Semantic search

Jump to: navigation, search


AE-DIR
Authorized Entities Directory (ร†-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP Objectives:
  • Strictly follow need to know and least privilege principles
  • Agile data maintenance by consequent delegation of manageable small areas
  • Provide meaningful audit trails for compliance checks
  • Secure defaults
AIM Sniff
AIM Sniff is a utility for monitoring and archiving AIM and MSN messages across a network. It can be used to monitor for cases of harassment or warez trading. It has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an IM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with IM login names (handles).
Adblock Plus
Antifeature: Tracking comment

Adblock Plus is ineffective for surveillance protection by default as it comes with Acceptable Ads enabled: These ads are not meant to be "ads that don't track you".

Blocks banners, pop-ups, tracking, malware. By default, nonintrusive ads aren't blocked in order to support websites.

The add-on is supported by over forty filter subscriptions in dozens of languages which automatically configure it for purposes ranging from removing online advertising to blocking all known malware domains. Adblock Plus also allows you to customize your filters with the assistance of a variety of useful features, including a context option for images, a block tab for Flash and Java objects, and a list of blockable items to remove scripts and stylesheets.

Starting with Adblock Plus 2.0 there is an option in Filter Preferences to allow some non-intrusive advertising. The goal is to support websites using non-intrusive ways to advertise and to encourage more websites to do the same.
Aiodns
Supports A, AAAA, ANY, CNAME, MX, NAPTR, NS, PTR, SOA, SRV, and TXT DNS queries.
Anastasis , Heckert gnu.tiny.png
Anastasis is a key recovery system that allows the user to securely deposit shares of a core secret with an open set of escrow providers, to recover it if the secret is lost. The core secret itself is protected from the escrow providers by giving each provider only part of the information, and additionally by encrypting it with an identity-based key unknown to the providers.
And-httpd
And-httpd is an HTTP server that maps URLs to files. In other words, in can take an incoming URL and map it to a file in a number of ways (for example, according to content type or language). It can also do authentication or IP based ACLs. It cannot do CGI or other kinds of code execution. It cannot even dynamically create directory listings (although it comes with external tools to do so automatically, and to create a "status page"). It currently has a $2000 "security guarantee" against remote attacks.
Anontwi
Anontwi - is a tool for OAuth2 applications (such as: GNUSocial, Twitter...) that provides different layers of encryption and privacy methods.
Apf
'apf' (active port forwarder) uses SSL for secure packet tunneling. It is meant for users without an external IP who want to make some services available on the Internet. afserver is placed on the machine with a publicly accessible address. afclient is then placed on the machine behind a firewall or masquerade, which makes the second machine visible to the Internet. You do not need root privileges to run afserver, nor does it use other processes. It uses 'zlib' to compress the transferred data.
App Manager
== Features ==

General features

  • Material design 3
  • Displays as much information as possible in the main page
  • Lists activities, broadcast receivers, services, providers, app ops, permissions, signatures, shared libraries, etc. of an application
  • Launch activities and services
  • Create shortcuts of activities
  • Intercept activities
  • Scan for trackers and libraries in apps and list (all or only) tracking classes (and their code dump)
  • View/save the manifest of an app
  • Display app usage, data usage (mobile and wifi), and app storage info (requires โ€œUsage Accessโ€ permission)
  • Install/uninstall APK files (including APKS, APKM and XAPK with OBB files)
  • Share APK files
  • Back up/restore APK files
  • Batch operations
  • Single-click operations
  • Logcat viewer
  • Profiles (including presets for quick debloating)
  • Open an app in Aurora Store or in your favourite F-Droid client directly from App Manager
  • Sign APK files with custom signatures before installing
  • Backup encryption: OpenPGP via OpenKeychain, RSA (hybrid encryption with AES) and AES.

Root/ADB-only features

  • Revoke runtime (AKA dangerous) and development permissions
  • Change the mode of an app op
  • Display/kill/force-stop running apps or processes
  • Clear app data or app cache
  • View/change net policy
  • Control battery optimization

