JOSSO - Java Open Single Sign-On

•    Java

JOSSO is an Open Source Internet SSO solution for rapid and standards-based (SAML) Internet-scale Single Sign-On implementations, allowing secure Internet access to the Web-based applications or services of customers, suppliers, and business partners. It supports Windows authentication, LDAP support.

Ejbca - PKI Certificate Authority software

•    Java

EJBCA is an enterprise class PKI Certificate Authority software. It supports SSL/TLS, Smart card logon to Windows and/or Linux, Signing and encrypting email (SMIME), Mobile PKI, Secure mobile networks and lot more.

Paramiko - The leading native Python SSHv2 protocol library.

•    Python

"Paramiko" is a combination of the Esperanto words for "paranoid" and "friend". It's a module for Python 2.7/3.4+ that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced Telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across the encrypted tunnel (this is how SFTP works, for example).

SecuBat Vulnerability Scanner

SecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.

SecureCookieHttpModule

•    ASPNET

Secure your session cookie (and other session-based) cookies for replay attacks using this easy to use ASP.NET HttpModule.

Single Sign On - 2.0 Web Service Membership Provider

•    DotNet

In short, this is simply a pass-through web service membership provider and role provider library. I've taken advantage of the 2.0 membership provider model to allow pre-existing applications to easily integrate this library. The idea is to have one centrally hosted asp.net we...

AlterGear User and Group Access Management

AlterGear User and Group Access Management keeps a record of various programs / accesss pages and identifies them with a TAG. While programming reference to this library to find out what TAG's the specific user is allowed Features - Add / Edit Groups - Maintain the Programs a...

Shamir Secret Sharing in Java

•    Java

Java implementation of Shamir's Secret Sharing algorithm as described in Applied Cryptography [as LaGrange Interpolating Polynomial Scheme].

archistar-smc - Secret sharing library for the Archistar multi-cloud BFT system.

•    Java

Secure multi-party computation

bolt - ⚡🐧 - Thunderbolt 3 device manager

•    C

Userpsace system daemon to enable security levels for Thunderbolt™ 3 on GNU/Linux®. Thunderbolt™ is the brand name of a hardware interface developed by Intel® that allows the connection of external peripherals to a computer.

nim-httpauth - HTTP Authentication library for Nim

•    Nim

HTTP Authentication library for Nim

nim-libsodium - Nim wrapper for the libsodium library

•    Nim

Testing and PRs are welcome.

burp-molly-scanner - Turn your Burp suite into headless active web application vulnerability scanner

•    Java

The main goal of Burp-molly-scanner is to extend Burp and turn it into headless active scanner.

snuffleupagus - Security module for php7 - Killing bugclasses and virtual-patching the rest!

•    C

Snuffleupagus is a PHP 7+ module designed to drastically raise the cost of attacks against websites, by killing entire bug classes. It also provides a powerful virtual-patching system, allowing administrator to fix specific vulnerabilities and audit suspicious behaviours without having to touch the PHP code. We've got a download page, where you can find packages for your distribution, but you can of course just git clone this repo, or check the releases on github.

django-bruteforce-protection - Bruteforce protection for Django projects based on Redis

•    Python

DjBrut -- simple brutforce protection for Django project. DjBrut use Redis as storage for all counters.

libnitrokey - Communicate with Nitrokey devices in a clean and easy manner

•    C++

libnitrokey is a project to communicate with Nitrokey Pro and Storage devices in a clean and easy manner. Written in C++14, testable with py.test and Catch frameworks, with C API, Python access (through CFFI and C API, in future with Pybind11). The development of this project is aimed to make it itself a living documentation of communication protocol between host and the Nitrokey stick devices. The command packets' format is described here: Pro v0.7, Pro v0.8, Storage. Handling and additional operations are described here: NitrokeyManager.cc.

laravel-password-exposed-validation-rule - 🔒 Laravel validation rule that checks if a password has been exposed in a data breach

•    PHP

This package provides a Laravel validation rule that checks if a password has been exposed in a data breach. It uses the haveibeenpwned.com passwords API via the divineomega/password_exposed library. To install, just run the following Composer command.

password_exposed - 🔒 Password Exposed Helper Function - Check if a password has been exposed in a data breach

•    PHP

This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a password has been exposed in a data breach. The password_exposed package can be easily installed using Composer. Just run the following command from the root of your project.