Open Source Java Security Software - Page 3

The OWASP JBroFuzz Project is a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities.

jPBC is a Java porting of the PBC Library, a Pairing-Based Cryptography Library written in C. It supports symmetric and asymmetric pairing. With jPBC it is really easy to use such a strong cryptographic primitive.

This is a DNS-based host blocker for Android. In the default configuration, several widely-respected host files are used to block ads, malware, and other weird stuff. On the first start, you must manually update the hosts files (using the refresh button) before the service can work correctly (issue #1); and you must also update the hosts files yourself regularly for now. Items in the hosts and DNS servers lists can be moved around and removed) of the list using standard RecyclerView interactions (long press makes the entry movable, swipe to either side removes it). For hosts, a later entry overrides a previous entry; for DNS servers, the first server is preferred. There's also no validation of input, so DNS servers that are not valid IPv4 addresses are not rejected, neither are URLs for DNS server entries (we intend to support URLs in the future, so you can point the app to a remote list of servers).

OSS-Fuzz is a large-scale fuzz testing platform developed by Google to improve the security and reliability of widely used open source software. Fuzz testing is a proven method for uncovering programming errors such as buffer overflows and memory leaks, which can lead to severe security vulnerabilities. By leveraging guided in-process fuzzing, Google has already identified thousands of issues in projects like Chrome, and this initiative extends the same capabilities to the broader open source community. OSS-Fuzz integrates modern fuzzing engines with sanitizers and runs them at scale in a distributed environment, providing automated testing and continuous monitoring. The platform supports multiple programming languages including C/C++, Rust, Go, Python, Java/JVM, and JavaScript, ensuring wide coverage across critical open source projects.

The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. Extensive references are given for each bug patterns with references to OWASP Top 10 and CWE.

Welcome to the OWASP WrongSecrets game! The game is packed with real life examples of how to not store secrets in your software. Each of these examples is captured in a challenge, which you need to solve using various tools and techniques. Solving these challenges will help you recognize common mistakes & can help you to reflect on your own secrets management strategy.

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. When security vulnerabilities or misconfigurations are actively exploited by attackers, organizations need to react quickly in order to protect potentially vulnerable assets. As attackers increasingly invest in automation, the time window to react to a newly released, high severity vulnerability is usually measured in hours. This poses a significant challenge for large organizations with thousands or even millions of internet-connected systems. In such hyperscale environments, security vulnerabilities must be detected and ideally remediated in a fully automated fashion. To do so, information security teams need to have the ability to implement and roll out detectors for novel security issues at scale in a very short amount of time. Furthermore, it is important that the detection quality is consistently very high.

The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers

Shasummer is a SHA hashsum utility in Java. It can calculate SHA1, SHA256 and SHA512 hashes of a file or of a directory (and its subdirectories) and verify the hashes later. Shasummer has a graphical and a command-line interface.

MailArchiva is a powerful, full featured email archiving (email archiver) and compliance solution for mail systems such as Microsoft Exchange. It stores all incoming, outgoing and internal emails for long term storage. A web based user interface is avail

OpenVPN ALS is a web-based SSL VPN server written in Java. It has a browser-based AJAX UI which allows easy access to intranet services. OpenVPN ALS is a direct descendant of Adito, which was a fork of SSL-Explorer.

Web AND Mobile (Apple iPhone) based, multi user, java port of the KeePass project. A free, easy to use password manager which helps you to manage your passwords in a secure way. Focused on deep encryption and ease of use.

Droid Pentest help you to find all android apps for penetration testing and hacking so you can make complete penetration test platform .

This is a Hash Calculating tool that calculates MD2,MD5,SHA-1,SHA-256,SHA-384,SHA-512 hash of text or a file. This has GUI developed in java swings.All it needs is sun jre installed.

jpcap is a set of Java classes which provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. jpcap utilizes libpcap, a widely deployed system library for packet capture.

Shortcut Virus Remover is an easy to use application, capable of detecting the presence of the Shortcut threat. The software can easily fix the damage done by the virus, thus restoring all the icons in the selected drive. The application is lightweight and requires only that you select the drive you wish to clean.

This project aims at developing a easy software for the protection of SCP-ECG files and also control the access to the protected files.

Cyberoam iView; the Intelligent Logging & Reporting solution provides organizations network visibility across multiple devices to achieve higher levels of security, data confidentiality while meeting the requirements of regulatory compliance. To know more about Cyberoam and it’s security solutions visit us at www.cyberoam.com.

A Java library for executing, parsing and persisting NMap output.

MicroZip is a powerful file compression and encryption utility for mobile phones which allows you to create and extract compressed archives in multiple formats and encrypt sensitive information with powerful AES-256 encryption. MicroZip can create and extract ZIP,TAR,TGZ,TBZ2 archives and extract many other formats as JAR,GZ,BZ2,TBZ,WAR,BZIP2,GZIP,Z,TAZ,CBZ etc. MicroZip allows you to extract selected files without extracting the whole ZIP archive. MicroZip also supports encrypted ZIP archives with both classic ZIP encryption and AES 256 encryption algorithm.

OAST is a cross-platform front-end (GUI) for OpenVPN-client, allowing to manage multiple. It's quite simple in use and provides base functionality such as monitoring connection status. Application is written in Java so it works on both Windows and Linux

raw2vmdk is an OS independent Java utility that allows you to mount raw disk images, like images created by "dd", using VMware, VirtualBox or any other virtualization platform supporting the VMDK disk format.

OpenWebStart is an open source reimplementation of the Java Web Start technology. It provides the most commonly used features of Java Web Start and the JNLP standard, so that your customers can continue using applications based on Java Web Start and JNLP without any change. OpenWebStart is based on Iced-Tea-Web and the JNLP-specification defined in JSR-56. OpenWebStart is released under the GPL with Classpath Exception. For more information, read the full license here. The main focus of OpenWebStart is the execution of JNLP-based applications.

A steganography tool. You can hide 2Gb file in multiple images, supported almost all graphic formats. Average capacity ~ 40%. Useful for publishing censored materials in the Internet. Details on the project's website (stegoshare.sf.net).

ANts P2P realizes a third generation P2P net. It protects your privacy while you are connected and makes you not trackable, hiding your identity (ip) and crypting everything you are sending/receiving from others.