NARC Network Analysis Reporting Console takes output from security tools like Nessus, and NMap & populates a database via automated scripts for reporting purposes. Version 0.DC14 also includes rudimentary reporting capabilities. New from kaos.theory
Powerfuzzer is a highly automated web fuzzer based on many other Open Source fuzzers available (incl. cfuzzer, fuzzled, fuzzer.pl, jbrofuzz, webscarab, wapiti, Socket Fuzzer). It can detect XSS, Injections (SQL, LDAP, commands, code, XPATH) and other
Mod_auth_kerb is a module that provides Kerberos user authentication to the Apache web server. It allows to retrieve the username/password pair, and also supports full Kerberos authentication (also known as Negotiate or SPNEGO based authentication).
Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.
Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
A tool to be used for newly created OSS web firewall/proxy/servers. Submit (GET/POST/HEAD) user-defined packets to web firewall to test its security strength. Tell you at which packet length a firewall will crash. Good for Heap/buffer overflow hunting.
Typical Web Firewalls use a mechanism to classify anomaly traffics. This tool submits an old-school malicious (not dangerous) request, and tells you the type of firewall a particular web site use (if any). Mainly useful for blackbox security assessment
Store and retrieve passwords Online while keeping it secure. Web based (php+flatfile) for easy retrieval. All passwords stored are encrypted and the master (key) password is never saved. Even the user-id are all encrypted. CHECK PROJECT WEBSITE FOR DEMO!
New to Google Cloud? Get $300 in credits to explore Compute Engine, BigQuery, Cloud Run, Gemini Enterprise Agent Platform, and more.
Start your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
A tool to monitor internet hosts` bandwidth usage in a Linux-NAT network. A daemon collects data and clients display them (currently a Java applet with a graph). It automatically detects new hosts and has a nice summary statistic.
SURFnet IDS, a Distributed Intrusion Detection System (D-IDS). The goal is to provide an early warning system which lets system administrators correlate known and unknown exploits to attacks directed towards their networks.
Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.
As SSLExplorer is now closed source, SSLE-PAM has been ported and integrated to Adito, THE OpenSource fork of SSLExplorer. http://sourceforge.net/projects/adito
HT Password Manager is a web interface to manage apache's htpasswd files. Manage multiple password files with separate per-file administrator. Administrators can add/delete/search and reset password for all users & users can change their own passwords.
The Solitox Community system provides an integrated real-time chat service, web interface, and a scalable infrastructure for adding more services with common credentials. These interfaces allow a greater level of communication for your users.
The GOLEM (Global Object Learning Enterprise Mediator) is a multi-module system for identity management purposes in an inter- and intra-university context. It supports eLearning applications in a very broad sense, i.e. including wikis and other web tools
Zivios is a web based control panel which brings together vital open source technologies needed by medium and large enterprises. Zivios provides identity management,user, group and computer provisioning, as well as remote management of services.
FLAG was designed to simplify the process of log file analysis and forensic investigations. FLAG facilitates efficient analysis of large quantities of data within an interactive environment. PyFlag is the reimplementation of FLAG in Python.
MyNmap is a tool that uses Apache/PHP/MySQL/PERL (designed to run on Linux, BSD, or other Unix clones) to display Nmap network scan data for large networks.
GTCop Professional Security Appliance aims to provide a powerful tool for satellite communications, with enhanced QoS and bandwidth controls. As derived from IPCop Firewall, it is a stable, secure, easy to configure and maintain GNU/Linux firewall box.
It makes email spammers' programs with thousands of fake email addresses endlessly dynamically generated. Even if your site visitors post their email addresses in plain format, spammers will give up searching for correct ones.
With this system, a person can ask a yes/no-question to group of people while their answer is kept completely anonymous. The project is based on the dining cryptographers protocol.
In your web applications wherever user registration is required, use this checker script to strictly enforce users to select stronger passwords. It tests cracking passwords against 4 rules. It has also built-in smoke test page.
Detect your web servers being scanned by brute force tools and vulnerability scanners.Helps you quickly identify probable probing by bad guys who's wanna dig possible security holes.