Tool kit for building highly secure special-purpose operating systems
The Genode OS Framework is a tool kit for building highly secure special-purpose operating systems. It scales from embedded systems with as little as 4 MB of memory to highly dynamic general-purpose workloads. Genode is based on a recursive system structure. Each program runs in a dedicated sandbox and gets granted only those access rights and resources that are needed for its specific purpose. Programs can create and manage sub-sandboxes out of their own resources, thereby forming hierarchies where policies can be applied at each level. The framework provides mechanisms to let programs communicate with each other and trade their resources, but only in strictly-defined manners. Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems.
Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering for email traffic (POP and SMTP), content filtering of Web traffic and a "hassle free" VPN solution (based on both OpenVPN and IPsec).
A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
GenerateAndDownloadHash is a servlet that generate checksums in BSD-style. Has been tested on Wildlfy 10.1/Tomcat 9/Tomcat 8. See src/config.properties for configuration. Source code available on Github: Server side: https://github.com/davidesestiliwork/MyWebProject2 Client side: https://github.com/davidesestiliwork/MyWebProjectClient Token generator: https://github.com/davidesestiliwork/TokenGenerator Note: This web app require GnuPG to work properly.
An encryption tool for creating file archives
CrococryptFile is a file encryption tool which creates encrypted archives of arbitrary files and folders. The encryption features of CrococryptFile can be compared to a ZIP utility that uses ZIP's AES encryption. However, there are significant differences. CrococryptFile... - encrypts all file and folder information including filenames, time/date and filesize information, - disguises any information of the archive's content, because all data and meta-data is simply integrated into a giant file dump. =Crypto Suites= For a full list of and details about supported crypto suites, please visit the CrococryptFile Homepage. Examples: - Password-based encryption (following PBKDF2) with AES-256, Twofish, Serpent, ... - Public key encryption using GPG/OpenPGP, Windows Keystore/CAPI with RSA/X.509 certificates - Cloaked (headerless) Password-based Encryption (AES-Twofish-256 cascaded) - ...
System/security auditing tool for hardening and securing Linux/Unix
=== Note: this project has been moved to GitHub === Lynis is a system and security auditing tool for Unix/Linux. It is used by security consultants, auditors and system administrators. This tool performs a security audit of the system and determines how well it is hardened. Any detected security issues will be provided in the form of a suggestion or warning at the end of the audit. Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits, by automation of control testing. Extended support for companies is available
Rootkit Hunter, security monitoring and analyzing tool for POSIX compliant systems.
Base64 encode (or decode) files of any type with this lightweight tool
bin64ed is a binary base64 encoder/decoder that allows you to encode/decode binary files (such as images, pdfs, etc) to and from base64.
openCryptoki is a PKCS#11 implementation for Linux. It includes drivers and libraries to enable IBM cryptographic hardware as well as a software token for testing. ==== This projects was migrated to GitHub. Visit https://github.com/opencryptoki/ ====
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
CMP [RFC4210] implementation based on OpenSSL
| | PLEASE NOTE: this project has MOVED to https://github.com/mpeylo/cmpossl | | An implementation of the Certificate Management Protocol (CMP) version 2, defined in RFC 4210, 4211, and 6712. This git branch of OpenSSL provides an RFC compliant implementation including a CMP client CLI.
Duply is a shell front end for the duplicity backup tool http://duplicity.nongnu.org/. It simplifies the usage by implementing backup job profiles, batch commands and more. Secure backup to non-trusted file spaces made easy.
A Password Generator, that saves the Password to a txt that will be created.
Safe Exam Browser is a webbrowser-environment to carry out online-exams safely. The software changes any computer into a secure workstation. It regulates the access to any utilities and prevents students from using unauthorised resources.
FIDO U2F integration for Magento 2
Userid/Passwords are guaranteed to be hacked - its only a matter of time. Secret-based authentication is sooooo 20th century. Protect your e-commerce site by integrating the newest strong-authentication protocol from the FIDO Alliance into your Magento 2 deployment. Using the code in this project as well as StrongAuth's open-source FIDO Certified U2F Server (https://sourceforge.net/projects/skce), you can integrate FIDO U2F strong-authentication to your site and mitigate the risk of fraudulent transactions while protecting your users and your site. You can learn a little more about Magento + FIDO at this Magento Community Forum thread: https://community.magento.com/t5/Magento-2-Feature-Requests-and/Enable-FIDO-Strong-Authentication/idi-p/79810 This code is a contribution based on work done with the NIST National Cybersecurity Center of Excellence Multi-Factor Authentication for e-Commerce project (https://nccoe.nist.gov/projects/use-cases/multifactor-authentication-ecommerce
Simplified Architecture for Distributed Systems
OODVS is a Java framework which goal is to increase the Java runtime support for Object Oriented Distributed Virtual Systems providing local access to distributed resources via proxies.
Risk Reduction Overview
The Risk Reduction Overview (RRO) method presents a comprehensible overview of the coherence of risks, measures and residual risks. The method is designed to support communication between different stakeholders in complex risk management. Despite the widely accepted need for risk management we believe this is the first practical method that delivers a comprehensive overview that improves communication between different stakeholders.
Xtables-addons is a package that obsoletes the old patch-o-matic repository for the Linux kernel and iptables. Instead of patching the kernel source, extensions are built as modules and thus allow extending kernels without recompilation.
Text encryption tool using Vigenère cipher
Cryptonik-Text is a useful, simple-to-use tool for encrypt/decrypt text docs, messages etc. Application uses a charset that can be typed from any keyboard (on-screen or hardware). Some national symbols are converted to 26 standard latin letters.
cross-platform, encryption application
encrypt is a multi-platform, file encryption application. Binary packages are currently provided for Arch, Debian, Fedora, MS Windows, Android and OS X. For further details, including the latest source code, visit https://albinoloverats.net/projects/encrypt
Integrity Measurement Architecture to know EXACTLY what has been run on your machine.
SCSI Tape Encryption Manager
SCSI Tape Encryption Manager - Manages encryption on LTO 4 and LTO 5 tape drives with hardware-based encryption. Program should work on any other SSP capable tape drives. Built specifically for Linux and AIX. Now supports key change auditing and key descriptors (uKAD). Check the Project News under the Develop section for more information. Project source code has moved to https://github.com/scsitape/stenc
GUI password prompt panel for the sudo or ssh commands.
A GUI popup panel that allows the ssh or sudo commands to prompt for a password. Requires mGSTEP on Linux/BSD or Mac OS X.
SSL VPN Client for Windows (OpenVPN).
SSL VPN Client for Windows (OpenVPN).
Handy password manager and generator
Gouq.gq Saveword saves all of your Passwords, so you are always able to look after them if you forgot one of them. Besides that, it gives you the ability to generate random passwords which are much safer than password made out of words. Sourcecode: https://github.com/GouqGq/Gouq.gq-Saveword Donate: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=G47UDT9NVW3EW