Open Source JavaScript Security Software - Page 10

Project Aristotle (formerly the Identity Governance Framework (idgov) project) is an openLiberty.org project that enables developers writing applications using identity-related information to access information in a multi-protocol environment supported.

:: Pythia :: This is a high quality fast "true random" number generator / shuffling system. This means that Pythia never ever repeats the same numbers again regardless of how many tests you do. This also means that it never generates any numbers in a predictable order no matter how many times you refresh. Pythia solves a great problem and is by far the best solution out there. How to use: var my_pythia = new pythia(); Pythia API: .generate - Generate a new random number. .reset - Reset and enable to restart and -probably- regenerate same numbers. Enjoy!

Introducing RAWR (Rapid Assessment of Web Resources). There's a lot packed in this tool that will help you get a better grasp of the threat landscape that is your client's web resources. It has been tested from extremely large network environments, down to 5 node networks. It has been fine-tuned to promote fast, accurate, and applicable results in usable formats. RAWR will make the mapping phase of your next web assessment efficient and get you producing positive results faster!

Rock the Flag network (RTFn), is a set of services that allow you to better collaborate. The intended use is for information/cyber-security related capture the flag or war games. The main driver behind RTFn is a modified Etherpad installation. Now located on github! https://github.com/theopolis/RTFn-lite

Recsig is a Joomla component intended to collect digital signatures for Popular Legislative Initiatives (PLI). The component comply with all legal requirements so that collected signatures can be considered valid for PLI by the Spanish law.

Remote Root is an enterprise-class central management tool for Linux, which enables centralized configuration management of a large amount of network connected Linux-based computers (hosts) in a modular form. It is an open source software system relying on operation of traditional operating systems, so it is capable of managing numerous free and commercial Linux distributions or even not Linux-like systems (such as Solaris, HP-UX, FreeBSD, OpenBSD). It can manage every system on which the following functions are available somehow: - identification of the version number of the operating system, - querying of the list of the installed packages, - querying of the version number of a package, - upgrading a specified package to a given version. Read more on https://sourceforge.net/p/remoteroot/wiki/ wiki pages.

SeCURePass password manager. A flexible, secure password manager for use in many situations, applicable for storing personal information. Integration with Firefox is available via an included extension.

SIGVI is a vulnerability manager for enterprise environments. Uses vulnerability sources like NVD, auto-updates its repository and looks for vulnerable products installed on your servers, creating alerts and notifying their administrators.

STS is a web-based application that allows it's users to store text in various, self-defined sections. The text will be encrypted and stored in a single file. This will protect the data even in the case of a server hack.

Adobe SWF Investigator is a cross-platform, GUI-based, comprehensive set of tools, which enables quality engineers, developers and security researchers to quickly analyze SWF files to improve the quality and security of their applications. From a static perspective, you can disassemble ActionScript 2 (AS2) and ActionScript 3 (AS3) SWFs, view SWF tags and make binary changes to SWF files.  SWF Investigator also lets you view associated information, including local shared objects (LSOs) and per site settings. From a dynamic perspective, you can call functions within the SWF, load the SWF in various contexts, communicate via local connections and send messages to Action Message Format (AMF) endpoints. SWF Investigator contains an extensible fuzzer for SWF applications and AMF services, so you can search for common Web application attacks. This toolset also provides a variety of utilities including encoders and decoders for SWF data, as well as a basic AS3 compiler.

