InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.
RTOS for Critical Systems
Pharos is a free open-source Real-Time Operating System for Critical Systems with the following characteristics: -Security: With memory and enhanced time partitioning. Each partition protected with hardware MMU/MPU and operating in user mode -Quality: Low cyclomatic, high comments, low nesting level, MISRA. -Mixed Criticality: Partition isolation. Native support for sporadic, periodic and aperiodic threads under a fixed-priority preemptive scheduler, including execution time protection (threads are prevented from executing for more time than they are configured to) -Determinism: Hard real-time determinism, most calls areO(1) and very few cases are O(Log(N)) - they are well identified in the user manual. Dynamic memory free Pharos takes ARINC and moves it one step further, improving responsiveness and isolation. Supports ARM R5, M4, 926EJ-S. We are a group of enthusiastic software developers that also implements client custom software. Contact: email@example.com
A library for easy use of symmetric encryption and decryption in java
A library for easy use of symmetric encryption and decryption in java. Encrypt and decrypt with one line of code using common algorithms like AES. Requires Java 7 or later.
MASTIFF is a static analysis automation framework.
This repository is no longer updated. Please to go https://git.korelogic.com/mastiff.git/ for the latest version! MASTIFF is a static analysis framework that automates the process of extracting key characteristics from a number of different file formats. To ensure the framework remains flexible and extensible, a community-driven set of plug-ins is used to perform file analysis and data extraction. While originally designed to support malware, intrusion, and forensic analysis, the framework is well-suited to support a broader range of analytic needs. In a nutshell, MASTIFF allows analysts to focus on analysis rather than figuring out how to parse files. The official ChangeLog for the project is located at http://mastiff.sourceforge.net/Files/Changelog.txt.
lightweight bitmessage client
Pechkin.v0.3.2 Copyright 2017 Fenenko Aleksandr. Licensed Apache License, Version 2.0; This is lightweight bitmessage client writing in java. Supported platform: Android,Linux,Windows play google: https://play.google.com/store/apps/details?id=pro.fenenko.pechkin Address to contact the developer: BM-2cT9H4ow7R35qLhcsiTNxFjTpnx44XTbiY
MSLK provides the precompiled Win32 binaries of some excellent porject with a GPL or similar open source license. Here will keep updated.
Simple but Powerful, Cross-Platform Password Management Utility
A simple but powerful cross-platform utility for managing and accessing your most secret data. It stores passwords and whole files, so it can literally store any information you want to keep secret. Access your most-used passwords/URLs right out of a desktop tray icon. For advanced users, it includes a separate utility called Grypto-Transforms, which has a universal hash calculator with all the major hash functions, generic encrypt/decrypt functions and a base64/hex converter. Although the interface is simple and intuitive, the security is top-notch. It uses AES with CCM to secure and authenticate the data.
We can briefly define HDIV as a Java Web Application Security Framework. HDIV extends web application frameworks behaviour (Struts 1.x, Struts 2.x, Spring MVC) in order to avoid most common web application security vulnerabilities
The Free Digital Money project aims to promote ideas and stimulate further innovation in the field of digital money. It provides a e-money implementation that can be used by anyone to try out ideas, build sample applications, or for further development.
Find web application vulnerabilities the easy way!
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. Note that this project is no longer used for hosting the ZAP downloads. You should download ZAP via https://github.com/zaproxy/zaproxy/wiki/Downloads Please see the homepage for more information about OWASP ZAP
Java Security Manager made easy
The pro-grade library provides implementation of custom Java Security Managers and Security Policies. The main components are the Java Security Policy implementation with deny rules and Policy File generator.
Realtime Anti-Phishing Training Online Resource
Raptor is a training tool to help educate the “weakest link” on how they can avoid being a doormat for hackers. By launching harmless phishing campaigns, tracking results, and providing immediate education, Raptor can help you tame your company's mice.
Securly execute untrusted code from within your application.
The java-sandbox allows you to securely execute untrusted code (for example, user generated scripts in scripting languages such as groovy or rhino) from within your application. It allows you to specify resources and classes that may be used by the code, thus, separating the execution from the application's execution environment. It allows to wrap execution environments in threads or even execute them remotely on different jvms.
Automatically updates and applies certificate revocation lists
mod_sslcrl is a module for the Apache Web server implementing CRL (Certificate Revocation Lists) verification automatically downloading new CRL files from the corresponding CA.
TOTP authenticator for Java ME
Not only a Google authenticator for 2-step verification for Java ME enabled phones. This is MIDlet-1.0 implementation of RFC 6238 authenticator - TOTP: Time-Based One-Time Password Algorithm. It's quick, simple and it supports multiple profiles.
PMCMA - Post Memory Corruption Memory Analysis
Pmcma is a tool aimed at automating the most time consuming taskes of exploitation. It for instance determine why an application is triggering a segmentention fault, evaluate if the faulting instruction can be used to write to memory or execute arbitrary code, and list all the function pointers potentially called from a given point in time by an application. Pmcma is a totally new kind of debugger, which allows for easy experimentation with a process in memory by forcing it to fork. The exact replicas of the process created in memory can then be intrumented while keeping the properties (eg: state of variables, ASLR, permissions...) of the original process. Pmcma is an easily extensible framework available under the Apache 2.0 license from http://www.pmcma.org/ . Those techniques are implemented in the form of a proof of concept tool available under the Apache 2.0 license at : http://www.pmcma.org/ . Also visit http://www.toucan-system.com/ for updates on the whitepaper.
Backup P2P is a peer to peer application doing automated and secured backups inside a community (Jabber, XMPP). Each user shares some available space on his disk with others, to be able in return to remotely backup some of his own data.
The CILogon project facilitates secure access to Cyberinfrastructure (CI) via the community-driven development and support of the MyProxy, GridShib, and GSI-OpenSSH software.
Servlet container extensions that help web developers write full featured Java web applications.
This tool can create one-time-password values based on HOTP (RFC 4226: HOTP: An HMAC-Based One-Time Password Algorithm), TOTP (RFC 6238: TOTP: Time-Based One-Time Password Algorithm) and OCRA (RFC 6287: OCRA: OATH Challenge-Response Algorithm) standards, and also supports client side of OAuth protocols (1.0a, 2.0).
Laika analyzes and reports on the interoperability capabilities of EHR systems. This includes the testing for certification of EHR software products and networks.
Anoncrypt-Text Encryption and Decryption Website in Java(Struts2)
Anoncrypt by HTCoders is a web based Text Encryption and Decryption Project using Java Technology following Struts2 Framwork . It Consist of two modules > Password based Encryption (Symmetric Encryption) > Self-Destructible Message Service (Once the message is read , it is destroyed and cant be decrypted again .)
RFC 3161 time-stamping .NET client library and application. Please visit project website - https://github.com/disig/TimeStampClient - for more information.
Block Web Site
Block Web site that you want to.
mod_gnutls apache module
mod_gnutls uses the GnuTLS library to provide SSL 3.0, TLS 1.0, TLS 1.1 and 1.2 encryption for Apache HTTPD. It is similar to mod_ssl in purpose, but does not use OpenSSL.