Open Source Security Software - Page 13
Sort By:
Security Software
View 5017 business solutions-
Out-of-the-box scripts. Around-the-clock monitoring. Unmatched automation capabilities. Start doing more with less and exceed service delivery expectations.
-
Innago is a free and easy-to-use property management solution. Whether you have 1 unit or 1000, student housing, or commercial properties, Innago is built for you. Our software is designed to save you time and money, so you can spend more time doing the things that matter most.
-
1
This project provides a simple Java-based steganography tool that can hide a message inside a 24-bit colour image so that knowing how it was embedded, or performing statistical analysis, does not make it any easier to find the concealed information.
-
2
The database access library for C++ programmers that provides the illusion of embedding SQL in regular C++ code, staying entirely within the C++ standard.
-
3
Lock Windows workstation upon disconnection of bluetooth device. The program is able to run user specified commands on device connection and disconnection. Requires .NET 3.5
-
4
iDecryptIt
iOS firmware tools
Project has been moved to GitHub: https://github.com/colejohnson66/iDecryptIt iDecryptIt is a tool to decrypt the root filesystem of an IPSW. -
BrightGauge, a ConnectWise solution, was started in 2011 to fill a missing need in the small-to-medium IT Services industry: a better way to manage data and provide the value of work to clients. BrightGauge Software allows you to display all of your important business metrics in one place through the use of gauges, dashboards, and client reports. Used by more than 1,800 companies worldwide, BrightGauge integrates with popular business solutions on the market, like ConnectWise, Continuum, Webroot, QuickBooks, Datto, IT Glue, Zendesk, Harvest, Smileback, and so many more. Dig deeper into your data by adding, subtracting, multiplying, and dividing one metric against another. BrightGauge automatically computes these formulas for you. Want to show your prospects how quick you are to respond to tickets? Show off your data with embeddable gauges on public sites.
-
5
This is mainly just an interface tweak. Added function of mac address changer. If you have problems getting the mac changer to work, try using a mac address that starts with something other than "00" in the first octet. If you are intersted in learning about network security please check out my Juniper Networks training course at: http://academy.gns3.com/courses/juniper-jncia-intro-to-junos
-
6
TinyPaw-Linux
Passive & Aggressive WiFi attack distro
Linux WiFi pentesting distribution built off Tiny Core Linux and inspired by the Xiaopan OS project. Lightweight with some new tools and updates to tools that have stood the test of time. Official forum redirected to: http://tinypawlinux.rf.gd *If experiencing waitforx issues on physical hardware please try installing TinyPaw in a virtual environment for best compatibility. Some test systems with certain cards fail on X regardless of video drivers - potential kernel or jwm bug* Ideal for: -Wireless network auditing -KVM / VBox / virtual environments -Minimal system footprint and resource consumption -Intermediate - Advanced skill range *Not intended for use on or against any wireless device, network or system other then your own. The creator of TinyPaw-Linux does not advocate illegal activity* -
7
Tray TOTP Plugin for KeePass2
Plugin adding TOTP to KeePass2 tray menu, entry list and auto-type.
Time based One Time Password Plugin to enable 2 step authentification (supports Google and Dropbox) by generating TOTPs from the KeePass tray icon. This plugin also provides a custom column to display and/or generate TOTP's. Auto-Type is also supported when the specified custom field is used in a keystroke sequence. This plugin requires KeePass 2.21 as it uses features that are not available in earlier versions. -
8
A client-server multithreaded application for bruteforce cracking passwords. The more clients connected, the faster the cracking. Plugin-based. Supports only RAR passwords at the moment and only with encrypted filenames.
-
9
NOTE PROJECT MIGRATED TO GITHUB - https://github.com/samrocketman/ekeyfinder is a Magical Jelly Bean Keyfinder fork. It is a utility that retrieves the product key used to install Windows from your registry or from an unbootable Windows installation. It works on Windows 9X, ME, NT/2K/XP, and Vista/Win7 and for other software.
-
Manage your enterprise’s compensation lifecycle and accurately recognize top performers with a digitized, integrated system. Keep employees invested and your HR team in control while preventing compensation chaos.
