Host based IPS system for Unix like operating systems
aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump, aireplay, aircrack, airdecap, and some tools to handle capture files (merge, convert, etc.).
deface-no-tnx is an anti-defacement system that monitors your Web files and notifies you about unallowed changes. It also replaces the defaced page with a standard "error" page,so that no offensive/joking content can be frauodolently added to your site
The sandbox libraries (libsandbox & pysandbox) are an open-source suite of software components for C/C++ and Python developers to create automated profiling tools and watchdog programs. The API's are designed for executing and instrumenting simple (single process) tasks, featuring policy-based behavioral auditing, resource quota, and statistics collecting. The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education. See project page at https://github.com/openjudge/sandbox for details.
Fingerprint Verification System; an easy to use library that allows programmers to integrate fingerprint technology into their software without specific know-how. Fast, easy to use, and small; great for embedded systems.
James Bond Log is a daemon log watcher similar to swatch or logcheck , it's completly written in C using PCRE Library and it provides the ability to be chrooted. It's actually at developing stage.
Nift - (Network Intrusion Footprinting Tool) is graphical front-end (written in gtk+) for footprinting tools and methods already freely avaliable. It's purpose is to aid sys-admins in securing their site by allowing them to quickly check their network
A stable and fast Linux/Unix toolset to aid in the security and ease of use of *Nix.
Free Agents DIDS is a distributed intrusion detection system that you place on each host on your network. Agents intercommunicate with aes encryption, automatically alert you, and secure your network for free!
A tight python crypto module implementing only the latest and greatest: Rijndael (AES) symmetric cipher in 128, 192 and 256 bits supporting password encryption, SHA 256 and several CSPRNG schemes in pure python.
Apache security module. Makes Apache configurable to work as diffrent user, group and diffrent chroot() environment for each VirtualServer and for ~user request. Designed mostly for ISP to make Apache secure.
microCODE is a PHP module that allows inclusion of encrypted PHP sourcecode instead of plain PHP scripts. Protect your intellectual property using standard encryption algorithms like DES or AES.
The WOLKs are stable and development kernels, containing many useful patches from many projects. Goal: Stability, Scalability, Performance and most important: Security.
The goal of the project is to build a framework to allow Astaro firewall users to install optional software packages on their firewalls. (Astaro is a Linux-based firewall available from www.astaro.com.) Such a framework includes a package-management syst
nf-HiPAC is a high performance packet filter for Linux. It provides the same rich feature set as iptables but uses an advanced algorithm to minimize the number of memory lookups per packet.
SIPES (Security Incident Pollicy Enforcement System) aims to provide an automated e-mail,XML and PKI based system for automated security policy enforcement based on statefull risk assesment and open exchange formats.
A ultrafast lightweight (no GUI) encryption/decryption software using the CryptoAPI on Windows platform, to secure just about anything - regular files and directories, consoles, communication resources(COM ports), Disk devices, pipes and sockets anythin
otfe - On The Fly Encryption virtual disk drive for windows GPL
ThreatMan is an IDMEF compliant threat manager application which makes use of a multi-tier architecture. It aims in event and vulnerability correlation from alerts sent by IDSs, firewalls and other IDMEF compliant applications.
Track all IP/TCP, IP/UDP, NetBeui, IPX/SPX connections and ARP/RARP traffic. Optionally save connections in MySQL database. Implement http server so you can view connections with web browser or GTK client. Can send fake ARP reply and kill TCP connection
OceanStore is an architecture for a global-scale file system which uses erasure coding, cryptography, and Byzantine agreement to provide available, highly durable storage in a peer-to-peer environment.
zssh (Zmodem SSH) is a program for interactively transferring files to/from a remote machine while using the secure shell (ssh). It is intended to be a convenient alternative to scp, avoiding the need to re-authenticate each time a file is transferred.
The IP Personality project is a patch to the Linux kernels that adds netfilter features: it enables the emulation of other OSes at the network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting.
*NOTE* Project moved to github.com/cgiwrap/cgiwrap More secure user access to cgi scripting. Runs scripts as the user who owns them. Initial inspiration for suexec. CGIwrap however is server independent.
DSFS (Distributed Secure File System) is a server-less, redundant, secure, infinite, non-revocable filesystem.