Open Source Python Security Software - Page 17

Transparent file encryption performs real-time I/O encryption and decryption of the files in any block data with 16 bytes. The encryption uses a 256 bits symmetric key to encrypt or decrypt the data with AES encryption algorithm. Auto file encryption protects data "at rest", meaning the transparent data and files encryption. It provides the ability to comply with policies which can be applied by users, processes and file type. This allows only authorized users and processes to access the encrypted files, unauthorized users and processes can’t access the encrypted files. The Auto FileCrypt Tool was developed with EaseFilter Encryption Filter Driver(EEFD) SDK, a file level encryption filter driver. Run the auto file encryption service with administrator permission, add the managed folders as encryption folder, when the files were added to the managed folder, the files will be encrypted automatically, when files were read, the data will be decrypted in memory automatically.

OneForAll is a comprehensive subdomain enumeration and reconnaissance tool primarily used in penetration testing and bug bounty workflows. Built in Python, it aggregates results from numerous DNS, certificate transparency, search engine, and threat intelligence sources to uncover hidden subdomains. The tool is particularly notable for incorporating many Chinese data sources that are often missed by Western-focused recon tools, increasing discovery coverage. It supports brute-force subdomain discovery, recursive scanning, and takeover detection to help identify potential attack surfaces. OneForAll also performs validation and enrichment of discovered domains, producing structured outputs for further analysis. Overall, it is a powerful asset discovery platform designed to maximize subdomain visibility during security assessments.

Download code, Learn code, Share code. The Ongoing Object-oriented Perl Project. scripts, tutorials, modules, case studies, anything OOPerl --not excluding contributions of OO discipline in other programming languages.

OpenPortalGuard is a flexible, extensible, and massively scalable access control system for portals. It provides single-sign-on features for username/pw and smartcards as well as declarative access control.

This is a web application firewall suite

The OpenCoin project provides resources for creating virtual currencies: documentation, format and protocol definitions, an open-source reference implementation for issuers, users and traders. It is based on David Chaum's electronic cash concept.

OpenSEED is open source implementation for SEED, the 128-bit Symmetric Block Cipher which is used widely among Korean Financial & Banking Companies. OpenSEED will implement TLS over SEED, also.

OpenSQLi-NG is the next generation open source sql injection tool. It silently test and exploit (on-demand) SQL injections conditions. Please refer to the project web site to have the complete description: http://opensqling.sourceforge.net/?page_id=8

OpenSessame is a personnel entry control and time tracking management system. Platform independent, multi-node, client-server system, written in Python, with wxPython/wxWidgets client, a web management gui and PostgreSQL database backend.

Manage your passwords!

P.I.G.: Privacy In Gedit, a plugin for gedit, encode and decode text to base64.

An ARP watch daemon for windows (portable to linux but it is already there...) which is able to be run as a service and logs to eventlog so one can collect the logs and react to events.

Python Advanced Wordlist Generator is an easy to use software to create profiled wordlists and make various operations on an existing wordlist. This software is part of the "Kalkulator's Knights" project.

Petoron Crypto Archiver (PCA) Key features: AES-256-CFB encryption with unique IV per archive Argon2id key derivation (256MB RAM / time_cost=3 / parallelism=4) HMAC-SHA512 integrity and anti-tampering check No compression, no fingerprinting, no trace of original data Works with both single files and entire directories Fully CLI-based, portable, and open format (.pca) https://github.com/01alekseev/PCA

PGP Individual UID Signer makes signing all the UIDs on all of the keys at a PGP Keysigning party much simpler. It prompts for verification fingerprints, and then signs each UID on each key separately and PGP/Mime encrypt-emails them to their recipient. NOTE: Developement now happens at GitHub: http://github.com/jaymzh/pius

The aim of this small program is to parse your address book (Evolution address book or VCard file for the moment) and check if some of your contacts have uploaded a PGP public key on a key server.

PyKCS11: a complete PKCS#11 wrapper for Python, created using the SWIG compiler. API documentation: http://pkcs11wrap.sourceforge.net/api/

Petoron Local Destroyer (PLD) Features: 10-pass default cryptographic overwrite (customizable) Argon2id + AES-CFB entropy stream per session No logs, no caching, no backups Full CLI control (purge, wipe) Clean TRASH/workflow If you want your files to truly disappear — not just be deleted - PLD is the tool. https://github.com/01alekseev/PLD

Petoron Quantum Standard (PQS) v1.2 A fully custom, offline encryption standard - built entirely from scratch. PQS v1.2 is a minimalistic, self-contained encryption engine for secure file protection, with zero reliance on external cryptographic libraries. PBKDF2-HMAC-SHA256 (200k iterations, adjustable) for password hardening. Key separation via BLAKE2s - independent keys for encryption and MAC. BLAKE2s-MAC authentication - 16-byte tag, any modification = instant rejection. Streaming keystream generator - secure, large-scale XOR without key reuse. Fake padding (HEAD/TAIL) - obfuscates binary boundaries and payload structure. Precise size encoding - restores original payload exactly. Supports files up to 128 MB per encrypted block. No dependencies, fully offline, cross-platform Python implementation. PQS is designed for high-assurance security, full auditability, and deterministic offline use - without unnecessary complexity. https://github.com/01alekseev/PQS

Petoron Seal Contracts (PSC) Fully binary .psc contract format TTL (time to live) built-in Ed25519 participant signatures Executed-flag to prevent reuse External .sig signature support Fully offline and P2P-ready Compatible with Petoron Time Burn Cipher (PTBC) https://github.com/01alekseev/PSC

Petoron Time Burn Cipher (PTBC) A promising cipher based on self-destruction of time, complete absence of traces and impossibility of key selection. Key features: AES-CFB encryption with per-file IV Argon2id key derivation with 256MB RAM resistance TTL (time to live) built directly into the encrypted file HMAC-SHA512 integrity verification Self-deleting mode (--autowipe) and one-time access marking (--onetime) No file metadata, no recovery, no password resets Philosophy: If you lose the password - it’s over. If time expires - it’s gone. PTBC doesn’t forgive, doesn’t forget, and doesn’t leak. https://github.com/01alekseev/PTBC

Packet generator for security research (currently RADIUS protocol). Create either large highly variable test runs or short programs demonstrating a characteristic sequence of packets.

Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation.

ParaCrypt is software for encrypting and decrypting data with one-time-pads. For convenience the one-time-encryption-pads are created using pre-shared unencrypted files as sources of entropy.

ParamIT is a toolkit aiding the development of molecular mechanical force field parameterization of small, drag like, molecules within CHARMM general force field (CGenFF) protocol. The developed toolkit helps the researchers in following ways: 1) automating the creation of multiple input files for quantum and molecular mechanics programs, 2) automating the output analysis and 3) substitute the use of full MM programs with a faster specialized one. The developed tools include: 1) generator of molecule-water complexes with graphical user interface (GUI), 2) semi-automatic frequency analysis using symbolic potential energy distribution matrix and comparison of optimized internal coordinates, 3) GUI for charge fitting with three modes: manual, Monte-Carlo sampling or brute force, and 4) GUI for dihedral terms fitting. The usage of these tools decreases the labor effort, lowers manual input errors and reduces the time needed for accurate MM parameterization efforts.