CTparental is a free and open-source parental control tool used to control computer usage or internet browsing. It comes with a simple and easy-to-use web interface powered by a Lighttpd web server. The idea of CTparental tool comes from other tools such as, iptables, dnsmasq, and inguardian privoxy.
Explains how to install and use Gixy tool to analyze Nginx configuration to prevent security misconfiguration and automate flaw detection on Linux or Unix-like system.
Public key crypto for everyone, publicly auditable proofs of identity. Keybase is a new and free security app for mobile phones and computers. For the geeks among us: it's open source and powered by public-key cryptography. Keybase is for anyone. Imagine a Slack for the whole world, except end-to-end encrypted across all your devices. Or a Team Dropbox where the server can't leak your files or be hacked.
Ganymed SSH-2: Java based SSH-2 Protocol Implementation
The Ganymed SSH-2 library allows one to connect to SSH servers from within Java programs. It supports SSH sessions (remote command execution and shell access), local and remote port forwarding, local stream forwarding, X11 forwarding, SCP and SFTP. There are no dependencies on any JCE provider, as all crypto functionality is included.
Ganymed SSH-2 for Java is the de-facto standard for open source based SSH communication in Java software. The library is used in many industrial products but also in open source software, e.g., in the widely used SVN plugin for Eclipse and in Cyberduck (a popular SFTP client for the Mac).
Originally, Ganymed SSH-2 for Java was developed by Dr. Christian Plattner for the Ganymed replication project at ETH Zurich, Switzerland, back in 2005. In the meantime, its clearly structured code has been ported by different people to other languages as well. Confusingly, there are also Java branches with slightly different names. However, Ganymed SSH-2 for Java is the original implementation with a stable interface that is backwards compatible to the first implementation written in 2005 (!).
Darik's Boot and Nuke ("DBAN") is a self-contained boot disk that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction.
Schlage Shows New Security Features At the Consumer Electronics Show 2010Schlage will preview new capabilities for its Schlage LiNK home-management system at the Consumer Electronics Show 2010 in Las Vegas that allow Schlage wireless keypad locks to be...
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime.
verinice ist ein ISMS-Tool für das Management von Informationssicherheit. Die Software wird unter der Lizenz GPLv3 zum freien Download als OpenSource-Software kostenfrei bereit gestellt.
verinice unterstützt die Betriebssysteme Windows, Linux und MacOS und hat die Grundschutzkataloge des BSI lizenziert.
Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
JUG is a pure java UUID generator, that can be used either as a component in a bigger application, or as a standalone command line tool (a la 'uuidgen'). UUIDs are 128-bit Universally Unique IDentifiers (aka GUID, Globally Unique IDentifier used in Windows world).
JUG generates UUIDs according to the IETF UUID draft specification (and further clarified in UUID URN name space IETF draft ) – all 3 'official' types defined by the draft – is fast, portable and Open Source (as well as Free Software ).
You can use JUG in your application according to the license terms of LGPL (Lesser General Public License); or, from version 2.0 on, ASL . See Download page for more details.
From version 1.0.0 on, native code (invoked via JNI) for accessing Ethernet MAC address is included with Jug distribution. Big thanks to Paul Blankenbaker and DJ Hagberg (amongst others) for their code contributions!
Note that using this functionality is optional: only time+location - based generation needs MAC address, and even with it, one can just pass the address from a configuration file.
Currently JNI-based Ethernet MAC address support is available on following platforms:
* Linux / x86
* Windows (98, ME, NT, 2K, XP?) / x86
* Solaris / Sparc
* Mac OS X
* FreeBSD / x86
Note: if anyone can recompile Mac OS X JNI code on Open/NetBSD and try if if it works, that would be useful (FreeBSD JNI code was compiled this way).
VELO is an Open Source Identity and Access Provisioning server.
Features
* SPML V2 compliance. new!