-
10
LOIC-0
A NETWORK STRESS TOOL BASED ON PRAETOX LOIC
Low Orbit Ion Cannon - 0 (LOIC-0) The original Low Orbit Ion Cannon with interface improvements. ALSO NOTED VERSION 1.0 OF LOIC-0 IS VERSION 1.2 OF LOIC AND SO ON. DISCLAIMER: USE ON YOUR OWN RISK. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER OR CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES THIS TOOL IS RELEASED WITH NO WARRANTY AT ALL. TAGS: LOIC,Low Orbit Ion Cannon, network, stress test, security software, network tool, Windows,Linux, LOWC, Low Orbit Web Cannon, network, stress testing, load testing, server load testing, server testing. -
11
Sn3rpOs_v7.21: CoNt4g1N
TinFoilSec Presents: Sn3rpOs_v7.21 (CoNt4g1N)
*Updated 11/05/2021 TinfoilSec Presents: Sn3rpOs [Codename: CoNt4g1N] Features: Xfce4 Desktop Kali Linux Full System Torified with Privoxy & Tor bleachbit Wire Signal Veracrypt All repos transported through Privoxy&Tor dnscrypt-proxy (no-logs) Tor Browser Custom Tor Switcher and Pyloris Firefox-esr (configured with tor) Thunderbird ProtonVPN (Free VPN no-logs) Sn1per Vault Scanner RED_HAWK Fork of Kali Rolling, Debian Stretch/Buster -No Back Doors- Now with UEFI boot support and of course bacon. XD login: tfs passwd: toor As Always RTFM! (README file) -
12
Atlantis iOS
A lightweight and powerful iOS framework for intercepting HTTP/HTTPS
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. Narrow down your search with Proxyman's Multiple Filters. You can combine complex filtered criteria like Protocol, Content-Type, URL, Request Header, Response Header, Body, etc that find exact what you're looking for. -
13
Boulder
An ACME-based certificate authority, written in Go
This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains. Boulder is the software that runs Let's Encrypt. This component model lets us separate the function of the CA by security context. The Web Front End, Validation Authority, OCSP Responder and Publisher need access to the Internet, which puts them at greater risk of compromise. The Registration Authority can live without Internet connectivity, but still needs to talk to the Web Front End and Validation Authority. The Certificate Authority need only receive instructions from the Registration Authority. All components talk to the SA for storage. Internally, the logic of the system is based around five types of objects: accounts, authorizations, challenges, orders (for ACME v2) and certificates. -
14
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. In testing, this has dramatically improved speed for large code bases, around 35% reduction in overall scan time. Brakeman will now track and return very simple literal values (e.g. strings, hashes of literals, arrays of literals) from very simple class methods (e.g. single line). Since ActiveRecord enums essentially generate some class (and instance) methods that return fixed literal values, the above class method return values is also used to support enum. -
15
Central Authentication Service (CAS)
Identity & Single Sign On for all earthlings and beyond
Welcome to the home of the Apereo Central Authentication Service project, more commonly referred to as CAS. CAS is an enterprise multilingual single sign-on solution and identity provider for the web and attempts to be a comprehensive platform for your authentication and authorization needs. CAS is an open and well-documented authentication protocol. The primary implementation of the protocol is an open-source Java server component by the same name hosted here, with support for a plethora of additional authentication protocols and features. Monitor and track application and system behavior, statistics and metrics in real-time. Manage and review audits and logs centrally, and publish data to a variety of downstream systems. Manage and register client applications and services with specific authentication policies. Cross-platform client support (Java, .NET, PHP, Perl, Apache, etc). -
16
CrowdSec
Firewall able to analyze visitor behavior & provide adapted response
CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network. Crowdsec shouldn't, and didn't crash any production so far we know, but some features might be missing or undergo evolutions. IP Blocklists are limited to very-safe-to-ban IPs only (~5% of the global database so far, will grow soon). A modern behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors. -
17
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is important to run the exploit to simulate a real-world attack that will be used to determine corporate resilience across the network. When running an exploit, it will practice the organization's cyber event management, which doesn't happen when scanning for cluster issues. It can help the organization learn how to operate when real attacks happen, see if its other detection system works as expected and what changes should be made. -
18
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE. -
19
Proxyman
Web Debugging Proxy for macOS, iOS, and Android
Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, built with meticulous attention to detail. Comprehensive Guideline to set up with iOS simulator and iOS and Android devices. Proxyman acts as a man-in-the-middle server that capture the traffic between your applications and SSL Web Server. With built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. Narrow down your search with Proxyman's Multiple Filters. You can combine complex filtered criteria like Protocol, Content-Type, URL, Request Header, Response Header, Body, etc that find exact what you're looking for. -
20
Rundeck
Enable self-service operations, give specific users access
Rundeck is an open-source automation service with a web console, command line tools and a WebAPI. It lets you easily run automation tasks across a set of nodes. There are several top-level targets for a full Rundeck build, but there are also ways to only build the lower-level components during development or testing. Rundeck is the leading runbook automation platform. Delegate self-service automation to operate faster and eliminate toil. Rundeck is the open source core of Rundeck products. It's great for small teams and getting started with runbook automation. Interact with fellow Community members, ask product questions, make feature requests, and get swag! -
21
Zeek
Zeek is a powerful network analysis framework
Zeek has a long history in the open source and digital security worlds. Vern Paxson began developing the project in the 1990s under the name “Bro” as a means to understand what was happening on his university and national laboratory networks. Vern and the project’s leadership team renamed Bro to Zeek in late 2018 to celebrate its expansion and continued development. Zeek is not an active security device, like a firewall or intrusion prevention system. Rather, Zeek sits on a “sensor,” a hardware, software, virtual, or cloud platform that quietly and unobtrusively observes network traffic. Zeek interprets what it sees and creates compact, high-fidelity transaction logs, file content, and fully customized output, suitable for manual review on disk or in a more analyst-friendly tool like a security and information event management (SIEM) system. -
22
kubelogin
kubectl plugin for Kubernetes OpenID Connect authentication
Kubelogin is designed to run as a client-go credential plugin. When you run kubectl, kubelogin opens the browser and you can log in to the provider. Then kubelogin gets a token from the provider and kubectl accesses Kubernetes APIs with the token. If you install via GitHub releases, you need to put the kubelogin binary on your path under the name kubectl-oidc_login so that the kubectl plugin mechanism can find it when you invoke kubectl oidc-login. The other install methods do this for you. If the cached ID token is valid, kubelogin just returns it. If the cached ID token has expired, kubelogin will refresh the token using the refresh token. If the refresh token has expired, kubelogin will perform re-authentication (you will have to login via browser again). -
23
passcore
A self-service password management tool for Active Directory
PassCore is a very simple 1-page web application written in C#, using ASP.NET Core, Material UI (React Components), and Microsoft Directory Services (Default provider). It allows users to change their Active Directory/LDAP password on their own, provided the user is not disabled. PassCore does not require any configuration, as it obtains the principal context from the current domain. I wrote this because a number of people have requested several features that the original version did not have. The original version of this tool was downloaded around 8000 times in 2.5 years. My hope is that the new version continues to be just as popular. There really is no free alternative out there (that I know of) so hopefully, this saves someone else some time and money. We recommend use the docker image and redirect the traffic to nginx. -
24
phpseclib
PHP secure communications library
phpseclib is designed to be ultra-portable. The 3.0 version works on PHP 5.6+ and doesn't require any extensions. For purposes of speed, OpenSSL, GMP, libsodium or mcrypt are used, if they're available, but they are not required. phpseclib is designed to be fully interoperable with standardized cryptography libraries and protocols. MIT-licensed pure-PHP implementations of SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA / ECDH (with support for 66 curves), RSA (PKCS#1 v2.2 compliant), DSA / DH, DES / 3DES / RC4 / Rijndael / AES / Blowfish / Twofish / Salsa20 / ChaCha20, GCM / Poly1305. The only requirement that phpseclib 3.0 has is that you must be using PHP 5.6+. Using phpseclib2_compat will actually bring a few enhancements to your dependency. -
25
ExtPassword!
Recover passwords stored on external drive
ExtPassword! is tool for Windows that allows you to recover passwords stored on external drive plugged to your computer. ExtPassword! can decrypt and extract multiple types of passwords and essential information, including passwords of common Web browsers, passwords of common email software, dialup/VPN passwords, wireless network keys, Windows network credentials, Windows product key, Windows security questions. This tool might be useful if you have a disk with Windows operating system that cannot boot anymore, but most files on this hard drive are still accessible and you need to extract your passwords from it.