Tools: https://safeutils.com/barcode-generator https://safeutils.com/color-picker https://safeutils.com/qr-code-generator https://safeutils.com/qr-code-scanner https://safeutils.com/word-counter https://safeutils.com/base-64-decoder https://safeutils.com/diff-checker https://safeutils.com/hex-to-ascii https://safeutils.com/json-formatter https://safeutils.com/lorem-ipsum-generator https://safeutils.com/random-generator https://safeutils.com/time-converter https://safeutils.com/xml-formatter https://safeutils.com/ascii-to-binary https://safeutils.com/ascii-to-hex https://safeutils.com/base-64-encoder https://safeutils.com/binary-to-ascii https://safeutils.com/case-converter https://safeutils.com/csv-to-json https://safeutils.com/decimal-to-ascii https://safeutils.com/html-formatter https://safeutils.com/html-preview https://safeutils.com/html-to-markdown https://safeutils.com/id-generator https://safeutils.com/json-to-csv https://safeutils.com/json-to-xml

This is a JavaScript library which gives the ability to use cryptographic functionality abstracted of available technologies on the browser side. It executes a cryptographic function with the fastest technology including Java, JavaScript and Flash.

Tool to automatically fire regular security scans with Nessus. Compare results of the current scan with the previous scan and report on the delta in a web interface. Main objective of the tool is to make repeated scans more efficient. Not affiliated

SCMS is an MVC based secure content management system. It is designed from the ground up to withstand common Web application vulnerabilities. It is designed for PHP 5.0-5.2.x and MySQL 4.1+, and it can optionally support PostgreSQL as a database backend.

A management system for sensitive system and security information. This system is designed to aid IT/Security professionals in maintaining a repository of sensitive information for their systems, to include: sensitive system information (architecture, assets and inventory, vulnerability data, remediation strategies, assessments) and so on. This is an ever evolving project and will take shape over a given amount of time.

The principal target of Segovia is to generate reports for a set of Security Testing tools. This reports show the different found vulnerabilities in a graphical way. Also they explain the most common reasons and the solution of these vulnerabilities.

Javascript, Python, C++ implementations of Shamir's Secret Sharing algorithm. This is very much a work in progress, and while the functionality is there to split and join, it needs work, cleanup, documentation, profiling and testing. It is only provided in the hopes it may be useful. I make absolutely NO guarantees or warranties, not even of merchantability, either expressed or implied, and do not make any claims about the security or reliability of this project. I do not authorize it's use for anything that is wrong or generally in violation of appropriate laws, or that infringe on other's rights.

The project ShieldWan consists of a Portal’s development integrating an authentication method by unique password or by limited life password. Once authenticated, project users may access to applications available to them without having to re-authenticate. It allows to have secure accesses and a single users management for all applications through LDAP API. Users access the project using a public Web portal protecting existing private made applications. To allow users to connect to infrastructure through external method, the project consists of : - An identification made of a double security with: o an identifier and a unique password per session (One Time Password) o A method for sending "One Time Password" via SMS, Private Mail, Twitter Direct Message. - The main interface allowing the user to access various portals

Generate and retrieve passwords for different websites that you may register. Web based (php) for easy retrieval. Customizable with favorite user id, password length and key! Simple and safe password retriever out there! Please CHECK the Project Website.

Web-based SiteMinder admin web application that works remotely from the Policy Server. Two versions available which is struts and dwr(ajax) based. Great for integration into other web admins.

Anti-Email Harvesting tool. This simple utility to help those wanting to hide their email address from being harvested. Simple to install and use. Platform independant for almost any site. Designed to help webmasters reduce robot harvesting for spam.

Sploitware is a curated repository that maps the world of exploit development, offensive security, and binary exploitation into organized learning material. It brings together links to tutorials, tools, writeups, and CTF resources so that security learners don’t have to hunt across the internet for a coherent path. The focus is on practical exploitation skills: understanding memory corruption, reverse engineering, shellcode, privilege escalation, and platform specifics. By being a single, public list, it lowers the barrier for newcomers who want to go from “I know nothing about exploitation” to “I can follow a CTF writeup” in a guided way. It is also helpful for defenders and security engineers who want to understand offensive techniques to harden systems. The repo is community-friendly and can grow as new techniques, tools, and writeups appear.

ABouncer for Spring Security provides a convenient and robust web interface for managing Users, User Groups, Authorities, ACL lists and more