ClamSMTP is an SMTP filter that allows you to check for viruses using
the ClamAV anti-virus software. It accepts SMTP connections and forwards
the SMTP commands and responses to another SMTP server. The 'DATA' email
body is intercepted and scanned before forwarding.
ClamSMTP aims to be lightweight, reliable, and simple rather than have a
myriad of options. It's written in C without major dependencies. If you
need more options then you could use something big like AMaViS which is
written in PERL and can do almost anything.
Sshguard 通过服务的日志活动来监视服务。它通过本地防火墙阻断源地址来对危险活动做出响应。
Sshguard 采用一种巧妙的解析器,可以透明地识别多种日志格式
(syslog、syslog-ng、metalog、multilog、raw messages),
且支持多种服务,包括 SSH、FreeBSD 的 ftpd 和 dovecot。它可以操作所有主流防火墙系统,
包括PF、netfilter/iptables、IPFIREWALL/ipfw、IPFILTER。
Sshguard 包含多种相关特性,如 IPv6 支持、白名单、暂停、日志消息认证。它可靠、
易于安装且仅要求很少的系统资源。
Digest:: HMAC
---------------------------------
This package provide modules which calculate HMAC digests.
To build the extensions, unpack this distribution somewhere, create
the Makefile by running 'perl Makefile.PL' and do a 'make', 'make
test', and if successful 'make install'.
You will need perl version 5.004 or better to install these modules.
Further documentation is embedded in the individual modules.
Copyright 1998-1999 Gisle Aas.
Copyright 1998 Graham Barr.
Copyright 1997 Uwe Hollerbach.
Copyright 1995-1996 Neil Winton.
Copyright 1990-1992 RSA Data Security, Inc.
This library is free software; you can redistribute it and/or
modify it under the same terms as Perl itself.
Bindings to OpenSSL libssl and libcrypto, plus custom SSH pubkey
parsers. Supports RSA, DSA and NIST curves P-256, P-384 and P-521.
Cryptographic signatures can either be created and verified manually
or via x509 certificates. AES block cipher is used in CBC mode for
symmetric encryption; RSA for asymmetric (public key) encryption.
High-level envelope functions combine RSA and AES for encrypting
arbitrary sized data. Other utilities include key generators, hash
functions (md5, sha1, sha256, etc), base64 encoder, a secure random
number generator, and 'bignum' math methods for manually performing
crypto calculations on large multibyte integers.
This perl module provides support for the https protocol
under LWP, so that a LWP::UserAgent can make https GET &
HEAD & POST requests. Please see perldoc LWP for more
information on POST requests.
The Crypt::SSLeay package contains Net::SSL, which is
automatically loaded by LWP::Protocol::https on https
requests, and provides the necessary SSL glue for that
module to work via these deprecated modules:
Crypt::SSLeay::CTX
Crypt::SSLeay::Conn
Crypt::SSLeay::X509
Work on Crypt::SSLeay has been continued only to provide
https support for the LWP - libwww perl libraries. If you
want access to the OpenSSL API via perl, check out Sampo's
Net::SSLeay.
BruteForceBlocker is a perl script, that works along with pf - OpenBSD's
firewall (Which is also available on FreeBSD since version 5.2 is out).
It's main purpose is to block SSH bruteforce attacks via firewall.
When this script is running, it checks sshd logs from syslog and looks
for Failed Login attempts - mostly some annoying script attacks, and
counts number of such attempts. When given IP reaches configured limit
of fails, script puts this IP to the pf's table and blocks any further
traffic to the that box from given IP (This also depends on
configuration done in pf.conf).
cfv is a utility to both test and create .sfv, .csv and md5sum files. These
files are commonly used to ensure the correct retrieval or storage of data.
Features:
- supports .sfv, .csv(2, 3, and 4 field variants), md5sum, BSD md5
sha1sum, .torrent and (test-only) .par, .par2 file formats
- automatic checksum file naming ability in create mode
- recursive operation
- show unverified files option
- ignore case and fix path separator options for cross platform use
- transparent gzip support for checksum files
- configurable renaming of bad files (with testing against previous bad
files, to save only unique differing copies)
Class for inheritable, role-based permissions system (Role Based Access
Control - RBAC).
Custom methods can be placed on role objects. Authorization can be
performed either by checking whether the role name matches the required
name, or by testing (via can) whether the role can perform the method
required.
Two role are specified by default. At the top, superusers can do anything
($superuser->can( $action ) always returns a coderef). At the bottom, the
base role can do nothing ($base->can( $action ) always returns undef).
All roles are automatically capable of authorizing actions named for the
singular and plural of the role name.
Keyczar is an open source cryptographic toolkit designed to make it easier and
safer for developers to use cryptography in their applications. Keyczar supports
authentication and encryption with both symmetric and asymmetric keys. Some
features of Keyczar include:
* A simple API
* Key rotation and versioning
* Safe default algorithms, modes, and key lengths
* Automated generation of initialization vectors and ciphertext signatures
* Java, Python, and C++ implementations
* International support in Java (Python coming soon)
Keyczar was originally developed by members of the Google Security Team and is
released under an Apache 2.0 license.
The Metasploit Framework
The Metasploit Framework is an open source platform that supports
vulnerability research, exploit development, and the creation of
custom security tools. The goal is to provide useful information
to people who perform penetration testing, IDS signature development,
and exploit research. This site was created to fill the gaps in the
information publicly available on various exploitation techniques
and to create a useful resource for exploit developers. The tools
and information on this site are provided for legal penetration
testing and research purposes only.