A Windows password cracker based on rainbow tables
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.
BeeCrypt is an ongoing project to provide a strong and fast cryptography toolkit. Includes entropy sources, random generators, block ciphers, hash functions, message authentication codes, multiprecision integer routines, and public key primitives.
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Store all your passwords in one secure encrypted database.
Universal Password Manager allows you to store all your passwords in one highly secure encrypted database. Its strengths are simplicity, portability and security (uses 128bit AES encryption). UPM is available on Android, Windows, OS X & Linux.
Open Source Penetration Testing / Ethical Hacking Framework
HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xss(cross site scripting), Sql injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. Even useful to anybody interested in information security domain - students, Security Professionals,web developers, manual vulnerability assessments and much more.
a free cross platform checksum utility, supports 58+ hash algorithms
Jacksum is a platform independent checksum utility (written entirely in Java) for computing and verifying (integrity check) checksums, CRC and hashes (fingerprints). It supports 58 popular hash algorithms and a lot of unique features.
This project is devoted to provide a simple software layer for digital signature, when an hardware cryptographic token is required. The default implementation tries to comply as strictly as possible with the italian law digital signature directives.
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers
Steganography and steganalysis software
VSL is free image steganography and steganalysis software in form of graphical block diagramming tool. It allows complex using, testing and adjusting different steganographic techniques and provides simple GUI along with modular, plug-in architecture
The SignServer is an application for server side signatures called by other systems. It is flexible and can be customized to specific needs. The SignServer have a ready to use TimeStamp server and signers for PDF, XML, ODF, OOXML and MRTD (ePassport DS).
Open source DRM for MPEG-4 and MPEG-2 adhering to ISO/MPEG IPMP open standards (MPEG IPMP Hooks and IPMP-X), ISMAcryp and OMA DRM 2 specs. Includes CA, PKI, DOI mgmt, ISMA streaming, license server, encoding/encryption, player, plugin architecture, etc
cross-platform, encryption application
encrypt is a multi-platform, file encryption application. Binary packages are currently provided for Arch, Debian, Fedora, MS Windows, Android and OS X. For further details, including the latest source code, visit https://albinoloverats.net/projects/encrypt
SSL-Explorer is a fully-featured, web-based SSL VPN server. This project is no longer actively maintained as the SSL-Explorer technology has now been acquired by Barracuda Networks, Inc.
Web AND Mobile (Apple iPhone) based, multi user, java port of the KeePass project. A free, easy to use password manager which helps you to manage your passwords in a secure way. Focused on deep encryption and ease of use.
Open Source Web Single Sign-On
An open source project originally designed to provide the University of Michigan with a secure single sign-on web authentication system. Cosign is part of the National Science Foundation Middleware Initiative (NMI) EDIT software release.
The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.
It's a tool for testing HTTP servers and Web applications. It supports HTTP/HTTPS protocols, GET,POST and HEAD methods, HTTP proxies, refferes and cookies. It's like HTTP Debugger in network tool AccessDiver or HAS.
Barada (Barada Aint Respecting Any Deceptive Adversaries) is a PAM module designed to provide two-factor authentication support. There is companion software called Gort which runs on Android devices, essentially turning your phone into a SecureID token. The PAM module is available in the repositories for Debian based distributions. Gort, the Android client, is available from the android market (https://play.google.com/store/apps/details?id=net.sf.crypt.gort)
PassBrow-Recover works in conjunction with the PassBrow extension of the Chrome browser. If you lose your password, open the PassBrow-Recover, load the .passbrow file extension generated and enter your personal information registered in PassBrow extension to generate a code that will give you immediate access to the browser, or you can send your password registered for the e-mail that you saved in extension.
Security Officers Management and Analysis Project (SOMAP) is all about defining security management work methods and supplying Security Officers with tools to do their job more efficient and following standards easily.
ODESSA - The Open Digital Evidence Search and Seizure Architecture is a cross-platform framework for performing Computer Forensics and Incident Response.
CartoReso intends to facilitate enterprise computer network mapping.
JPAM is a Java PAM bridge. PAM, or Pluggable Authentication Modules, is a standard security architecture used Unix, Linux and Mac OS X systems. JPAM permists the use of PAM authentication services to Java applications running on those platforms.
Web Scanner is a command-line program that is designed to scans web servers to find default and potentially vulnerable web pages. 2.0 - Java, 1.3 - Perl Web scanner supports both HTTP and HTTPS protocols and can be configured to use custom data files.