Ports Search

This is the base class for a system of objects that encapsulate passphrases. An object of this type is a passphrase recogniser: its job is to recognise whether an offered passphrase is the right one. For security, such passphrase recognisers usually do not themselves know the passphrase they are looking for; they can merely recognise it when they see it. There are many schemes in use to achieve this effect, and the intent of this class is to provide a consistent interface to them all, hiding the details. The CPAN package Authen::Passphrase contains implementations of several specific passphrase schemes in addition to the base class.

This module provides a single command for generating random password that is close enough to a real word that it is easy to remember. It does this by using the frequency of letter combinations in a language (the frequency table is generated during installation although multiple tables can be generated and used for different languages). This module should not be used for high security applications (such as user accounts) since it returns passwords that are not mixed case, have no punctuation and no letters. This word can be used as a basis for a more secure password. The language of the password depends on the language used to construct the frequency table.

Bro is an open-source, Unix-based Network Intrusion Detection System (NIDS) that passively monitors network traffic and looks for suspicious activity. Bro detects intrusions by first parsing network traffic to extract its application-level semantics and then executing event-oriented analyzers that compare the activity with patterns deemed troublesome. Its analysis includes detection of specific attacks (including those defined by signatures, but also those defined in terms of events) and unusual activities (e.g., certain hosts connecting to certain services, or patterns of failed connection attempts). Bro is documented in the USENIX 1998 Security Conference proceedings.

Digest:: HMAC --------------------------------- This package provide modules which calculate HMAC digests. To build the extensions, unpack this distribution somewhere, create the Makefile by running 'perl Makefile.PL' and do a 'make', 'make test', and if successful 'make install'. You will need perl version 5.004 or better to install these modules. Further documentation is embedded in the individual modules. Copyright 1998-1999 Gisle Aas. Copyright 1998 Graham Barr. Copyright 1997 Uwe Hollerbach. Copyright 1995-1996 Neil Winton. Copyright 1990-1992 RSA Data Security, Inc. This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

Net::Daemon is an abstract base class for implementing portable server applications in a very simple way. The module is designed for Perl 5.005 and threads, but can work with fork() and Perl 5.004. The Net::Daemon class offers methods for the most common tasks a daemon needs: Starting up, logging, accepting clients, authorization, restricting its own environment for security and doing the true work. You only have to override those methods that aren't appropriate for you, but typically inheriting will safe you a lot of work anyways.

Keyczar is an open source cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications. Keyczar supports authentication and encryption with both symmetric and asymmetric keys. Some features of Keyczar include: * A simple API * Key rotation and versioning * Safe default algorithms, modes, and key lengths * Automated generation of initialization vectors and ciphertext signatures * Java, Python, and C++ implementations * International support in Java (Python coming soon) Keyczar was originally developed by members of the Google Security Team and is released under an Apache 2.0 license.

This package provides an interface to the cracklib (libcrack) libraries that come standard on most Unix-like distributions. This allows you to check passwords against dictionaries of words to ensure some minimal level of password security. From the cracklib README CrackLib makes literally hundreds of tests to determine whether you've chosen a bad password. * It tries to generate words from your username and gecos entry to tries to match them against what you've chosen. * It checks for simplistic patterns. * It then tries to reverse-engineer your password into a dictionary word, and searches for it in your dictionary. - after all that, it's PROBABLY a safe(-ish) password. 8-)

Tor: an anonymizing overlay network for TCP Tor is a connection-based low-latency anonymous communication system which addresses many flaws in the original onion routing design. Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

RHash is a console utility and library for computing and verifying hash sums of files. It supports CRC32, MD4, MD5, SHA1, SHA256, SHA512, SHA3, Tiger, TTH, Torrent BTIH, AICH, ED2K, GOST R 34.11-94, RIPEMD-160, HAS-160, EDON-R 256/512, Whirlpool, and Snefru-128/256 hash sums. Its features are: * Can calculate Magnet links * Output in a predefined (SFV, BSD-like) or a user-defined format * Ability to process directories recursively * Updating existing hash-files (adding hash sums of files missing in a hash-file) * Portable, written in pure C, small in size, open source (MIT license) Perl wrapper is available as `security/p5-Crypt-RHash' port.

The Metasploit Framework The Metasploit Framework is an open source platform that supports vulnerability research, exploit development, and the creation of custom security tools. The goal is to provide useful information to people who perform penetration testing, IDS signature development, and exploit research. This site was created to fill the gaps in the information publicly available on various exploitation techniques and to create a useful resource for exploit developers. The tools and information on this site are provided for legal penetration testing and research purposes only.