A Windows password cracker based on rainbow tables
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds.
Open source disk encryption with strong security for the Paranoid
VeraCrypt is a free disk encryption software brought to you by IDRIX (https://www.idrix.fr) and based on TrueCrypt 7.1a. It adds enhanced security to the algorithms used for system and partitions encryption making it immune to new developments in brute-force attacks. It also solves many vulnerabilities and security issues found in TrueCrypt. This enhanced security adds some delay ONLY to the opening of encrypted partitions without any performance impact to the application use phase. This is acceptable to the legitimate owner but it makes it much harder for an attacker to gain access to the encrypted data. All released files are PGP signed with key ID=0x54DDD393, available on key servers and downloadable at https://www.idrix.fr/VeraCrypt/VeraCrypt_PGP_public_key.asc VeraCrypt can mount TrueCrypt volumes. It also can convert them to VeraCrypt format. Documentation: https://www.veracrypt.fr/en/Documentation.html FAQ : https://www.veracrypt.fr/en/FAQ.html
The portable software collection
winPenPack is a project that aims at collecting the most frequently used and most popular open source applications made portable, so that they can be executed without installation from any USB Flash Drive or Hard Disk. The winPenPack suites offer a wide range of portable applications like office tools, internet tools, multimedia tools, development tools, security applications and other frequently used utilities. Everything you need, completely free, open source and portable!
Jasypt (Java Simplified Encryption) is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works.
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
The Samurai Web Testing Framework is a VM focused on web application testing. We have collected the top testing tools and pre-installed them to build the perfect environment for testing applications.
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
Open Legacy Storage Document: Generic Document Archiving on Disk and Network(using MINA) Framework in Java for huge number of docs(up to 2^192 documents), efficient(Java NIO), crypto, net transfert, web retrieve, J2EE and eMail archiving compatible.
cross-platform, encryption application
encrypt is a multi-platform, file encryption application. Binary packages are currently provided for Arch, Debian, Fedora, MS Windows, Android and OS X. For further details, including the latest source code, visit https://albinoloverats.net/projects/encrypt
TOTP authenticator for Java ME
Not only a Google authenticator for 2-step verification for Java ME enabled phones. This is MIDlet-1.0 implementation of RFC 6238 authenticator - TOTP: Time-Based One-Time Password Algorithm. It's quick, simple and it supports multiple profiles.
Spring Security (formerly Acegi Security) is now hosted on the Spring Framework website: http://www.springframework.org/spring-security/
This program aims at providing a java solution to hide secret information(such as secret file) to JPEG images. Hiding algorithm contains Jsteg and F5. The main(probably the toughest) stuff is encoding and decoding JFIF files.
This tool can create XAdES (XML) signatures based upon ETSI TS 101 903 v1.3.2 standard. It also includes handling of ITU-T X.509 certificates and RFC 3161 timestamps.
Innovative prototype of network applications such as TCP fuzzers that can be used for many purposes such as network and application security assessments and more. Adapt it freely to fit your needs or to simply understand how TCP works in .NET.
InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.
JPA Security is an Access Control Solution for the Java Persistence API. JPA Security enables you to configure access control to your JPA Entity Beans based on the currently authenticated user and its roles via XML or Annotations.
MSLK provides the precompiled Win32 binaries of some excellent porject with a GPL or similar open source license. Here will keep updated.
Encrypt and manage secret text data
PCSecrets is a PC application that holds secret text data - protected by a master password and strong encryption. Use it as a password manager or just somewhere to hold any text data securely in one place. It can hold a second, hidden set of secrets that is undetectable and plausibly deniable. The program is also a PC counterpart of the Secrets for Android app. It uses the same data structure and provides synchronization that allows easy transfer of secrets between the two. For those who find the personal computer environment more comfortable for data entry and editing (i.e. a real keyboard), PCSecrets provides an alternative way to manage your secrets. Sync is also effectively a form of backup. To enable the sync feature with Secrets for Android, you need to install the PCSecrets sync app PCSSync, downloadable from SourceForge or Google Play. PCSecrets import plus PCSSync provides a route to importing secret data into Secrets for Android that would not otherwise be possible.
Encrypt and decrypt text using AES 256 bit encryption
AESTextCrypt is an easy-to-use open source tool for text encryption and decryption. Primarily intended for use with email, use it wherever you need to protect text from prying eyes. The encrypted text can be copy/pasted into any text-handling application (e.g. email) instead of plain text. Convenience buttons are provided for clipboard operations. AESTextCrypt uses AES-256 bit encryption which is the strongest available encryption scheme. It also employs bcrypt, which implements key-stretching and an adaptive key setup phase, the complexity (number of rounds) of which is automatically set to match the processing power of the encrypting computer. This makes it highly resistant to dictionary attack. AESTextCrypt is written in Java, so can be run on all desktop platforms - Windows, Mac and Linux.
Lock your files and folders .
Simply lock and unlock your files and folders.
Enfomi is a cross-platform standalone password-based encryption/decryption program that supports 27 algorithm variants (including AES 256bit). Archives can be self-decrypting, thus making it perfect for mobile applications.
Runs untrusted code in a safe, sandboxed environment easily.
This library helps developers easily run untrusted code in a safe, sanboxed environment. It's easy to use and is similar to Java's existing "AccessController.doPriviledged()" methods, so users who are familiar with the standard Java class will already be able to use the library. It is extremely customizable, so you can fine-tune exactly which permissions you wish to grant your untrusted code. It also includes many classes to to the hard work for you and has support for multi-threaded applications. (I am also looking for people to maintain this project. If you are interested, please contact me at email@example.com)
A multi-platform tool to convert RSA private keys between SFM format (modulus, public exponent, private exponent) and CRT format, in both ways.
lightweight bitmessage client
Pechkin.v0.3.2 Copyright 2017 Fenenko Aleksandr. Licensed Apache License, Version 2.0; This is lightweight bitmessage client writing in java. Supported platform: Android,Linux,Windows play google: https://play.google.com/store/apps/details?id=pro.fenenko.pechkin Address to contact the developer: BM-2cT9H4ow7R35qLhcsiTNxFjTpnx44XTbiY
The project aims at creating an enterprise-grade PKI/Trustcenter software supporting well established components like RDBMS and Hardware Security Modules. The core components are written in Perl. OpenXPKI is released under the Apache License v2. NOTE: Development resources have moved to https://github.com/openxpki/openxpki SF Mailing Lists are still active.