Auth MemCookie is an Apache v2 authentication and authorization module based on a cookie authentication mechanism. The module doesn't do authentication by itself, but verifies if the cookie used for authentication is valid for each URL protected by the module. The module also validates whether the authenticated user has authorization to access the URL. Authentication is done externally through an authentication form page, and all authentication information necessary to the module is a stored in memcached.
Bunny the Fuzzer is a closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. It uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data.
Netscape Security Wrapper manages the loading of NPAPI (Netscape Plugin API) plugins and applies simple policy decisions. The intention is to allow administrators to deploy deprecated, unreliable, or unsafe third party plugins while minimizing the security exposure. Safari, Google Chrome, Firefox, and other NPAPI-compatible browsers are supported on OS X and Linux. Use cases include: restricting plugins to certain domains, restricting the use of deprecated plugins to known outliers, allowing internal corporate workflows which use insecure or deprecated plugins without exposing the plugin to the hostile Internet, and allowing multiple outdated plugin versions (e.g., Java) to co-exist for use in whitelisted, trusted enterprise tools.
OpenXPKI is a Web and CLI-based enterprise-grade PKI/trust center system (X509 public key infrastructure) complete with CA, Web interfaces, offline support, and support for well established infrastructure components like RDBMS and Hardware Security Modules. Flexibility and modularity are the project's key design objectives. Unlike many other PKI solutions, it offers powerful features necessary for professional environments. However, small scale installations are also targeted by providing quick-start configuration examples that allow you to get a usable PKI running quickly.
The Secure Storage service for the gLite middleware provides users with a set of tools for storing data securely and in an encrypted format on the grid storage elements. Data is accessible and readable by authorized users only. Moreover, it solves the insider abuse problem by also preventing administrators of the storage elements from accessing the confidential data in a clear format. The service has been designed and developed for the grid middleware of the EGEE Project, gLite, in the context of the TriGrid VL Project.
Sleutel is a multi-platform password manager that is written using the Eclipse Rich Client Platform (RCP). Its goal is to manage password/ID pairs for accessing Web sites and to provide an example RCP application. It features configurable password generation, labeling of password entries (a la GMail), an intuitive UI following the Eclipse model, merge capabilities, and the ability to track usage count and dates of password entries. Sleutel is the Dutch word for key.
TinyIDS is a distributed intrusion detection system (IDS) for Unix systems. It is based on the client/server architecture and has been developed with security in mind. The client, tinyids, collects information from the local system by running its collector backends. The collected information may include anything, from file contents to file metadata or even the output of system commands. The client passes all this data through a hashing algorithm and a unique checksum (hash) is calculated. This hash is then sent to one or more TinyIDS servers (tinyidsd), where it is compared with a hash that had previously been stored in the databases of those remote servers for this specific client. A response indicating the result of the hash comparison is finally sent back to the client. Management of the remotely stored hash is possible through the client's command line interface. Communication between the client and the server can be encrypted using RSA public key infrastructure (PKI).