. SSH Access Manager allows you to maintain user public keys. You can organise these keys with group of keys called keyring. Then SSH Access Manager will deploy the keys and/or keyrings to specified unix accounts / groups / servers. User can be read from a LDAP directory.

PHP security system that protect your web applications adding on your source ONLY ONE LINE OF CODE! Administrators can manage policies, authentication and authorisation for as many users and groups, all through a single and intuitive Ajax based interface

SYPPS - small yet powerful php shell is another PHP shell for pentesting

This is a simple web tool which allows users of a website to "securely" submit messages and files. They are sent over HTTPS to the server and there encrypted and forwarded to the administrator.

We have migrated development of Sagacity to GitHub at https://github.com/cyberperspectives/sagacity Sagacity is a vulnerability assessment and STIG compliance data management tool designed to make security testing more efficient, effective and complete. Security assessments, especially those done for DoD and Federal organizations, produce tremendous amounts of scan and compliance data that security engineers must sort through and deconflict, identify untested requirements, and somehow analyze to communicate risk to their employers. Sagacity, originally written to support a government customer, was designed to fill that need. What if an organization could turn massive amounts of irreconcilable vulnerability scan data into true knowledge and insight about their networks? They would be able to make wise decisions resulting in cost-effective actions to improve their security with the best return on investment. Keen insight. Sound judgment. Wise decisions. Sagacity.