Open Source Java Security Software - Page 3

An easy to implement CAPTCHA framework to generate image and audio challenges, for Java 1.5 and Java 6.

User-friendly and proficient Java program to keep passwords in encrypted databases. High security standard and data safety measures. Storage of huge text documents and sets of images feasible. File format relies on "Password Safe" V3 files (Twofish-CBC). Compact cross-platform program with PORTABLE modus, ideal for USB sticks, Linux, Mac, etc. Requires Java JRE 1.8 or higher The Password Safe database library is available at project PWSLIB3. For license/usage questions visit the Wiki pages!

jSQL project has moved to https://github.com/ron190/jsql-injection jSQL Injection is a lightweight application used to find database information from a distant server. It is free, open source and cross-platform (Windows, Linux, Mac OS X). Kali Linux logo jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in distributions like Pentest Box, Parrot Security OS, ArchStrike or BlackArch Linux.

CrococryptFile is a file encryption tool which creates encrypted archives of files and folders. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile... - encrypts all file and folder information including filenames, time/date and filesize information, - disguises any information of the archive's content, because all data and meta-data is simply integrated into a giant file dump. =Crypto Suites= For a full list of and details about supported crypto suites, please visit the CrococryptFile Homepage. Examples: - Password-based encryption (following PBKDF2) with AES-256, Twofish, Serpent, ... - Public key encryption using GPG/OpenPGP, Windows Keystore/CAPI with RSA/X.509 certificates - Cloaked (headerless) Password-based Encryption (AES-Twofish-256 cascaded) - ...

UPDATE 2024: Get a new version here: https://github.com/ivoras/EncryptedNotepad2 "Encrypted Notepad" does only one thing, but aims to do it perfectly - a Notepad-like simple text editor where files are saved (and later loaded) encrypted with industrial strength algorithms. Available both for the desktop (as a Java application) and on Android. Unencrypted data is never stored on-disk. Source is released (on SourceForge) under the BSD license.

iAlertU is an alarm system for your Apple MacBook that uses the built in motion detection to trigger the alarm and the iSight to capture the image of the thief. Among many other features, it incorporates the ability for users with iPhone, iPad, or iPod Touch to connect to and control iAlertU remotely.

The mendelson OFTP2 is a JAVA-based open source OFTP2 solution. It contains a logging- and configuration GUI (SWING) and supports encryption, digital signatures, message compression, SSL, certificate exchange, message routing, mail notification

Atricore’s JOSSO is an open source and commercially supported Internet Single Sign-On (FSSO) solution for point-and-click and standards-based (SAML2) Internet-scale SSO implementations. For more information contact us at : http://www.josso.org

Cracx allows you to crack archive passwords of any encryption using 7-zip, WinRAR or a custom command, via Brute Force or Dictionary attack. Note: You must NOT use this program with files you don't have the rights to extract/open/use them! Currently, the program requires a current version of either 7-zip or WinRAR to be installed, but you can also use it to bruteforce basically anything that is executably via command-line with custom parameters. On an i7 CPU, it runs approximately 30 combination tests per second. Feel free to make suggestions or contribute by implementing features and translating the tool into your native language!

Welcome to the home of the Apereo Central Authentication Service project, more commonly referred to as CAS. CAS is an enterprise multilingual single sign-on solution and identity provider for the web and attempts to be a comprehensive platform for your authentication and authorization needs. CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name hosted here, with support for a plethora of additional authentication protocols and features. Monitor and track application and system behavior, statistics and metrics in real-time. Manage and review audits and logs centrally, and publish data to a variety of downstream systems. Manage and register client applications and services with specific authentication policies. Cross-platform client support (Java, .NET, PHP, Perl, Apache, etc).

Fingerprint Pro Server API provides a way for validating visitors’ data issued by Fingerprint Pro.

Java sec code is a very powerful and friendly project for learning Java vulnerability code. This project can also be called Java vulnerability code. Each vulnerability type code has a security vulnerability by default unless there is no vulnerability. The relevant fix code is in the comments or code. Specifically, you can view each vulnerability code and comments. Due to the server expiration, the online demo site had to go offline. The application will use mybatis auto-injection. Please run mysql server ahead of time and configure the mysql server database's name and username/password except docker environment.

The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE.

This is Vulnerable Web Application developed for course by Cyber Security and Privacy Foundation (www.cysecurity.org) for Java programmers The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ WAR file: ---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM file: -------------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download Credentials for the VM: ------------------------ Username: root Password: cspf Stand-alone file: (Run the Jar file directly) -------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.2/JavaVulnerableLab.jar/download

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.

Port of the Password Safe application to Android

A Universal Package Format (AppImage) for Burp Suite Community Edition with Java (openjdk-18) wrapped in a single file. It can be easily executed by a single click!

Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners, Encode/Decode & Hashing tools, Vulnerability Research Lab, Forensics Lab, plus the must-have utilities (Shell, SSH, DNS/WHOIS Lookup, Traceroute, Port Scanner, Spam DB Lookup, Netstat... etc). All these fitting in an application approx. 10MB (post installation).

JPAM is a Java PAM bridge. PAM, or Pluggable Authentication Modules, is a standard security architecture used Unix, Linux and Mac OS X systems. JPAM permists the use of PAM authentication services to Java applications running on those platforms.

The project provides functionality to interface the SmartCardIO Java SDK library to Global Platform compliant smart cards, similar to globalplatform.sf.net. The difference is pure Java implementation and easy plug in to your SmartCardIO applications. This project is now more or less subsumed by Martin Paljak's continuation of the project at https://github.com/martinpaljak/GlobalPlatformPro.

This is a Hash Calculating tool that calculates MD2,MD5,SHA-1,SHA-256,SHA-384,SHA-512 hash of text or a file. This has GUI developed in java swings.All it needs is sun jre installed.

JHide is simple steganography tool aimed to demonstrate basic steganography techniques.

Windows Port Knocking. A Windows implementation of port knocking developed to work alongside an existing firewall (the free CHX-I Packet Filter v3.0).

Orizon is a framework intended to provide tools and facilities to test java sources for security flaws. The main goal is to detect common threats as described in Owasp top 10 vulnerability document.

The wolfSSL embedded SSL library (formerly CyaSSL) is a lightweight, portable, C-language-based SSL/TLS library targeted at IoT, embedded, and RTOS environments primarily because of its size, speed, and feature set. It works seamlessly in desktop, enterprise, and cloud environments as well. wolfSSL supports industry standards up to the current TLS 1.2 and DTLS 1.2, is up to 20 times smaller than OpenSSL, offers a simple API, an OpenSSL compatibility layer, OCSP and CRL support, is backed by the robust wolfCrypt cryptography library, and much more. wolfSSL relies on the FIPS 140-2 validated wolfCrypt library for all cryptographic functionality. Visit http://wolfssl.com/wolfSSL/fips.html for more info!