Ports Search

CRITs is a web-based tool which combines an analytic engine with a cyber threat database that not only serves as a repository for attack data and malware, but also provides analysts with a powerful platform for conducting malware analyses, correlating malware, and for targeting data. These analyses and correlations can also be saved and exploited within CRITs. CRITs employs a simple but very useful hierarchy to structure cyber threat information. This structure gives analysts the power to 'pivot' on metadata to discover previously unknown related content.

### WHAT IS PHPSECINFO? PHPSecInfo is a PHP environment security auditing tool modeled after the phpsecinfo() function. From a single function call, PHPSecInfo runs a series of tests on your PHP environment to identify potential security issues and offer suggestions. It can be useful as part of a multilayered security approach. #### WHAT IS PHPSECINFO NOT? * It is not a replacement for secure coding practices * It does not audit PHP code * It is not comprehensive test for either your hosting environment or your web application * It is not the "final word." PHPSecInfo identifies *potential* problems and offers suggestions for improvement. Your environment may _require_ certain settings that trigger cautions or warnings.

libpwstor is a library implementing a password storage format for C programmers. This format provides a reasonable level of security by utilizing SHA-256 in addition to a random salt to mitigate dictionary and rainbow table attacks. In addition to the core functionality, libpwstor also offers some additional functions such as Base64 encoding and decoding. All functionality is implemented and designed in such a way as to be easy to use for C programmers of varying skill levels, while preserving reasonable security in the underlying storage format.

The OATH Toolkit contains a shared library, command line tool and a PAM module that makes it possible to build one-time password authentication systems. Supported technologies include the event-based HOTP algorithm and the time-based TOTP algorithm. OATH is the Open AuTHentication organization which specify the algorithms. The components included in the package is: - liboath: A shared and static C library for OATH handling. - oathtool: A command line tool for generating and validating OTPs. - pam_oath: A PAM module for pluggable login authentication for OATH.

Sudoscript provides an audited shell using sudo(8) and script(1). The front end script, sudoshell(1) contacts the daemon, sudoscriptd(8). They agree on the location of a FIFO, which the daemon opens for read. Sudoshell then runs script(1) with the FIFO as a typescript. The daemon stamps each line of the script(1) output with a session id, then passes the data over to another daemon. This daemon timestamps the data and stores it in a log file which is /var/log/sudoscript. This daemon also keeps an eye on the size of log files, and forks a rotator/compressor when it exceeds 2 MBytes.

wpa_supplicant is a client (supplicant) with support for WPA and WPA2 (IEEE 802.11i / RSN). It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/ association of the wlan driver. wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and a text-based frontend (wpa_cli) and a GUI (wpa_gui) are included with wpa_supplicant.

scandir, a better directory iterator and faster os.walk() scandir() is a generator version of os.listdir() that returns an iterator over files in a directory, and also exposes the extra information most operating systems provide while iterating files in a directory (such as type and stat information). This module also includes a version of os.walk() that uses scandir() to speed it up significantly. NOTE: If you're using Python version 3.5+, os.scandir() and the speed improvements to os.walk() are already available in the standard library.

Fanout and fanterm are two utilities that allow you to run commands on multiple machines. The difference is that fanout only runs non-interactive commands (like dd, cat, adduser, uname -a, etc.) and pipelines built of these. The output is collected into a single display that can be viewed by less or redirected to a file. Fanterm, on the other hand, allows you to run interactive text mode commands on multiple machines at the same time. Your keystrokes are sent to a shell or application running on each of the target systems. The output from each system is shown in a separate xterm.

Fcron is a scheduler. It aims at replacing Vixie Cron, so it implements most of its functionalities. But contrary to Vixie Cron, fcron does not need your system to be up 7 days a week, 24 hours a day : it also works well with systems which are not running neither all the time nor regularly (contrary to anacrontab). To do so, fcron allows you to use the standard mode in which you tell it to execute one command at a given date and hour and to make it run a command according to its time of execution, which is normally the same as system up time. This is the stable release.

httplog is a replacement for Apache's 'rotatelogs' and Andrew Ford's 'chronolog'. It allows you to specify a logfile using strftime paramaters in the filename to act as a template. This means that the logs in your logfiles will also be sorted according to the filename. For example, if you specify a logfile of /var/log/http%Y%m%d.log, a new log file would be generated each day, with content for only that one day. It also supports compression of logfiles using gzip, and many other useful functions.