Ports Search

ClamSMTP is an SMTP filter that allows you to check for viruses using the ClamAV anti-virus software. It accepts SMTP connections and forwards the SMTP commands and responses to another SMTP server. The 'DATA' email body is intercepted and scanned before forwarding. ClamSMTP aims to be lightweight, reliable, and simple rather than have a myriad of options. It's written in C without major dependencies. If you need more options then you could use something big like AMaViS which is written in PERL and can do almost anything.

Sshguard monitors services from their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. Sshguard employs a clever parser that can recognize several logging formats at once transparently (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, FreeBSD's ftpd and dovecot. It can operate all the major firewalling systems, including PF, netfilter/iptables, and IPFIREWALL/ipfw. Sshguard has several relevant features like support for IPv6, whitelisting, suspension, log message authentication. It is reliable, easy to set up and demands very few resources to the system.

Digest:: HMAC --------------------------------- This package provide modules which calculate HMAC digests. To build the extensions, unpack this distribution somewhere, create the Makefile by running 'perl Makefile.PL' and do a 'make', 'make test', and if successful 'make install'. You will need perl version 5.004 or better to install these modules. Further documentation is embedded in the individual modules. Copyright 1998-1999 Gisle Aas. Copyright 1998 Graham Barr. Copyright 1997 Uwe Hollerbach. Copyright 1995-1996 Neil Winton. Copyright 1990-1992 RSA Data Security, Inc. This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Bindings to OpenSSL libssl and libcrypto, plus custom SSH pubkey parsers. Supports RSA, DSA and NIST curves P-256, P-384 and P-521. Cryptographic signatures can either be created and verified manually or via x509 certificates. AES block cipher is used in CBC mode for symmetric encryption; RSA for asymmetric (public key) encryption. High-level envelope functions combine RSA and AES for encrypting arbitrary sized data. Other utilities include key generators, hash functions (md5, sha1, sha256, etc), base64 encoder, a secure random number generator, and 'bignum' math methods for manually performing crypto calculations on large multibyte integers.

This perl module provides support for the https protocol under LWP, so that a LWP::UserAgent can make https GET & HEAD & POST requests. Please see perldoc LWP for more information on POST requests. The Crypt::SSLeay package contains Net::SSL, which is automatically loaded by LWP::Protocol::https on https requests, and provides the necessary SSL glue for that module to work via these deprecated modules: Crypt::SSLeay::CTX Crypt::SSLeay::Conn Crypt::SSLeay::X509 Work on Crypt::SSLeay has been continued only to provide https support for the LWP - libwww perl libraries. If you want access to the OpenSSL API via perl, check out Sampo's Net::SSLeay.

BruteForceBlocker is a perl script, that works along with pf - OpenBSD's firewall (Which is also available on FreeBSD since version 5.2 is out). It's main purpose is to block SSH bruteforce attacks via firewall. When this script is running, it checks sshd logs from syslog and looks for Failed Login attempts - mostly some annoying script attacks, and counts number of such attempts. When given IP reaches configured limit of fails, script puts this IP to the pf's table and blocks any further traffic to the that box from given IP (This also depends on configuration done in pf.conf).

cfv is a utility to both test and create .sfv, .csv and md5sum files. These files are commonly used to ensure the correct retrieval or storage of data. Features: - supports .sfv, .csv(2, 3, and 4 field variants), md5sum, BSD md5 sha1sum, .torrent and (test-only) .par, .par2 file formats - automatic checksum file naming ability in create mode - recursive operation - show unverified files option - ignore case and fix path separator options for cross platform use - transparent gzip support for checksum files - configurable renaming of bad files (with testing against previous bad files, to save only unique differing copies)

Class for inheritable, role-based permissions system (Role Based Access Control - RBAC). Custom methods can be placed on role objects. Authorization can be performed either by checking whether the role name matches the required name, or by testing (via can) whether the role can perform the method required. Two role are specified by default. At the top, superusers can do anything ($superuser->can( $action ) always returns a coderef). At the bottom, the base role can do nothing ($base->can( $action ) always returns undef). All roles are automatically capable of authorizing actions named for the singular and plural of the role name.

Keyczar is an open source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys. Some features of Keyczar include: * A simple API * Key rotation and versioning * Safe default algorithms, modes, and key lengths * Automated generation of initialization vectors and ciphertext signatures * Java, Python, and C++ implementations * International support in Java (Python coming soon) Keyczar was originally developed by members of the Google Security Team and is released under an Apache 2.0 license.

The Metasploit Framework The Metasploit Framework is an open source platform that supports vulnerability research, exploit development, and the creation of custom security tools. The goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. This site was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers. The tools and information on this site are provided for legal penetration testing and research purposes only.