Root-only features

  • Block any activities, broadcast receivers, services, or providers of an app with native import/export as well as Watt and Blocker import support
  • View/edit/delete shared preferences of any app
  • Back up/restore apps with data, rules and extras (such as permissions, battery optimization, SSAID, etc.)
  • View system configurations including blacklisted or whitelisted apps, permissions, etc.
  • View/change SSAID.
ArgusEye
ArgusEye is a GUI for some of the features of Argus. Argus is a powerful suite of tools for transaction-based network auditing. ArgusEye aims at supporting daily work with Argus by providing a graphical user interface.
ArkOS
arkOS is a lightweight GNU/Linux-based operating system, initially targeted to run on a Raspberry Pi, intended to make self-hosting server software as easy as possible. It has different components that interact to achieve these ends, chief among them an integrated application called Genesis which graphically manages the server and its components. With Genesis, users can easily add/remove server software, manage websites, change system settings and more from a reliable visual interface that's easy to use. arkOS puts a focus on user's experience, requiring no command line experience to run well. In the future, users will also be able to host their email accounts, chat accounts, and social networking profiles from an arkOS server just as easily.
Arpalert
'arpalert' listens on a network interface, catches all conversations of MAC address to IP request, and compares the MAc addresses it detected with a pre-configured list of authorized addresses. If the address is not on this list, arpalert launches an alert script with the MAC address and IP address as parameters. 'arpalert' can run in daemon mode and is very fast (low CPU and memory consumption). It responds at signal SIGHUP (configuration reload) and at signals SIGTERM, SIGINT, SIGQUIT and SIGABRT (Kwhere it stops itself).
AuthPass
Easily and securely keep track of all your Passwords! AuthPass is a stand alone password manager with support for the popular and proven KeePass (kdbx 3.x AND kdbx 4.x ๐ŸŽ‰๏ธ) format. Store your passwords, share across all your devices and easily find them whenever you need to login. ๐Ÿ—„ All your passwords in one place. Generate secure random passwords for each of your accounts. ๐Ÿ” Quick Unlock secured with biometric lock. ๐Ÿ” Keep track of your accounts across the web. ๐Ÿ“‚ Open multiple password files at the same time (e.g. one for work, one for personal - or even share your password files with coworkers) Open Source available on https://github.com/authpass/authpass/ ๐Ÿ”ฆ Dark Theme ๐Ÿ˜Ž๏ธ
AutoFW
If you are a broadband or dial-up user who doesn't have a firewall script, you need to get one to protect yourself. AutoFW is intended to help you do that with no hassles. Many people when connecting to the internet need a firewall script made for them so they can surf the net without being susceptible to various attacks. Most, if not all (until now :-), of the existing scripts are written for a large range of requirements and require some tweaking to make them work for a specific user. However many users do not know which parameters to fill in the script config file. AutoFW intends to provide a simple firewall script that you just need to fire and forget. You make sure to run it on computer start-up or just before connecting to the net, and it will detect network condition and setup appropriate firewall rules for you. In order to be "smart" AutoFW has to be limited, the current scope of AutoFW are standard broadband connections, it will also cover dial-up users and stand-alone servers.
Bitwarden-ruby
bitwarden-ruby is a server application for storing credentials, especially web-based login details. It includes an independent API reference. Compatible browser plugins can retrieve and fill in login credentials based on the current URL. bitwarden-ruby is a replacement for bitwarden-core, a freely licensed server application with a non-free dependency (the SQL Server database).
Bleachbit
BleachBit deletes unnecessary files to free valuable disk space, maintain privacy, and remove junk. It removes cache, Internet history, temporary files, cookies, and broken shortcuts. Some common uses include:
  • Free disk space
  • Reduce the size of backups and the time to create them by removing unnecessary files
  • Maintain privacy
  • Improve system performance (by vacuuming your browser's database, for example)
  • Prepare whole disk images for compression (common for "ghost" backups and virtual machines) by wiping free disk space
Briar
Briar is a messaging app designed for activists, journalists, and anyone else who needs a safe, easy and robust way to communicate. Unlike traditional messaging apps, Briar doesn't rely on a central server - messages are synchronized directly between the users' devices. If the internet's down, Briar can sync via Bluetooth or Wi-Fi, keeping the information flowing in a crisis. If the internet's up, Briar can sync via the Tor network, protecting users and their relationships from surveillance.
Bup
'bup' is a patch for bash that modifies the shell to send all user keystrokes via UDP over the network for collection by a sniffer or a syslogd server. It does not depend on syslogd to send the packets.
Chameleon Addon
