Search Results for "process" - Page 4
Sort By:
Showing 143 open source projects for "process"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
SHAD0W
A post exploitation framework designed to operate covertly
It uses a range of methods to evade EDR and AV while allowing the operator to continue using tooling and tradecraft they are familiar with. Its powered by Python 3.8 and C, and uses Donut for payload generation. By using Donut along with the process injection capabilities of SHAD0W, it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs fully inside the memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti-DLL injection to make it harder for EDR to load code into the beacons, and official Microsoft mitigation methods to protect spawn processes. ... -
2
AttackSurfaceMapper
Automated tool for mapping & expanding organization’s attack surface
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new subdomains, associated IP ranges, and hosts within the same network ownership. ... -
3
mssqlproxy
Toolkit aimed to perform lateral movement in restricted environments
mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead. -
4
MimiPenguin
A tool to dump the login password from the current linux user
A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing passwords. Will attempt to calculate each word's probability by checking hashes in memory, and regex searches. 2.0 introduces a clean port that aims to increase the speed of execution and portability -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
5
Buster
OSINT tool for discovering information linked to email addresses
...Buster supports validating generated email addresses and retrieving contextual information about them. By combining multiple online sources and services, Buster helps automate the process of gathering intelligence related to digital identities. -
6
chords-malware-analyzer
Chords is binary file strings extractor, with many formats supported.
...Is able to extract strings from files just like strings, but it also supports windows wide string, base64 and hexadecimal strings (with decoding support) and automatic recognition of Indicators of Compromise (IOCs). It has been developed to support the malware analysis process, but is a general purpose tool. -
7
CSVHashCrack Suite
Multi hash crack suite
...Over 17.000 md5-hashes in a CSV-file get cracked with a 14.300.000 lines wordlist in less then 1 min. Lines wich cant get cracked with the wordlist get stored in a .leftToCrack-File to further process with another Wordlist or the bruteforce-tool. In addition to the wordlist-cracker I created also a bruteforce-tool named CSVHashBrutforcer. -
8
GUN
Cybersecurity protocol for syncing decentralized graph data
GUN is a small, easy, and fast data sync and storage system that runs everywhere JavaScript does. The aim of GUN is to let you focus on the data that needs to be stored, loaded, and shared in your app without worrying about servers, network calls, databases, or tracking offline changes or concurrency conflicts. This lets you build cool apps fast. When a browser peer asks for data, it'll merge the reply with its own data using a CRDT, then cache the result. GUN is fully decentralized... -
9
PLEASE NOTE that we are in the process of moving to GitHub: https://github.com/jasypt/jasypt Jasypt (Java Simplified Encryption) is a java library which allows the developer to add basic encryption capabilities to his/her projects with minimum effort, and without the need of having deep knowledge on how cryptography works. PLEASE NOTE that we are in the process of moving to GitHub: https://github.com/jasypt/jasypt
-
$300 Free Credits for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
10
Remme PKI (d) Protocol
Blockchain-based distributed PKI protocol
Remme Protocol is a blockchain-based protocol focused on digital key and identity lifecycle management to resolve issues related to cybersecurity, IoT connectivity, data integrity, digital copyright protection, transparency etc. Some of the groundbreaking features include: - Free Rate Limited Transactions - Low Latency Block confirmation (0.5 seconds) - Attribute-based identity and access control - Designed for Sparse Header Light Client Validation - Time Delay Security -... -
11
Gitrob
Scans GitHub repositories for potentially sensitive files
...These signatures are used to flag items such as credentials, private keys, configuration files, and other materials that may expose confidential information. By automatically inspecting repository histories, Gitrob simplifies the process of identifying security risks that might otherwise remain unnoticed in publicly accessible codebases. The results of the scan are presented through a built-in web interface that allows users to browse findings, review flagged files, and analyze potential leaks more efficiently. -
12
StrongKey CryptoEngine
FIDO strong authentication, encryption, digital signature engine
...Its modules include: - A FIDO Engine to support FIDO U2F key registrations/authentications - An encryption engine to encrypt/decrypt files using AES/TDES keys - Escrowing keys to on-premises key management system (StrongAuth KeyAppliance/SAKA) - Integration to cloud storage services (AWS S3, Azure and Eucalyptus Walrus) - A signing engine to digitally sign documents, code, etc. with FIPS 140-2 HSM support - An LDAP Engine for AD/LDAP integration for authorization decisions SKCE is battle-tested and in production at one of the largest e-commerce companies in the world, protecting more than 50M documents within the business process; see http://bit.ly/14VPYlO for the case study. Download StrongKey CryptoCabinet (SKCC) on this site to see how to use SKCE. -
13
Bias is a cross-platform versatile information management application / Organizer
-
14
SpiderFoot
Open Source Intelligence Automation.
SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname or network subnet. SpiderFoot can be used offensively, i.e. as part of a black-box penetration test to gather information about the target or defensively to identify what information your organisation is freely providing for attackers to use against you. -
15
360-FAAR Firewall Analysis Audit Repair
360-FAAR Analyze FW1 Cisco Netscreen Policy Offline Using Config/Logs
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses... -
16
Password Guessing Framework
A Framework for Comparing Password Guessing Strategies
...Therefor, it gathers information about how many passwords from an input file (password leak) have been cracked in relation to the amount of generated guesses. Subsequent to the guessing process an analysis of the cracked passwords is performed. In general though, any guesser that prints the password candidates via STDOUT can be used with the framework. The aforementioned password guessing / password cracking software is not part nor shipped with the framework and need to be installed separately. -
17
Infernal Wireless
Infernal Wireless Penetration Testing Suite
Infernal Wireless – Penetration testers tools Infernal Wireless Penetration testing tool is created to aid the penetration testers during wireless assessment. Having looked around we all see a lot of penetration testing suits which can automate the process of penetration testing easier for us during Web or other kind of audits, but I did not find one for wireless hacking, except some commercial tools. So, I thought how about to create a tool which automate many different type of attacks with a click of button and save us some time. We got to admit that some of the attacks can get complex. ... -
18
Webiness
Lightweight PHP framework
Webiness is lightweight PHP framework based on MVC design pattern. It has a very straightforward installation process that requires only a minimal configuration, so it can save you a lot of hassle. Also, it canbe an ideal choice if you want to avoid PHP version conflict, as it works on all PHP versions from 5.3. Webiness extensively uses the lazy loading technique so, in most cases, it is faster then other frameworks. It can be used for rapid prototyping of web applications. -
19
SWAT
Security Workflow Analysis Tool
The Security Workflow Analysis Tool (SWAT) is a platform for modelling and analyzing workflows. It comes with ananlysis approaches to search for data leaks in workflows. -
20
SecSy: Security-oriented Log Synthesis
Tool for synthesizing business process logs.
...Besides basic synthesis properties (cases per day, office hours, randomized activity duration, ...), its detailed parameter setting for simulating business processes also allows to specify data usage (objects + access modality), actors for process activities and access control constraints for task/object permissions. It is also capable of enforcing/violating specific security properties on process traces, such as SoD/BoD, Unauthorized Access, Corrupted log entries, Skipped Activities. SecSy builds upon the following libraries, that have to be included in the projects' build path: - JAGAL: http://sourceforge.net/p/jagal - JAWL: http://sourceforge.net/p/jawl - SEPIA: http://sourceforge.net/p/sepiaframework - SERAM: http://sourceforge.net/p/seram - TOVAL: http://sourceforge.net/p/toval -
21
SEPIA: Security-oriented PN Framework
Petri net framework for security related modeling and reasoning.
...Along Place/Transition-nets, it supports Petri nets with distinguishable token colors and defines coloured workflow nets, where coloured tokens are interpreted as data elements used during process execution. To support information flow analysis of processes, SEPIA defines so-called IF-Nets, tailored for security-oriented workflow modeling which enable users to assign security-levels (HIGH, LOW) to transitions, data elements and persons/agents participating in the process execution. SEPIA builds upon TOVAL (http://sourceforge.net/p/toval), JAGAL (http://sourceforge.net/p/jagal) and SEWOL (https://sourceforge.net/projects/jawl/). ... -
22
SEWOL: Security-oriented Workflow Lib
Java Library for workflow handling
SEWOL provides support for the handling of workflow traces. It allows to specify the shape and content of process traces in terms of entries representing the execution of a specific workflow activity. Currently it supports plain text, Petrify, MXML and XES log file types. In order to specify security-related context information, SEWOL provides access control models such as access control lists (ACL) and role-based access control models (RBAC). -
23
PL/SQL Starter Framework
A boost or headstart to your PL/SQL development
!!! NOTE !!! The latest file upload (Simple.zip) is a simplified version of the Starter Framework meant for single-schema applications. It only offers logging, error handling and table-driven parameters (with a few extra supporting packages for writing to screen and file, and manipulating dates, strings and numbers). In order to access the simplified framework, click "Browse All Files" and choose the plsqlfmwksimplet folder, then the 2.1 folder. Download Simple.zip. The full framework... -
24
PlayAuthenticate
An authentication plugin for Play Framework 2.x (Java)
Fully customizable and localizable controllers and views (e.g. Play Authenticate allows you to define your own controllers and views for every visual step of the signup and/or log in process). Completely dynamic URL generation for all views (uses the route file - means you can adapt the look and feel as much as you like). The sample shows how to do this with Twitter bootstrap. Linking of accounts (e.g. one local user with multiple authentication providers). Linking can be done automatically or after asking the user (default) Merge detection (e.g. a user created two unconnected local accounts) Account merge can be done automatically or after asking the user (default) Tight deadbolt2 authorization integration (Sample included). ... -
25
ANNFiD
A forensic file identification tool using neural networks
Just carved a bunch of bytes and have no idea what they could be? Maybe ANNFiD can help. ANNFiD uses neural network to identify byte patterns. It can be trained and has a GUI to help in the process. The tool is still on a very early stage, but could improve exponentially with the help of the developer community
