Projects

Openwall - John the Ripper

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most ... [More] commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. [Less]

CDO Model Repository

claimed by Eclipse Foundation

CDO Model Repository ===================== CDO is both a development-time model repository and a run-time persistence framework. Being highly optimized it supports object graphs of arbitrary size. CDO offers transactions with save points, explicit locking, change notification, queries ... [More] , temporality, branching, merging, offline and fail-over modes, ... The storage back-end is pluggable and migrations between direct JDBC, Hibernate, Objectivity/DB, MongoDB or DB4O are seamless for CDO applications. [Less]

Envers

The Envers project makes it simple to version entities. The only thing required is annotating them with @Versioned. Storing historical data (versions) is completely transparent to the developer. He/she may interact with the entities as always. Not only basic properties of an entity can be ... [More] versioned, but also relations, making it possible to view parts of the database as they were at a given revision (each revision has an associated timestamp, one revision = one transaction, in which versioned data has changed). Moreover, Envers provides a straightforward interface for retrieving historical data, a criteria-like query interface, and the possibility to store additional information alongside each revision. Envers works with Hibernate and Hibernate Entity Manager. [Less]

LDAP Synchronization Connector (LSC)

LDAP Synchronization Connector (LSC) reads from any data source including databases, LDAP directories or files and transforms and compares this data to an LDAP directory. These connectors can then be used to continuously synchronize a data source to a directory, for a one shot import or just to ... [More] compare differences by outputting CSV or LDIF format reports. LSC offers a powerful transformation engine, based on a scripting language, to easily manipulate data on the fly. Various identity management functions are included for directory-specific compatibility — most notably Active Directory (changing passwords, account status, last logon, etc …). LSC is an open source project written in Java, available under the BSD license. [Less]

sshproxy

sshproxy is a pure python implementation of an ssh authenticating proxy. It allows users to connect to remote sites without having to know the password or key of the remote sites. ACL rules can be set up to allow or deny users based on different parameters like their IP address or the time of ... [More] the day. Access attempts are logged via syslog, and an enhanced "action log" system is under development. The client is the standard ssh client. [Less]

sqlmap

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting ... [More] from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. [Less]

TeamPass

TeamPass is a Collaborative Passwords Manager. It permits to manage passwords in an environment where all users can't see all passwords. TeamPass main functions are: - Define your own Tree structure of passwords Groups, - Define the users Functions you want. Each Function allows access to ... [More] specific Groups, - Associate each user to specific Functions, and customize his/hers groups access, - Create the matrix traceability for Functions vs Groups, - Audit trail on passwords, - All passwords are encrypted in database, - Clipboard copy of password and login for quick utilization, - Define minimal password complexity for each Group, - Auto log-off system when session is over, - Deploy a strategy for "renewal passwords", - Passwords can be restricted to a set of users, - ... More infos on website. [Less]

Apache Rat

claimed by Apache Software Foundation

Release Audit Tool (RAT) is a tool to improve accuracy and efficiency when checking releases. It is heuristic in nature: making guesses about possible problems. It will produce false positives and cannot find every possible issue with a release. It's reports require interpretation. RAT was ... [More] developed in response to a need felt in the Apache Incubator to be able to review releases for the most common faults less labour intensively. It is therefore highly tuned to the Apache style of releases. [Less]

PHPSecInfo

PhpSecInfo provides an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.

OSS Discovery

OSS Discovery is an open source tool that finds installed open source software. It can be used to inventory open source software across an enterprise or on a single computer. Using OSS Discovery, individuals and companies can easily contribute data about how much open source software is being used to The Open Source Census.