JOSSO is an Open Source Internet SSO solution for rapid and standards-based (SAML) Internet-scale Single Sign-On implementations, allowing secure Internet access to the Web-based applications or services of customers, suppliers, and business partners. It supports Windows authentication, LDAP support.
security authentication authorization sso single-sign-on security-libraryEJBCA is an enterprise class PKI Certificate Authority software. It supports SSL/TLS, Smart card logon to Windows and/or Linux, Signing and encrypting email (SMIME), Mobile PKI, Secure mobile networks and lot more.
certificate-authority certificate s-mime pki cryptography security ssl"Paramiko" is a combination of the Esperanto words for "paranoid" and "friend". It's a module for Python 2.7/3.4+ that implements the SSH2 protocol for secure (encrypted and authenticated) connections to remote machines. Unlike SSL (aka TLS), SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. You may know SSH2 as the protocol that replaced Telnet and rsh for secure access to remote shells, but the protocol also includes the ability to open arbitrary channels to remote services across the encrypted tunnel (this is how SFTP works, for example).
ssh ssh2 security cryptography opensshSecuBat is a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities.
scanner secubat security sql-injection xssSecure your session cookie (and other session-based) cookies for replay attacks using this easy to use ASP.NET HttpModule.
cookies forms-authentication httpmodule security sessionIn short, this is simply a pass-through web service membership provider and role provider library. I've taken advantage of the 2.0 membership provider model to allow pre-existing applications to easily integrate this library. The idea is to have one centrally hosted asp.net we...
single-sign-on sso authentication securityAlterGear User and Group Access Management keeps a record of various programs / accesss pages and identifies them with a TAG. While programming reference to this library to find out what TAG's the specific user is allowed Features - Add / Edit Groups - Maintain the Programs a...
management security tools usercontrol usergroupJava implementation of Shamir's Secret Sharing algorithm as described in Applied Cryptography [as LaGrange Interpolating Polynomial Scheme].
secret-sharing secret cryptography shamir-secret-sharing securitySecure multi-party computation
secret-sharing secret cryptography shamir-secret-sharing securityUserpsace system daemon to enable security levels for Thunderbolt™ 3 on GNU/Linux®. Thunderbolt™ is the brand name of a hardware interface developed by Intel® that allows the connection of external peripherals to a computer.
thunderbolt daemon securityHTTP Authentication library for Nim
nim nim-lang http authentication authorization securityTesting and PRs are welcome.
nim nim-lang nim-language wrapper library libsodium nacl security cryptographyThe main goal of Burp-molly-scanner is to extend Burp and turn it into headless active scanner.
security burp-extensions vulnerability-scanners automated-testingSnuffleupagus is a PHP 7+ module designed to drastically raise the cost of attacks against websites, by killing entire bug classes. It also provides a powerful virtual-patching system, allowing administrator to fix specific vulnerabilities and audit suspicious behaviours without having to touch the PHP code. We've got a download page, where you can find packages for your distribution, but you can of course just git clone this repo, or check the releases on github.
php7 security hardening elephantDjBrut -- simple brutforce protection for Django project. DjBrut use Redis as storage for all counters.
django bruteforce protection security redis login bruteforce-protectionlibnitrokey is a project to communicate with Nitrokey Pro and Storage devices in a clean and easy manner. Written in C++14, testable with py.test and Catch frameworks, with C API, Python access (through CFFI and C API, in future with Pybind11). The development of this project is aimed to make it itself a living documentation of communication protocol between host and the Nitrokey stick devices. The command packets' format is described here: Pro v0.7, Pro v0.8, Storage. Handling and additional operations are described here: NitrokeyManager.cc.
nitrokey nitrokey-stick-devices hotp security password-vault otp c-plus-plus library encrypted-store cross-platformThis package provides a Laravel validation rule that checks if a password has been exposed in a data breach. It uses the haveibeenpwned.com passwords API via the divineomega/password_exposed library. To install, just run the following Composer command.
data-breach passwords security laravel laravel-5-package laravel-validationThis PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a password has been exposed in a data breach. The password_exposed package can be easily installed using Composer. Just run the following command from the root of your project.
data-breach passwords security helper-functions
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.