Displaying 1 to 20 from 59 results

oss-fuzz - OSS-Fuzz - continuous fuzzing of open source software

  •    Shell

Status: Beta. We are now accepting applications from widely-used open source projects.Create New Issue for questions or feedback about OSS-Fuzz.

algo - Set up a personal IPSEC VPN in the cloud

  •    Shell

Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices. See our release announcement for more information. The easiest way to get an Algo server running is to let it set up a new virtual machine in the cloud for you.

docker-ipsec-vpn-server - Docker image to run an IPsec VPN server, with IPsec/L2TP and Cisco IPsec

  •    Shell

Docker image to run an IPsec VPN server, with both IPsec/L2TP and Cisco IPsec. Based on Debian 9 (Stretch) with Libreswan (IPsec VPN software) and xl2tpd (L2TP daemon).

setup-ipsec-vpn - Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS

  •    Shell

Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest. An IPsec VPN encrypts your network traffic, so that nobody between you and the VPN server can eavesdrop on your data as it travels via the Internet. This is especially useful when using unsecured networks, e.g. at coffee shops, airports or hotel rooms.




xiringuito - SSH-based "VPN for poors"

  •    Shell

This is the "VPN without VPN" software done using nice built-in capabilities of SSH. Yes! That easy - just pass an SSH server and the list of networks your want to access through this server.

twa - A tiny web auditor with strong opinions.

  •    Shell

A tiny web auditor with strong opinions. You'll need bash 4, curl, dig, and nc, along with a fairly POSIX system.


openvas-docker - A Docker container for Openvas

  •    Shell

A Docker container for OpenVAS on Ubuntu. By default, the latest images includes the OpenVAS Base as well as the NVTs and Certs required to run OpenVAS. We made the decision to move to 9 as the default branch since 8 seems to have many issues in docker. We suggest you use 9 as it is much more stable. Our Openvas9 build was designed to be a smaller image with fewer extras built in. Please note, OpenVAS 8 is no longer being built as OpenVAS 9 is now standard. The image is can still be pulled from the Docker hub, however the source has been removed in this github as is standard with deprecated Docker Images. In the output, look for the process scanning cert data. It contains a percentage.

docker-onion-nmap - Scan

  •    Shell

Use nmap to scan hidden "onion" services on the Tor network. Minimal image based on alpine, using proxychains to wrap nmap. Tor and dnsmasq are run as daemons via s6, and proxychains wraps nmap to use the Tor SOCKS proxy on port 9050. Tor is also configured via DNSPort to anonymously resolve DNS requests to port 9053. dnsmasq is configured to with this localhost:9053 as an authority DNS server. Proxychains is configured to proxy DNS through the local resolver, so all DNS requests will go through Tor and applications can resolve .onion addresses. When the container boots, it launches Tor and dnsmasq as daemons. The tor_wait script then waits for the Tor SOCKS proxy to be up before executing your command.

inox-patchset - Inox patchset tries to provide a minimal Chromium based browser with focus on privacy by disabling data transmission to Google

  •    Shell

Inox patchset is applied on the chromium source code and tries to prevent data transmission to Google to get a minimal Chromium based browser. The patches are split up based on features, so it's easy to patch only a subset of them. It is possible that some data is still transmitted (but down to a minimum) this is because Chromium is a quite large and complex codebase which changes each day.

hardening - Hardening Ubuntu. Systemd edition.

  •    Shell

A quick way to make a Ubuntu server a bit more secure. Tested on 17.10 Artful Aardvark, 18.04 Bionic Beaver and 18.10 Cosmic Cuttlefish (under development).

quick-secure - Quickly secure UNIX/Linux systems

  •    Shell

Quick NIX Secure Script is used to harden and secure basic permissions and ownership on the fly. This script can be used during boot up, cron, bootstrapping, kickstart, jumpstart and during other system deployments. I recommend using CM tools like Puppet or Ansible, but this is still nice. Many times in (prod)uction world prior admins harden without automation or towards an industry baseline. This is to help get to a point of standardization and quickly set or reset basic system security.

vpndemon - Monitor a VPN connection on Linux and kill a process upon disconnect

  •    Shell

VPNDemon monitors your VPN connection and kills a target program upon disconnect. It's the safest and easiest way to help prevent DNS leaks and enhance your security while connected over a VPN. Since the NetworkManager is being listened to, directly via the dbus-monitor, disconnect events are detected almost instantly. Likewise, the target process is killed almost instantly.

sysechk - System Security Checker is a bundle of small shell scripts to assess your computer security

  •    Shell

System Security Checker is a bundle of small shell scripts to assess your computer security. Clone the latest version of sysechk.

ansible-role-firewall - Ansible Role - iptables Firewall configuration.

  •    Shell

Installs an iptables-based firewall for Linux. Supports both IPv4 (iptables) and IPv6 (ip6tables). This firewall aims for simplicity over complexity, and only opens a few specific ports for incoming traffic (configurable through Ansible variables). If you have a rudimentary knowledge of iptables and/or firewalls in general, this role should be a good starting point for a secure system firewall.

wazuh-docker - Wazuh - Docker containers

  •    Shell

In addition, a docker-compose file is provided to launch the containers mentioned above. It also launches an Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images. Containers are currently tested on Wazuh version 3.3.0 and Elastic Stack version 6.2.4. We will do our best to keep this repository updated to latest versions of both Wazuh and Elastic Stack.

git-hooks - github_email_verify: Avoid committing to github with your corporate email

  •    Shell

This hook reminds you if you forgot to change your local personal email on a github repo, but you still want to use your professional email globally on your system. We've created this hook after we had, yet again, to rewrite history by removing the professional email from public github commits.

bad_json_parsers - Exposing problems in json parsers of several programming languages.

  •    Shell

Exposing problems in json parsers of several programming languages. Many JSON parsers (and many parsers in general) use recursion to parse nested structures. This is very convenient while programming the parser, but it has consequenses on what the parser can parse: indeed, the size of the call stack is usually limited to a value several orders of magnitude smaller than the available RAM, and this implies that a program with too many levels of recursion will fail.