Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x54DDD393, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html
RTOS for Secure Systems
Pharos is a Real-Time Operating System designed for Secure Systems with the following characteristics: -Security: With space partitions and enhanced time partitioning. Each partition protected with hardware MMU/MPU and operating in user mode. -Quality: Low cyclomatic, high comments, low nesting level, MISRA. -Mixed Criticality: Partition independence and isolation. Native support for sporadic, periodic and aperiodic threads under a fixed-priority preemptive scheduler, including execution time protection (threads are not allowed to run for more time than they are configured to). -Determinism: Hard real-time determinism, most calls areO(1) and very few cases are O(Log(N)) - they are well indentified in the user manual. Pharos takes ARINC and moves it one step further, improving responsiveness and isolation. Supports ARM R5, M4, 926EJ-S. We are a group of enthusiastic software developers that also implements client custom software. Contact: firstname.lastname@example.org
Quality of service module for Apache httpd
mod_qos is a quality of service module for the Apache Web Server. It implements control mechanisms that can provide different priority to different requests and controls server access based on available resources.
A Windows password cracker based on rainbow tables
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.
cross-platform, encryption application
encrypt is a multi-platform, file encryption application. Binary packages are currently provided for Arch, Debian, Fedora, MS Windows, Android and OS X. For further details, including the latest source code, visit https://albinoloverats.net/projects/encrypt
The CILogon project facilitates secure access to Cyberinfrastructure (CI) via the community-driven development and support of the MyProxy, GridShib, and GSI-OpenSSH software.
Automatically updates and applies certificate revocation lists
mod_sslcrl is a module for the Apache Web server implementing CRL (Certificate Revocation Lists) verification automatically downloading new CRL files from the corresponding CA.
OpenID relying party for Apache httpd
mod_auth_oid is an Apache module allowing user authentication using OpenID 2.0.
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
FW1-Loggrabber is a command-line tool to grab logfiles from Checkpoint FW-1 remotely using Checkpoints LEA (Log Export Api), which is one part of Checkpoints OPSEC API.
Innovative prototype of network applications such as TCP fuzzers that can be used for many purposes such as network and application security assessments and more. Adapt it freely to fit your needs or to simply understand how TCP works in .NET.
PKCS#11 logging proxy module
This project provides stable releases of pkcs11-logger project hosted on github. Please visit project website - https://github.com/Pkcs11Interop/pkcs11-logger - for more information.
The SecurityStalker(c) & IA Defender(c) projects are scalable, solutions to fighting internet abuse aimed at single user, SOHOs' and corporate network environments. Reacts to both external and internal threats. Extensive reporting. SpamPal aware.
MSLK provides the precompiled Win32 binaries of some excellent porject with a GPL or similar open source license. Here will keep updated.
This is a apache v2.0 authentication module. Based on html form authentication and cookie authentication session. Cookie session are stored in memcache deamon. Can be used has an simple "Single Signe-On" (SSO). All the code source and the bug tracking has migrated to github: https://github.com/ZenProjects/Apache-Authmemcookie-Module All the documentation are here: https://zenprojects.github.io/Apache-Authmemcookie-Module/
PPFN, it is also a tool to be hidden from any server log, these developers know what they have to do. Do you? If you download this ultimate package you will be able to enjoy the web knowing that you would be safe. So be safe, learn to surf right - PPFN
mod_auth_certificate is an authentication module for Apache Webserver 2.x. It adds the capability to forward usernames returned by mod_ssl to authorization providers like mod_authz_ldap.
A multi-platform tool to convert RSA private keys between SFM format (modulus, public exponent, private exponent) and CRT format, in both ways.
A Public Key Cryptographic system based on OpenSSL and MySQL.
REL (Research and Education Language) is a simple but very powerfull language with a compiler, an interpreter and a verifier.
This PAM module provides the ability for users to have encrypted directories which are mounted automatically on login and unmounted after logout. The Device Mapper's CRYPT target provides the encryption.
WhitewallManager is a whitelist manager. It aims to be a web based administration tool for administrators using a default-deny approach to the security of the network they are responsible for. Default-deny is a superior model for network security as compared to default-allow, which is how the security model of most local area networks is modeled. Default-deny disallows all but access granted to resources which you specifically allow. The advantage to this is that any new resources which turn out to be bad are blocked by default. Default allow disallows nothing and bad things are blocked as they are discovered. This means that you are exposed to any bad things which you don't know about. The reason most networks are modeled on default-allow is that default-deny is hard to manage. What WhitewallManager aims to accomplish is to make default-deny and whitelists manageable with a sensible and efficient work flow. Currently it's a nightmare to manage a default-deny network.
PMCMA - Post Memory Corruption Memory Analysis
Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The exact replicas of the process created in memory can then be intrumented while keeping the properties (eg: state of variables, ASLR, permissions...) of the original process. Pmcma is an easily extensible framework available under the Apache 2.0 license from http://www.pmcma.org/ . Those techniques are implemented in the form of a proof of concept tool available under the Apache 2.0 license at : http://www.pmcma.org/ . Also visit http://www.toucan-system.com/ for updates on the whitepaper.
Tsukuba-GAMA provides user and credential management, using the Grid Security Infrastructure (GSI) based on Public Key Infrastructure (PKI), X.509 certificate, proxy certificate, and the concept of Virtual Organization (VO).
mod_gnutls apache module
mod_gnutls uses the GnuTLS library to provide SSL 3.0, TLS 1.0, TLS 1.1 and 1.2 encryption for Apache HTTPD. It is similar to mod_ssl in purpose, but does not use OpenSSL.