Chameleon is a WebExtension port of the popular Firefox addon Random Agent Spoofer. The UI is near identical and contains most of the features found in the original extension.
ChangePassword
ChangePassword modifies the passwords of passwd, Samba, and Squid through the Web. All passwords are syncronized and changed in real time over a browser like Mozilla, Netscape, IE, Opera, and others.
Cjdns
Cjdns implements an encrypted IPv6 network using public key cryptography for address allocation and a distributed hash table for routing. This provides near zero-configuration networking without many of the security and robustness issues that regular IPv4 and IPv6 networks have. Hyperboria is the largest cjdns network, with hundreds of active nodes around the world.
Clipperz
Clipperz is a web based password manager. Local encryption within the browser guarantees that no one except you can read your data. With Clipperz you can quickly login to websites, as well as organize and store logins and any confidential data.
Conversations.im
Conversations is a Jabber/XMPP client for Android 5.0+ smartphones that has been optimized to provide a unique mobile experience. A port to iOS is envisaged in the medium-term future. Conversations allows you to easily send images, show if your contact has received and read your message, permit dynamic history and handles multiple devices (especially sync with desktop clients), allow you to create group chats and support one-to-one Audio/Video calls ! And thanks to the XMPP Protocol (that is a push protocol) you battery life is safe. Conversations also does not require a Google Account or specifically Google Cloud Messaging (GCM). Using the XMPP federated protocol, you can freely choose a trustworthy server (your own if you want) for yourself while still chatting with contacts that are using other servers. The communication between Conversations and the XMPP server as well as the communication between the individual servers is TLS encrypted. This way, not only your messages are safe but more importantly it is impossible for an outside attacker to intercept your meta data (with whom you are chatting) without attacking your server first. On top of that, Conversations gives you the choice to enable one of two end-to-end encryption mechanisms. The first one is OMEMO, a state of the art multi-end-to-multi-end encryption method which is very easy to setup and gives you forward secrecy and plausible deniability. For backwards compatibility reasons Conversations also supports OpenPGP.
Cowloop
The cowloop-driver is a copy-on-write loop driver (block device) which can be used on top of any other block driver. It shields the lower driver from any write access and diverts all write-accesses to an arbitrary regular file, called the cowfile. When a modified block is read again later on, the cowloop-driver gets the block from the cowfile, while non-modified blocks are obtained from the original read-only device. This lets block-devices be used in a read-write fashion without modifying the underlying block-device itself.
Crowdsec
Crowdsec is a firewall and behaviour detection system that uses a shared IP address reputation database in order to identify potential threats. User can instruct Crowdsec to watch certain logs, including both operating system logs and logs for specific applications. These are analysed for potential security threats, and the source IP address of any suspicious activity may be uploaded to a shared reputation database. Likewise, the user can download this shared database to benefit from lists of known suspicious hosts. Crowdsec includes so-called 'bouncers' to block certain IP addresses from accessing services, thus forming a reputation-based firewall. As the bouncer and detection components are separate programs and can remotely communicate, Crowdsec may be appropriate for embedded applications where the host to be protected is not powerful enough to detect potential threats itself; the log analysis can be done on another, more powerful system.
Cryptmount
cryptmount assists system administrators in setting up encrypted filesystems based on the device mapper (dm-crypt) of GNU/Linux systems using a 2.6-series kernel. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel and libgcrypt library) can be used to protect both the filing system and the access key. The protected filing systems can reside in either ordinary files or disk partitions.
Crypton
Crypton is a software framework for remote storage, where the remote server has no knowledge of what is being stored. The content is encrypted client-side before it reaches the server. The framework is designed to be easy for application developers to use, without needing experience in encryption.
Cutter
'Cutter' lets network administrators close TCP/IP connections running over an iptables firewall. It closes the connection in such a way as to lead both ends (client and server) to believe that it was aborted by the other.
D4N155
On the abstract we can presume that this isnโ€™t just another pentest tool this is a truly powerful tool, that integrate various key features of another projects and ideas of the developers and aggregate then in a same place.
Dans Guardian
DansGuardian is designed to be completely flexible and allows you to tailor the filtering to your exact needs. It can be as draconian or as unobstructive as you want. The default settings are geared towards what a primary school might want but DansGuardian puts you in control of what you want to block. DansGuardian is a true web content filter.
