Ports Search

Net::Daemon is an abstract base class for implementing portable server applications in a very simple way. The module is designed for Perl 5.005 and threads, but can work with fork() and Perl 5.004. The Net::Daemon class offers methods for the most common tasks a daemon needs: Starting up, logging, accepting clients, authorization, restricting its own environment for security and doing the true work. You only have to override those methods that aren't appropriate for you, but typically inheriting will safe you a lot of work anyways.

Binwalk is a tool for searching a given binary image for embedded files and executable code. Specifically, it is designed for identifying files and code embedded inside of firmware images. Binwalk uses the libmagic library, so it is compatible with magic signatures created for the Unix file utility. Binwalk also includes a custom magic signature file which contains improved signatures for files that are commonly found in firmware images such as compressed/archived files, firmware headers, Linux kernels, bootloaders, filesystems, etc. More details are available at:

Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections. Suhosin is binary compatible to normal PHP installation, which means it is compatible to 3rd party binary extension like ZendOptimizer.

This package provides an interface to the cracklib (libcrack) libraries that come standard on most Unix-like distributions. This allows you to check passwords against dictionaries of words to ensure some minimal level of password security. From the cracklib README CrackLib makes literally hundreds of tests to determine whether you've chosen a bad password. * It tries to generate words from your username and gecos entry to tries to match them against what you've chosen. * It checks for simplistic patterns. * It then tries to reverse-engineer your password into a dictionary word, and searches for it in your dictionary. - after all that, it's PROBABLY a safe(-ish) password. 8-)

Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging by providing: * Encryption No one else can read your instant messages. * Authentication You are assured the correspondent is who you think it is. * Deniability The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified. * Perfect forward secrecy If you lose control of your private keys, no previous conversation is compromised.

In short: getting and installing SSL/TLS certificates made easy. The Let's Encrypt Client is a tool to automatically receive and install X.509 certificates to enable TLS on servers. The client will interoperate with the Let's Encrypt CA which will be issuing browser-trusted certificates for free. It's all automated: The tool will prove domain control to the CA and submit a CSR (Certificate Signing Request). If domain control has been proven, a certificate will get issued and the tool will automatically install it.

python-registry was originally written by Willi Ballenthin, a forensicator who wanted to access the contents of the Windows Registry from his Linux laptop. python-registry currently provides read-only access to Windows Registry files, such as NTUSER.DAT, userdiff, and SOFTWARE. The interface is two-fold: a high-level interface suitable for most tasks, and a low level set of parsing objects and methods which may be used for advanced study of the Windows Registry. python-registry is written in pure Python, making it portable across all major platforms.

Twisted Conch is an SSHv2 implementation written in Python. SSH is a protocol designed to allow remote access to shells and commands, but it is generic enough to allow everything from TCP forwarding to generic filesystem access. Since conch is written in Python, it interfaces well with other Python projects, such as Imagination. Conch also includes a implementations of the telnet and vt102 protocols, as well as support for rudamentary line editing behaviors. A new implementation of Twisted's Manhole application is also included, featuring server-side input history and interactive syntax coloring.

This is RATS, a rough auditing tool for security, developed by Secure Software Solutions. It is a tool for scanning source code (C, C++, Perl, and Python) and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. As its name implies, the tool performs only a rough analysis of source code. It will not find every error and will also find things that are not errors. Manual inspection of your code is still necessary, but greatly aided with this tool.

signing-party is a collection for all kinds of PGP/GnuPG related things, including signing scripts, party preparation scripts, etc. * caff: CA - Fire and Forget signs and mails a key * pgp-clean: removes all non-self signatures from key * pgp-fixkey: removes broken packets from keys * gpg-mailkeys: simply mail out a signed key to its owner * gpg-key2ps: generate PostScript file with fingerprint paper strips * gpglist: show who signed which of your UIDs * gpgsigs: annotates list of GnuPG keys with already done signatures * keylookup: ncurses wrapper around gpg --search