- GNU Jami (formerly GNU Ring) is a universal and distributed communication platform, implemented as free (libre) software, which respects the freedoms and privacy of users. Aimed at the general public as well as professionals, Jami provides all its users a universal communication tool, autonomous, libre, secure and built on a distributed architecture thus requiring no authority or central server to function. GNU Jami satisfies a high priority software goal of the Free Software Foundation, responding to the challenges of privacy on the Internet. Developed by Savoir-faire Linux, Jami takes advantage of an active development community thanks to the support of young Google Summer of Code developers as well as research partnerships with Polytechnique Montréal and the Université du Québec à Montréal.
- Knocker is a TCP security port scanner written in C, using threads. It can analyze hosts and the network services which are running on them. Both a console version and a GTK+ version are available.
- Kontalk is a free software, secure and distributed instant messaging driven by the community. Kontalk protocol is based on XMPP with end-to-end encryption in both server-to-server and server-to-client. Kontalks is basically for phone, but it's also available for desktop now (GNU/Linux, Windows, and macOS).
- Legibly Password Generator
- generates 30 thirteen characters long passwords // used character groups: A-Z, a-z, 0-9, special: #+,.-;:_= // but without hardly distinguishable ones like l, 1, O, 0 // the output of each password is split up after four characters for a better readability // the first six characters contain at least one character of each group of characters, because some systems do not store larger passwords // every password starts with letters, because some systems cannot handle digits or special signs at the start // in one single password is no character more than ones // the randomness is large enough, that the passwords are very unique
- libreCMC is an embedded GNU/Linux distro with the focus of providing a platform that is 100% free software and that does not contain non-free blobs. While libreCMC is currently a hard fork of the popular OpenWRT project, it uses a linux-libre kernel and does not contain non-free parts.
- The exploitation of buffer overflow and format string vulnerabilities in process stacks are a significant portion of security attacks. 'libsafe' is based on a middleware software layer that intercepts all function calls made to library functions known to be vulnerable. A substitute version of the corresponding function implements the original function in a way that ensures that any buffer overflows are contained within the current stack frame, which prevents attackers from overwriting the return address and hijacking the control flow of a running program. The true benefit of using libsafe is protection against future attacks on programs not yet known to be vulnerable. The performance overhead of libsafe is negligible, it does not require changes to the OS, it works with existing binary programs, and it does not need access to the source code of defective programs, or recompilation or off-line processing of binaries.
- Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.
- Maryam is a full-featured open-source intelligence(OSINT) framework written in Python. Complete with independent modules, built in functions, interactive help, and command completion, provides a command-line environment for used forensic and open-source intelligence(OSINT). Maryam is a completely modular framework and makes it easy for even the newest of Python developers to contribute. Each module is a subclass of the "module" class.The "module" class is a customized "cmd" interpreter equipped with built-in functionality that provides simple interfaces to common tasks such as standardizing output, and making web requests. Therefore, all the hard work has been done. Building modules is simple and takes little more than a few minutes. Can extract: Comments, Links, CDNs, CSS, JS files.. Documentations(pdf, doc, ..) Keywords, errors, usernames, .. DNS, TLD and bruteforce it. SiteMap Can identify Interesting and important files Emails from search engines Onion related links Subdomains from different sources WebApps, WAF,.. Social networks ..
- Most password managers are password vaults: they let you store or generate a strong password for your services and then encrypt that key and store it for later retrieval. This approach presents many problems, in particular in the modern mobile age, that result in many frustrations: * Vault availability: If your vault is not available, you cannot use any of your services. * Added risk of identity loss: If you lose (eg. HDD failure/house fire) your vault, you instantly lose your entire online identity. * Force of law: Many countries have laws that require you to divulge the encryption key if a lawful search discovers your vault. Some password vaults implement features to try and address these issues, such as Internet sync, cloud-based vaults or backups and self-destructing vaults. These features all work around issues inherent to the solution and bring their own set of issues: * Network sync: Keeping data secure in transit is non-trivial and adds security risks. * Backups: Requires that you keep multiple locations secure from loss and theft, as well as the vault in transit. * Cloud-based services: Requires you to trust an external party and sacrifices transparency and freedom. * Defensive destruction: Reliability issues and again, risk total identity loss. Master Password is a completely different approach to passwords. The core issue that brings forth these problems is the vault used to store passwords. Master Password removes the vault from the solution by being a stateless solution, thus avoiding each of these issues. Master Password works by being an offline and stateless algorithm used to calculate your site passwords on-demand. Your passwords exist only as long as you need them and then disappear from disk and memory. Passwords are calculated based on a master password and the user's full name, combined with the name of the site. Calculation is based on strong, known and understood cryptographic hashes. Hash-based password generation is not new, but Master Password is a careful implementation that avoids many issues that other hash-based password managers suffer from. Cryptography is not easy and upon inspection, the security of most hash-based password generators completely falls apart. Master Password uses scrypt combined with hmac-sha256 and salting to prevent all known attack vectors.
- Mod security
- 'Mod_security' is an intrusion detection and prevention module for Apache Web servers. Its purpose is to protect vulnerable applications by detecting and (optionally) rejecting attacks. In addition to request filtering (using regex), it can create Web application audit logs. Unlike other similar projects, Mod_security can analyse POST payloads.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.