security
World's Most Widely Used Host Intrusion Detection System - HIDS. OSSEC offers comprehensive host-based intrusion detection across multiple platforms including Linux, Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.
The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
A simple wildlife camera for Raspberry Pis. Sentry-Picam is a simple wildlife / security camera solution for the Raspberry Pi Zero W, providing 1080p/30fps motion activated H.264 video capture. The built in web interface makes it easy to review video clips and identify the busiest times of day.
Suricata is a high performance, open source network analysis and threat detection software used by most private and public organizations, and embedded by major vendors to protect their assets.
Deep Packet Inspection circumvention utility (for Windows).
This software designed to bypass Deep Packet Inspection systems found in many Internet Service Providers which block access to certain websites.
It handles DPI connected using optical splitter or port mirroring (Passive DPI) which do not block any data but just replying faster than requested destination, and Active DPI connected in sequence.
Manage Secrets & Protect Sensitive Data
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
Related contents:
WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.
Related contents:
Welcome to RasPwn OS, The intentionally vulnerable image for the Raspberry Pi.
Raspwn OS is a GNU/Linux distro in the spirit of Damn Vulnerable Linux and uses a Raspberry Pi 2B or 3 to emulate a vulnerable Linux Server. RasPwn was designed as a training tool and exists only to be attacked and pwned. Everything from the OS itself to the daemons and services to the web applications installed are all vulnerable to some degree. The idea is to provide a 'safe' (relatively) and affordable training environment and playground for hackers and pen-testers. By loading Raspwn OS and connecting to the Raspberry Pi via WiFi, one can practice pen-testing as well as both offensive and defensive hacking techniques without ever even getting on the internet for only around $50.
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
This plugin is a small implementation of a fail2ban instance as a middleware plugin for Traefik.
Can You Block It was built to help you test if your ad-blocker is working as intended. The various tests help you in identifying what formats of advertisements are blocked or unblocked so that you can understand your ad-blockers effectiveness. Use the various tests to test ad-blockers such as AdBlock, AdBlock Plus, AdBlocker Ultimate, AdGuard, Ghostery, uBlock Origin, Pi-Hole, NoScript and more with various ad formats such as Web Banners, Native Ads, Pop-Unders, In-Page Push Ads, etc from popular Ad Networks.
An ACME-based certificate authority, written in Go. This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains. Boulder is the software that runs Let's Encrypt.
The world's most widely used web app scanner. Free and open source. Actively maintained by a dedicated international team of volunteers.
Authentication server providing two-factor and SSO. Protect your applications with Single Sign-On and 2 Factor. Authelia is an open-source full-featured authentication server available on Github .
Related contents:
Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally get the power to act accordingly.
A reasonably secure operating system.
Qubes OS is a free and open-source, security-oriented operating system for single-user desktop computing. Qubes OS leverages Xen-based virtualization to allow for the creation and management of isolated compartments called qubes.
From the cloud to your endpoints to your IoT, TEHTRIS technologies neutralize ransomware and 0-days attacks in real time. Our solutions are modular and can be deployed individually or in a suite within the TEHTRIS XDR Platform.
Canary tokens are a free, quick, painless way to help defenders discover they've been breached (by having attackers announce themselves. How tokens works (in 3 short steps):
- Visit the site and get a free token (which could look like an URL or a hostname, depending on your selection.)
- If an attacker ever uses the token somehow, we will give you an out of band (email or sms) notification that it's been visited.
- As an added bonus, we give you a bunch of hints and tools that increase the likelihood of an attacker tripping on a canary token.
DaProfiler allows you to get emails, social medias, adresses, works and more on your target using web scraping and google dorking techniques, based in France Only. The particularity of this program is its ability to find your targets e-mail adresses.
FreeOTP is a two-factor authentication application for systems utilizing one-time password protocols. Tokens can be added easily by scanning a QR code. If you need to generate a QR code, try our QR code generator.
OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.
désactive OneDrive, Cortana, Bing, le fameux Wifi Sense, et bien sûr tout ce qui envoie des données à Microsoft, le partage des mises à jour en P2P, les services Xbox Live, les pubs dans le menu Démarrer, les popups de mise à jour reloues, boucher quelques failles qui permettent la fuite de données via Edge et Defender et même supprimer les identifiants uniques qui permettent de différencier votre installation Windows d'un autre.
