Jumblar is a tool that converts map coordinates into passwords. It hopes to provide increased user security by assuming that it is easier for people to remember a secret location than a strong password, and that a location that could be anywhere in the world is practically impossible for others to guess. By using this property of secret locations, secure passwords can be generated. SCrypt is used to protect user information.
Netscape Security Wrapper manages the loading of NPAPI (Netscape Plugin API) plugins and applies simple policy decisions. The intention is to allow administrators to deploy deprecated, unreliable, or unsafe third party plugins while minimizing the security exposure. Safari, Google Chrome, Firefox, and other NPAPI-compatible browsers are supported on OS X and Linux. Use cases include: restricting plugins to certain domains, restricting the use of deprecated plugins to known outliers, allowing internal corporate workflows which use insecure or deprecated plugins without exposing the plugin to the hostile Internet, and allowing multiple outdated plugin versions (e.g., Java) to co-exist for use in whitelisted, trusted enterprise tools.
Google Authenticator Demo is an implementation of two-factor authentication using the Google Authenticator that can be used on your own site or application. It allows you to register a user name and then log in using the information provided by the Google Authenticator. It also works with OATH HOTP compliant hardware tokens.
"TCP Input Text" extracts TCP ports and fully qualified domain names (FQDN) from search results into a .csv file and individual shell scripts for nmap and nc (a.k.a. netcat) to provide assurance of a listening TCP service since the time that has passed of the last crawl performed by the search engine.
skipfish is a high-performance, easy, and sophisticated Web application security testing tool. It features a single-threaded multiplexing HTTP stack, heuristic detection of obscure Web frameworks, and advanced, differential security checks capable of detecting blind injection vulnerabilities, stored XSS, and so forth.
iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of Web browsers. It is available as a standalone Web server or CGI script. It continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.
Keyczar is a cryptographic toolkit designed to make it easier and safer for developers to use cryptography in their applications. It supports authentication and encryption with both symmetric and asymmetric keys. Cryptography is easy to get wrong. Developers can choose improper cipher modes, use obsolete algorithms, compose primitives in an unsafe manner, or fail to anticipate the need for key rotation. Keyczar abstracts some of these details by choosing safe defaults, automatically tagging outputs with key version information, and providing a simple programming interface.
libapache2-mod-scramble-ip is an Apache 2 module that works like mod_removeip, but instead of just overwriting the IP address with 127.0.0.1, it encrypts the IP address. This way you always get an IP address to work with (in scripts, etc.) and have the ability to use tools like awstats to analyze your logs. It's in alpha status, but working on some Apache 2 servers, and the 'cost' (load) should be small and reasonable.