Decentraleyes
Protects you against tracking through "free", centralized, content delivery. It prevents a lot of requests from reaching networks like Google Hosted Libraries, and serves local files to keep sites from breaking. Complements regular content blockers. Technical Information - Supported Networks: Google Hosted Libraries, Microsoft Ajax CDN, CDNJS (Cloudflare), jQuery CDN (MaxCDN), jsDelivr (MaxCDN), Yandex CDN, Baidu CDN, Sina Public Resources, and UpYun Libraries. - Bundled Resources: AngularJS, Backbone.js, Dojo, Ember.js, Ext Core, jQuery, jQuery UI, Modernizr, MooTools, Prototype, Scriptaculous, SWFObject, Underscore.js, and Web Font Loader. FAQ If you're using uMatrix, Edit in and Commit these lines to My rules in the Dashboard: (Please note that each line must also START with a '*' character but this Wiki is broken and does not allow to render this properly!)
  • ajax.aspnetcdn.com script allow
  • ajax.googleapis.com script allow
  • ajax.microsoft.com script allow
  • cdn.jsdelivr.net script allow
  • cdnjs.cloudflare.com script allow
  • code.jquery.com script allow
  • lib.sinaapp.com script allow
  • libs.baidu.com script allow
  • upcdn.b0.upaiyun.com script allow
  • yandex.st script allow
  • yastatic.net script allow
Note: Decentraleyes currently only bundles scripts, and if you want other resources to load you need to change script in the above rules to * and disable "Block requests for missing resources" in the Decentraleyes preferences. This will however result in network requests to these CDNs. If you use uBlock0 it shouldn't normally block these resources, but if you enable Advanced mode you might have a rule to block third-party scripts by default. Unlike with uMatrix we can't whitelist only scripts for individual hosts, but you can still control whether other resources are loaded with "Block requests for missing resources" in the Decentraleyes preferences. We also have the ability to let normal filtering take place as opposed to completely whitelisting everything from these domains: (Please note that each line must also START with a '*' character but this Wiki is broken and does not allow to render this properly!)
  • ajax.aspnetcdn.com * noop
  • ajax.googleapis.com * noop
  • ajax.microsoft.com * noop
  • cdn.jsdelivr.net * noop
  • cdnjs.cloudflare.com * noop
  • code.jquery.com * noop
  • lib.sinaapp.com * noop
  • libs.baidu.com * noop
  • upcdn.b0.upaiyun.com * noop
  • yandex.st * noop
  • yastatic.net * noop
With these rules, uBlock0 in Advanced mode will behave as in "normal" mode for these particular CDNs, which is usually what you want, but if you prefer you can change noop above to allow to ensure nothing from Decentraleyes is blocked.
DsaCheck
dsacheck is a python program that will check all the packages on a Debian system. Dsacheck will download dynamically the DSA (Debian Security Alert) news from the security webpage and build a list that will be compared to the locally installed packages. You can use it easily in a CRON job.
DsaLib
dsalib is a module for Python that retrieves all the details for each Debian alert published on Debian's security website (http://security.debian.org), parses it, and put it in an exploitable/queryable way.
DuckDuckGo (HTML SSL)
DuckDuckGo is the search engine that doesn't track you.
DuckDuckGo (Lite SSL)
DuckDuckGo is the search engine that doesn't track you. We also have smarter answers and less clutter. This extension adds DuckDuckGo (non-JS Lite version) to the search bar. For more features, see the DuckDuckGo Plus add-on. Enjoy!
Feather
Feather is a free Monero wallet for GNU/Linux, Tails, macOS and Windows. It has many useful features and it is focused on privacy and security, it works through Tor network and websocket connection
Fingerd
This is a much updated version of Mike Shanzer's fingerd-1.3. It is almost completely rewritten, well-debugged (i.e., more secure), and quite configurable. It supports ACLs, a message-of-the-day file, the ability to run programs for given user-IDs, and a full set of command-line options that make it mostly compatible with modern BSD versions. It is portable, uses GNU Autoconf and GNU Automake for builds, and it comes with a ready-to-use BSD makefile too.
Firestorm
Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible.
Firewall Builder 2
This is a candidate for deletion: Homepage broken. Sourceforge notes state developers have stopped development. There is current activity on sourceforge, but last maintainer activity in 2015. Poppy-one (talk) 13:18, 30 July 2018 (EDT) Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It lets users maintain a database of objects and allows policy editing using drag-and-drop. This provides a consistent abstract model and the same GUI for different firewall platforms. Firewall Builder provides XML DTD and C++ API library that support abstraction of network objects and generalized firewall policies. Firewall Builder currently supports iptables, ipfilter, ipfw, and OpenBSD pf.
Free S WAN