Open source password manager for teams The password manager your team was waiting for. Free, open source, extensible, based on OpenPGP.
FastNetMon is a very high performance DDoS detector built on top of multiple packet capture engines: NetFlow, IPFIX, sFLOW.
An Efficient Communication System With Strong Anonymity
Keybase maps your identity to your public keys, and vice versa. Keybase is secure messaging and file-sharing.
Cloud oriented pentesting distribution.
Related contents:
debugs memory leak of running process, without recompiling or restarting, on GNU/Linux and FreeBSD.
Not maintained anymore, try libleak please.
I2P is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other. The network itself is strictly message based (a la IP), but there is a library available to allow reliable streaming communication on top of it (a la TCP). All communication is end to end encrypted (in total there are four layers of encryption used when sending a message), and even the end points ("destinations") are cryptographic identifiers (essentially a pair of public keys).
The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style Capture the Flag competitions.
NIST Certified SCAP 1.2 toolkit. The oscap program is a command line tool that allows users to load, scan, validate, edit, and export SCAP documents.
The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in browser, or as a desktop app.
SFLvault is a Networked credentials store and authentication manager developed and maintained by Savoir-faire Linux.
It has a client/vault (server) architecture allowing encrypted storage and organization of a multitude passwords for different machines and services.
When you visit a website, online trackers and the site itself may be able to identify you – even if you’ve installed software to protect yourself. It’s possible to configure your browser to thwart tracking, but many people don’t know how.
Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques. We’ll also see if your system is uniquely configured—and thus identifiable—even if you are using privacy-protective software.
automatic SQL injection and database takeover tool.
SQLmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
The most advanced Penetration Testing Distribution.
Kali Linux is an open-source, Debian-based Linux distribution geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering.
Vault secures, stores, and tightly controls access to tokens, passwords, certificates, API keys, and other secrets in modern computing. Vault handles leasing, key revocation, key rolling, and auditing. Vault presents a unified API to access multiple backends: HSMs, AWS IAM, SQL databases, raw key/value, and more.
Related contents:
pfsense fork - Your next Open Source Firewall ! Secure Your Network with ease. From Virtual Private Networking to Intrusion Detection, Best in class, FREE Open Source Project.
Related contents:
IPFS is a new hypermedia distribution protocol, addressed by content and identities. IPFS enables the creation of completely distributed applications. It aims to make the web faster, safer, and more open.
Hard Drive Disk Wipe and Data Clearing DBAN is a self-contained boot disk that automatically deletes the contents of any hard disk that it can detect. This method can help prevent identity theft before recycling a computer. It is also a solution commonly used to remove viruses and spyware from Microsoft Windows installations. DBAN prevents all known techniques of hard disk forensic analysis. It does not provide users with a proof of erasure, such as an audit-ready erasure report.
La messagerie sécurisée pour tous. Alors que les programmes de surveillance gouvernementaux étendent leur influence, Tox est une application facile à utiliser qui vous permet de contacter vos amis et vos proches sans que quelqu'un d'autre soit à l'écoute
Open source anti-theft solution for laptops, phones & tablets Prey lets you keep track of your laptop, phone and tablet whenever stolen or missing -- easily and all in one place. It's lightweight, open source software that gives you full and remote control, 24/7.
The world's most advanced Open Source vulnerability scanner and manager
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution.
automated wireless auditor.
To attack multiple WEP, WPA, and WPS encrypted networks in a row. This tool is customizable to be automated with only a few arguments. Wifite aims to be the "set it and forget it" wireless auditing tool.
It's a Python script for auditing wireless networks. Wifite runs existing wireless-auditing tools for you. Stop memorizing command arguments & switches! Wifite is designed to use all known methods for retrieving the password of a wireless access point (router).
Free website malware and security checker
Enter a URL like example.com and the Sucuri SiteCheck scanner will check the website for known malware, viruses, blacklisting status, website errors, out-of-date software, and malicious code.
Nikto web server scanner.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers, and version specific problems on over 270 servers.
It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.