Net::Daemon is an abstract base class for implementing portable server
applications in a very simple way. The module is designed for Perl 5.005
and threads, but can work with fork() and Perl 5.004.
The Net::Daemon class offers methods for the most common tasks a daemon
needs: Starting up, logging, accepting clients, authorization,
restricting its own environment for security and doing the true work.
You only have to override those methods that aren't appropriate for you,
but typically inheriting will safe you a lot of work anyways.
Binwalk is a tool for searching a given binary image for embedded
files and executable code. Specifically, it is designed for identifying
files and code embedded inside of firmware images. Binwalk uses the
libmagic library, so it is compatible with magic signatures created
for the Unix file utility.
Binwalk also includes a custom magic signature file which contains
improved signatures for files that are commonly found in firmware
images such as compressed/archived files, firmware headers, Linux
kernels, bootloaders, filesystems, etc.
More details are available at:
Suhosin is an advanced protection system for PHP installations.
It was designed to protect servers and users from known and
unknown flaws in PHP applications and the PHP core.
Suhosin comes in two independent parts, that can be used
separately or in combination. The first part is a small patch
against the PHP core, that implements a few low-level
protections against bufferoverflows or format string
vulnerabilities and the second part is a powerful PHP extension
that implements all the other protections.
Suhosin is binary compatible to normal PHP installation,
which means it is compatible to 3rd party binary extension
like ZendOptimizer.
This package provides an interface to the cracklib (libcrack) libraries that
come standard on most Unix-like distributions. This allows you to check
passwords against dictionaries of words to ensure some minimal level of
password security.
From the cracklib README
CrackLib makes literally hundreds of tests to determine whether you've
chosen a bad password.
* It tries to generate words from your username and gecos entry to tries
to match them against what you've chosen.
* It checks for simplistic patterns.
* It then tries to reverse-engineer your password into a dictionary
word, and searches for it in your dictionary.
- after all that, it's PROBABLY a safe(-ish) password. 8-)
Off-the-Record (OTR) Messaging allows you to have private
conversations over instant messaging by providing:
* Encryption
No one else can read your instant messages.
* Authentication
You are assured the correspondent is who you think it is.
* Deniability
The messages you send do not have digital signatures that
are checkable by a third party. Anyone can forge messages
after a conversation to make them look like they came from
you. However, during a conversation, your correspondent is
assured the messages he sees are authentic and unmodified.
* Perfect forward secrecy
If you lose control of your private keys, no previous
conversation is compromised.
In short: getting and installing SSL/TLS certificates made easy.
The Let's Encrypt Client is a tool to automatically receive and install
X.509 certificates to enable TLS on servers. The client will
interoperate with the Let's Encrypt CA which will be issuing
browser-trusted certificates for free.
It's all automated:
The tool will prove domain control to the CA and submit a CSR
(Certificate Signing Request).
If domain control has been proven, a certificate will get issued and
the tool will automatically install it.
python-registry was originally written by Willi Ballenthin, a forensicator who
wanted to access the contents of the Windows Registry from his Linux laptop.
python-registry currently provides read-only access to Windows Registry files,
such as NTUSER.DAT, userdiff, and SOFTWARE. The interface is two-fold: a
high-level interface suitable for most tasks, and a low level set of parsing
objects and methods which may be used for advanced study of the Windows
Registry. python-registry is written in pure Python, making it portable across
all major platforms.
Twisted Conch is an SSHv2 implementation written in Python. SSH is a protocol
designed to allow remote access to shells and commands, but it is generic
enough to allow everything from TCP forwarding to generic filesystem access.
Since conch is written in Python, it interfaces well with other Python
projects, such as Imagination. Conch also includes a implementations of the
telnet and vt102 protocols, as well as support for rudamentary line editing
behaviors. A new implementation of Twisted's Manhole application is also
included, featuring server-side input history and interactive syntax coloring.
This is RATS, a rough auditing tool for security, developed by
Secure Software Solutions. It is a tool for scanning source code
(C, C++, Perl, and Python) and flagging common security related
programming errors such as buffer overflows and TOCTOU (Time Of
Check, Time Of Use) race conditions. As its name implies, the tool
performs only a rough analysis of source code. It will not find
every error and will also find things that are not errors. Manual
inspection of your code is still necessary, but greatly aided with
this tool.
signing-party is a collection for all kinds of PGP/GnuPG related things,
including signing scripts, party preparation scripts, etc.
* caff: CA - Fire and Forget signs and mails a key
* pgp-clean: removes all non-self signatures from key
* pgp-fixkey: removes broken packets from keys
* gpg-mailkeys: simply mail out a signed key to its owner
* gpg-key2ps: generate PostScript file with fingerprint paper strips
* gpglist: show who signed which of your UIDs
* gpgsigs: annotates list of GnuPG keys with already done signatures
* keylookup: ncurses wrapper around gpg --search