Taint is a good thing. However, few people use taint even though they should.
The goal of this module isn't to use taint less, but to actually encourage its
use more.
This module aims to make using taint as painless as possible (This can be an
argument against it - often implementation of security implies pain - so taking
away pain might lessen security - sort of).
getdns is a modern asynchronous DNS API.
It implements DNS entry points from a design developed and vetted by application
developers, in an API specification edited by Paul Hoffman. With the development
of this API, we intend to offer application developers a modernized and flexible
way to access DNS security (DNSSEC) and other powerful new DNS features;
a particular hope is to inspire application developers towards innovative
security solutions in their applications.
Your computer has been invaded! Dozens of little viruses are pouring in
via security holes in Microsoft Internet Explorer, Microsoft Outlook,
Microsoft MSN Messenger and Microsoft Recycle Bin!! Using your trusty
mouse you must shoot the buggers before they can destroy your files!
Some will steal them from their home directories and take them back to
their security hole. Others will just eat them right there on the spot!
See how long you and your computer can survive the onslaught!
OpenConnect server (ocserv) is an SSL VPN server. Its purpose is
to be a secure, small, fast and configurable VPN server. It implements
the OpenConnect SSL VPN protocol, and has also (currently experimental)
compatibility with clients using the AnyConnect SSL VPN protocol.
The OpenConnect protocol provides a dual TCP/UDP VPN channel, and
uses the standard IETF security protocols to secure it. Both IPv4
and IPv6 are supported.
Ocserv's main features are security through provilege separation
and sandboxing, accounting, and resilience due to a combined use
of TCP and UDP. Authentication occurs in an isolated security
module process, and each user is assigned an unprivileged worker
process, and a networking (tun) device. That not only eases the
control of the resources of each user or group of users, but also
prevents data leak (e.g., heartbleed-style attacks), and privilege
escalation due to any bug on the VPN handling (worker) process. A
management interface allows for viewing and querying logged-in
users.
hping is a command-line oriented TCP/IP packet assembler/analyzer.
The interface is inspired to the ping(8) Unix command, but hping isn't
only able to send ICMP echo requests. It supports TCP, UDP, ICMP and
RAW-IP protocols, has a traceroute mode, the ability to send files
between a covered channel, and many other features.
While hping was mainly used as a security tool in the past, it can be
used in many ways by people that don't care about security to test
networks and hosts.
hping3 adds the TCL scripting feature.
Boa is a single-tasking HTTP server. That means that unlike
traditional web servers, it does not fork for each incoming
connection, nor does it fork many copies of itself to handle multiple
connections. It internally multiplexes all of the ongoing HTTP
connections, and forks only for CGI programs (which must be separate
processes.) Preliminary tests show boa is about twice as fast as
Apache, and is capable of handling 50 hits per second on a 66 MHz '486.
The primary design goals of Boa are speed and security. Security,
in the sense of "can't be subverted by a malicious user", not "fine
grained access control and encrypted communications".
listener is a typical security-related program like the motion package
(which detects motion on a Webcam): it listens for sound. If it detects
any, it starts recording until the sound stops (or a bit later, which is
configurable). It stores the audio in .WAV files.
Joins up multiple wav file sound clips of letters/numbers being spoken,
optionally adding distortion and echo. This could be use to complement
an image-based CAPTCHA to enable people who are unable to read the security
image hear it read out instead.
dumpasn1 is an ASN.1 parser which dumps the contents of an ASN.1-encoded
file, as well as interpreting the OIDs contained in the file into
human-readable format. Dumpasn1 is intended for examining the contents
of PKI certificates and comes with a full list of security-related OIDs,
but can be easily extended to parse other OIDs as well.
Web sites are often hosted on servers where bzr can't be installed.
In other cases, the web site must not give access to its corresponding
branch (for security reasons for example). Finally, web hosting
providers often provides only ftp access to upload sites.
This plugin uploads only the relevant changes in your working tree
since the last upload using ftp or sftp protocols.