* Role Based Access Control (RBAC)
* Consolidated Employee Identity Attributes repository
* Accounts Attribute Synchronization
* User and Access Reconciliations
* Integrated work-flow engine for complex business processes
* Self Service interfaces
* Support many resources
* Support Complete Account Operations
* Specific typed actions can be added easily
* Centralized Password Policy and Password Synchronization.
* Auditing & Compliance.
* Powerful scripting support for complex processes via Scripting expressions
* Supports more than 20 different scripting languages! new
* Remote services access via Web-Services.
* Extensible via Events.
* Advanced Report Designer & Web-based Reporting Manager.
* Pluggable Authentication Handlers.
* Jboss and Glassfish Support
The Sleuth Kit and Autopsy Browser. Both are open source digital investigation tools (a.k.a. digital forensic tools) that run on Unix systems (such as Linux, OS X, FreeBSD, OpenBSD, and Solaris). They can be used to analyze NTFS, FAT, Ext2, Ext3, UFS1, and UFS2 file systems and several volume system types.
Integritätstest für Datenträger, vor allem zur Erkennung manipulierter USB-Sticks (siehe auch c't 1/08, S. 24). Seit Ende 2007 werden 1-GByte-Sticks manipuliert und als 2- oder 4-GByte-Versionen verkauft; das Tool klärt die Sachlage sofort.
Wiretapped is an archive of software and information covering the areas of host, network and information security, network operations, cryptography and privacy, among others. We believe we are now the largest archive of this type of software & information, hosting in excess of 20 gigabytes of information mirrored from around the world.
Features
* On Demand
o Can load keys when ssh is launched.
o Can load keys when the Apple Keychain is unlocked.
* Security
o Can unload keys on sleep (or after a period of sleep).
o Can unload keys when the screenssaver kicks in.
o Can unload keys when the Apple Keychain is locked.
o Can lock the Apple Keychain when the screensaver kicks in.
o Can ask for confirmation when keys are accessed (useful for agent forwarding).
* Display
o Icon can be displayed in the statusbar, dock, or both.
* Integration
o Apple Keychain
+ Can store SSH key passphrases in the Apple Keychain.
+ Can lock/unlock the Apple Keychain from a menu item.
o Global Environment
+ Can add the necessary variables to the global environment, so you can use SSHKeychain with Project Builder, etc.
o SSH Tools
+ Works seamless with the commandline tools (adding keys from the commandline also updates the UI).
+ Can generate new keypairs from the UI.
* Networking
o Tunneling
+ Local ports can be forwarded over a ssh connection from the tunnel menu.
+ Tunnels can be launched when your keys are loaded.
+ The tunnel menu indicates the status of your tunnels.
+ Tunnels are automatically closed when the system goes to sleep.
+ Multiple ports can be forwarded over one ssh connection.
o Can handle agent requests through Agent Forwarding.
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
The SOBF Tool is an Information Security Risk Analysis and Management tool. It is the reference implementation of the SOMAP.org Guide and follows the risk analysis workflow as described in the Guide.
The SOBF Tool is currently in development and there are public preview downloads from time to time. Please see below under Status/Download for further details.
The PermissionSniffer is designed to help developers determine the minimum set of permissions that their application requires in order to run.
The PermissionSniffer is still under development. Comments, feedback, contributions, etc. are greatly appreciated.
Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for
The Security Officers Management and Analysis Project (SOMAP.org) is all about Open Source Information Security Risk Management. It is our belief that risk management processes and best practices need to be offered in an open kind. Only freely available risk management informations can potentially lead to a better security management and further development of the whole risk management field.
Ophcrack is a Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a GTK+ Graphical User Interface and runs on Windows, Mac OS X (Intel CPU) as well as
Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman's original trade-off, with better performance.
Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for
CurrPorts displays the list of all currently opened TCP/IP and UDP ports on your local computer. For each port in the list, information about the process that opened the port is also displayed, including the process name, full path of the process, version