Open Source Security Software

Safe Exam Browser is a webbrowser-environment to carry out online-exams safely. The software changes any computer into a secure workstation. It regulates the access to any utilities and prevents students from using unauthorised resources.

Tor Browser enables you to use Tor on Windows, Mac OS X, or Linux without needing to install any software. Tor is a software that bounces your communications around a distributed network of relays run by volunteers. This effectively prevents anyone watching your Internet connection from learning what sites you visit; it prevents the sites you visit from learning your physical location; and allows you access to sites which are blocked. Tor Browser can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained (portable).

winPenPack is a project that aims at collecting the most frequently used and most popular open source applications made portable, so that they can be executed without installation from any USB Flash Drive or Hard Disk. The winPenPack suites offer a wide range of portable applications like office tools, internet tools, multimedia tools, development tools, security applications and other frequently used utilities. Everything you need, completely free, open source and portable!

SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.

Mod_auth_kerb is a module that provides Kerberos user authentication to the Apache web server. It allows to retrieve the username/password pair, and also supports full Kerberos authentication (also known as Negotiate or SPNEGO based authentication).

PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks. PyLoris can utilize SOCKS proxies and SSL connections, and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

Mac OS X frontend for OpenSSH's sftp/scp tools

Harbour MiniGUI Extended Edition. HARBOUR MINIGUI SOURCE WITH HMGS-IDE (IDE VISUAL TO MAKE WIN32 APLICATIONS WITH HARBOUR) UNNOFICIAL BUILD WITH EXTENDED NEW FEATURES.

axTLS is a TLSv1 SSL library designed specifically for embedded devices, with a highly configurable interface for small memory footprints.

HPN-SSH is a series of performance patches for OpenSSH. By addressing network limitations and CPU limitations significant throughput performance can be realized. Gains of close to two orders of magnitude are possible on long fat network paths. The official git repo is now available at http://github.com/rapier1/openssh-portable. The Sourceforge repository should not be seen as the canonical repository for HPN-SSH. We will update it as we can but users should look to github to generate patches We also support Ubuntu packages. Add them to your package manager with `sudo add-apt-repository ppa:rapier1/hpnssh` Fedora RPMs can be added with, `sudo dnf copr enable rapier1/hpnssh`

proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections. Each Acceptor process delegates the accepted client connection to a threadless process via Work class. Currently, HttpProtocolHandler is the default work class. HttpProtocolHandler simply assumes that incoming clients will follow HTTP specification. Specific HTTP proxy and HTTP server implementations are written as plugins of HttpProtocolHandler.

This plugin allows you to combine the power of Total Commander with the security of SFTP (using SSH) and the comfort of PuTTY.

The OpenCA PKI Development Project is a collaborative effort to develop a robust, full-featured and Open Source out-of-the-box Certification Authority implementing the most used protocols with full-strength cryptography world-wide.

The Nemesis Project is designed to be a command line based, portable human IP stack for UNIX-like and Windows systems. The suite is broken down by protocol, and should allow for useful scripting of injected packets from simple shell scripts.

Simple-VPN is an IPsec configuration tool. It abstracts the myriad of IPsec options and allows easy inter-operation of different implementations. Currently supports Racoon, Openswan and Strongswan.

SRP6 Authentication Library for C# and Java. I originally wrote the Java version in college so it is a much simpler version of how SRP6 can be implemented. The Java version is a simple BlueJ project. For a solid description of SRP6, see https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol. Source is included with the zip file.

DavUtils is a collection of easy to use WebDAV client tools. The built-in client-side encryption allows you to encrypt and decrypt files on the fly with AES. Currently two command line tools are available: dav is a multipurpose WebDAV client that can be used like the standard unix tools ls, mkdir and rm. The other tool is dav-sync that can synchronize local files with a WebDAV server. It is very flexible and configurable and has advanced data safety features to prevent data loss. The integrated client-side AES encryption makes it secure to use public clouds.

This toolkit has complete security Package start from Tweak manager , Updater , Virus scanner ,Proxy server and many more This will be help full for user from corporate to small user we have already started working on it will completed with 2 months

RSA Public Key Crypotgraphy for Web Browsers. Use JavaScript to RSA-encrypt data that can only be decrypted on the server, and not by prying eyes. The poor man's SSL...

A console-based wireless scanner for Apple AirPort Wireless Cards on Mac OS X

AuthServlet is a Java Servlet (and JSPs/TagLibs) which provides a simple pluggable authentication and role-based authorization service. It can be easily incorporated into any Servlet-based web applications.

Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attacker's IP into IPFW table effectively blocking them. Addresses are removed from the table after expiration period

CloudMapper helps you analyze your Amazon Web Services (AWS) environments. The original purpose was to generate network diagrams and display them in your browser (functionality no longer maintained). It now contains much more functionality, including auditing for security issues. If you want to add your own private commands, you can create a private_commands directory and add them there. You must have AWS credentials configured that can be used by the CLI with reading permissions for the different metadata to collect. Cloudmapper needs to make IAM calls and cannot use session credentials for collection, so you cannot use the AWS-vault server if you want to collect data, and must pass role credentials indirectly or configure AWS credentials manually inside the container. Generate HTML report. Includes a summary of the accounts and audit findings. Generate an HTML report for the IAM information of an account.

Update: The code from this project has been contributed to the GNU Crypto project. The Cryptix SASL Library is an implementation of the Java SASL bindings and a number of SASL mechanisms.

DNSSEC Zone Key Tool is a toolkit written in C for DNSSEC zone and key management. It supports automatic zone resigning and KSK- and ZSK rollover according to RFC4641 and RFC5011.