Ports 搜索

Class for inheritable, role-based permissions system (Role Based Access Control - RBAC). Custom methods can be placed on role objects. Authorization can be performed either by checking whether the role name matches the required name, or by testing (via can) whether the role can perform the method required. Two role are specified by default. At the top, superusers can do anything ($superuser->can( $action ) always returns a coderef). At the bottom, the base role can do nothing ($base->can( $action ) always returns undef). All roles are automatically capable of authorizing actions named for the singular and plural of the role name.

Keyczar is an open source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys. Some features of Keyczar include: * A simple API * Key rotation and versioning * Safe default algorithms, modes, and key lengths * Automated generation of initialization vectors and ciphertext signatures * Java, Python, and C++ implementations * International support in Java (Python coming soon) Keyczar was originally developed by members of the Google Security Team and is released under an Apache 2.0 license.

The Metasploit Framework The Metasploit Framework is an open source platform that supports vulnerability research, exploit development, and the creation of custom security tools. The goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. This site was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers. The tools and information on this site are provided for legal penetration testing and research purposes only.

GoVPN is simple secure free software virtual private network daemon, aimed to be reviewable, secure, DPI/censorship-resistant, written on Go. It uses fast strong passphrase authenticated key agreement protocol with augmented zero-knowledge mutual peers authentication (PAKE DH A-EKE). Encrypted, authenticated data transport that hides message's length and timestamps. Optional encryptionless mode, that still preserves data confidentiality. Perfect forward secrecy property. Resistance to: offline dictionary attacks, replay attacks, client's passphrases compromising and dictionary attacks on the server side. Built-in heartbeating, rehandshaking, real-time statistics. Ability to work through UDP, TCP and HTTP proxies. IPv4/IPv6-compatibility.

Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. It consists of two programs: unhide and unhide-tcp. unhide detects hidden processes through: * Comparison of /proc vs /bin/ps output. * Comparison of info gathered from /bin/ps with info gathered from. * Syscalls (syscall scanning). * Full PIDs space ocupation (PIDs bruteforcing). unhide-tcp identifies TCP/UDP ports that are listening but not listed in /bin/netstat by doing brute forcing of all TCP/UDP ports availables.

Vinetto extracts the thumbnails and associated metadata from the Thumbs.db files. The Windows systems (98, ME, 2000, XP and 2003 Server) can store thumbnails and metadata of the picture files contained in the directories of its FAT32 or NTFS filesystems. The thumbnails and associated metadata are stored in Thumbs.db files. The Thumbs.db files are undocumented OLE structured files. Once a picture file has been deleted from the filesystem, the related thumbnail and associated metada remain stored in the Thumbs.db file. So, the data contained in those Thumbs.db files are an helpful source of information for the forensics investigator.

ZXID aims at full stack implementation of all federated identity management and identity web services protocols. Initial goal is supporting SP role, followed by ID-WSF WSC and IdP roles. ZXID is light weight, has a small foot print, and is implemented in C. It is suitable for both high performance and embedded applications. Scripting languages are supported using SWIG, including Perl, PHP and Java. The "full stack" nature of ZXID means it's self contained and has minimal external library dependencies (see downloads).

Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it requires no configuration, no changes to applications, and your network connections will continue to work even if the remote end does not support Tcpcrypt, in which case connections will gracefully fall back to standard clear-text TCP. Install Tcpcrypt and you'll feel no difference in your every day user experience, but yet your traffic will be more secure and you'll have made life much harder for hackers.

[Excerpted from the README:] "scponly" is an alternative "shell" (of sorts) for system administrators who would like to provide access to remote users to both read and write local files without providing any remote execution privileges. Functionally, it is best described as a wrapper to the tried-and-true ssh suite. scponly validates remote requests by examining the third argument passed to the shell upon login. (The first argument is the shell itself, and the second is -c.) The only commands allowed are "scp", "sftp-server" and "ls". Arguments to these commands are passed along unmolested.

BSDploy is a comprehensive tool to provision, configure and maintain FreeBSD jail hosts and jails. Its main design goal is to lower the barrier to repeatable jail setups. * Modular provisioning with plugins for VirtualBox, Amazon EC2 and an achitecture to support more. * Bootstrap complete jail hosts from scratch. * Declarative configuration: All hosts and their properties defined in ploy.conf are automatically exposed to Ansible. * Imperative maintenance: Run Fabric scripts with ploy do JAILNAME TASKNAME and have all of the hosts and their variables in fab.env. * Configure ZFS pools and filesystems with whole-disk-encryption.