GNU/Linux FreeS/WAN is an implementation of IPSEC (Internet Protocal SECurity) and IKE for GNU/Linux systems. It uses strong cryptography to provide both authentication and encryption; authentication ensures that packets are from the right sender and have not been altered in transit, and encryption prevents unauthorised reading of packet contents. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the IPSEC gateway machine and decrypted by the gateway at the other end. The result is Virtual Private Network or VPN. This network is effectively private even though it includes machines at several different sites connected by the insecure Internet. Several companies are co-operating in the Secure Wide Area Network (S/WAN) project to ensure that products will interoperate. There is also a VPN Consortium fostering cooperation among companies in this varea. The primary objective is to help make IPSEC widespread by providing source code which is freely available, runs on a range of machines including ubiquitous cheap PCs, and is not subject to US or other nations' export restrictions.
Free Software Directory search
The Free Software Directory is a catalog of useful free software that runs under free operating systems. FSF staff and volunteers work together to collect detailed information about free software programs and organize it in a clear and accessible format. This is a search plugin for the Free Software Directory. A program is free software if the program's users have the four essential freedoms: 1) The freedom to run the program as you wish, for any purpose (freedom 0). 2) The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. 3) The freedom to redistribute copies so you can help your neighbor (freedom 2). 4) The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
FreeTube
FreeTube is a free software desktop YouTube player built with privacy in mind. Use YouTube without advertisments and prevent Google tracking from you with their cookies and JavaScript. Available for Windows, Mac & GNU/Linux thanks to Electron.
FreeWAF
FreeWAF is a reverse proxy WAF built using the OpenResty stack. It uses the Nginx Lua API to analyze HTTP request information and process against a flexible rule structure. FreeWAF is distributed with a ruleset that mimics the ModSecurity CRS, as well as a few custom rules built during initial development and testing. FreeWAF was initially developed by Robert Paprocki for his Master's thesis at Western Governor's University.
Freebeltane
Beltane v1 was distributed under the GPL. Unfortunately, its authors have decided to distribute Beltane v2 under a non-free license (no redistribution), and their web pages prominently mention v2. Thus, this project starts with Beltane v1, and sticks to free software references. Samhain, the package for which it is a frontend, remains free. As of November 12, 2004, this project has no maintainer. Please email (karl@gnu.org) if you are interested in becoming the maintainer; the original authors appear to be making only occasional bug fixes to v1 at this point.
Freenet
hyphanet allows efficient distribution of information over the Internet without fear of censorship. Freenet is completely decentralized: there is no entity in control of, or essential to, Freenet so there's no central point that would collapse the entire system if attacked. It is hard to remove single pieces of information from Freenet, since it's difficult to determine which computer is storing any given piece of information. Trying to determine where information is stored results in that information spreading to other nodes within Freenet (usually the opposite of what you want to happen). Both authors and readers of information on Freenet can remain anonymous if they wish. Freenet also employs intelligent routing and caching, meaning that it learns to route requests more efficiently, automatically mirrors popular data, makes network flooding almost impossible, and moves data to where it is in greatest demand.
Freewvs
freewvs is a tool to search webroots for know vulnerable versions of web applications.
FriendlyCaptcha
From the website: FriendlyCaptcha is a tool for preventing spam on your website. Other CAPTCHAs are a burden on your users, FriendlyCaptcha respects your users. FriendlyCaptcha is a proof-of-work based CAPTCHA in which the user's device does all the work.
GAdmin-ProFTPD
GAdmin-ProFTPD is a GTK+ frontend for the ProFTPD standalone server. It gives admins access to virtual hosting and eight layers of security, including chrooted users and encrypted transfers on both the data and/or control channels.
GMM
The Guarded Memory Move tool is useful for studying buffer overflows and catching them together with a "good" stack image. Once a stack overflow has been exploited, the back trace is already gone, as is information about parameters and local variables that are very important in understanding how the attacker is working out the exploit. The GMM library uses dynamic function call interception to catch the most common functions that attackers use to exploit stack buffers. It uses the LD_PRELOAD capability and offers two services: first, it avoids buffer overflow to allow the attacker to execute shell-code on your machine. Second, where an exploit is detected, it saves the stack content and triggers a segmentation fault. The resulting core dump has the necessary information to debug the exploit and fix the software.
Gitenc
Gitenc is a simple shell script that works as a placeholder for git add and will parse filenames for sensitive names from git diff and apply GPG encryption as needed (filenames matching config, connection or sqlbackup) while handing everything off to git.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.

Retrieved from "https://directory.fsf.org/wiki/Special:Ask"