OpenSAML is a portable implementation of the Security Assertion Markup Language (SAML) standard for the formation and exchange of authentication, attribute, and authorization data using XML, as defined by OASIS. There are interfaces for a range of languages, including C++ and Java.
Netscape Security Wrapper manages the loading of NPAPI (Netscape Plugin API) plugins and applies simple policy decisions. The intention is to allow administrators to deploy deprecated, unreliable, or unsafe third party plugins while minimizing the security exposure. Safari, Google Chrome, Firefox, and other NPAPI-compatible browsers are supported on OS X and Linux. Use cases include: restricting plugins to certain domains, restricting the use of deprecated plugins to known outliers, allowing internal corporate workflows which use insecure or deprecated plugins without exposing the plugin to the hostile Internet, and allowing multiple outdated plugin versions (e.g., Java) to co-exist for use in whitelisted, trusted enterprise tools.
Google Authenticator Demo is an implementation of two-factor authentication using the Google Authenticator that can be used on your own site or application. It allows you to register a user name and then log in using the information provided by the Google Authenticator. It also works with OATH HOTP compliant hardware tokens.
Shibboleth is a standards-based middleware software package providing Web single-sign-on across or within organizational boundaries. It implements standards such as OASIS' SAML to provide a federated single-sign-on and attribute exchange framework. It also provides extended privacy functionality, allowing the browser user and their home site to control the attributes released to each application.
skipfish is a high-performance, easy, and sophisticated Web application security testing tool. It features a single-threaded multiplexing HTTP stack, heuristic detection of obscure Web frameworks, and advanced, differential security checks capable of detecting blind injection vulnerabilities, stored XSS, and so forth.
iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of Web browsers. It is available as a standalone Web server or CGI script. It continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.
"TCP Input Text" extracts TCP ports and fully qualified domain names (FQDN) from search results into a .csv file and individual shell scripts for nmap and nc (a.k.a. netcat) to provide assurance of a listening TCP service since the time that has passed of the last crawl performed by the search engine.
TinyIDS is a distributed intrusion detection system (IDS) for Unix systems. It is based on the client/server architecture and has been developed with security in mind. The client, tinyids, collects information from the local system by running its collector backends. The collected information may include anything, from file contents to file metadata or even the output of system commands. The client passes all this data through a hashing algorithm and a unique checksum (hash) is calculated. This hash is then sent to one or more TinyIDS servers (tinyidsd), where it is compared with a hash that had previously been stored in the databases of those remote servers for this specific client. A response indicating the result of the hash comparison is finally sent back to the client. Management of the remotely stored hash is possible through the client's command line interface. Communication between the client and the server can be encrypted using RSA public key infrastructure (PKI).
Sleutel is a multi-platform password manager that is written using the Eclipse Rich Client Platform (RCP). Its goal is to manage password/ID pairs for accessing Web sites and to provide an example RCP application. It features configurable password generation, labeling of password entries (a la GMail), an intuitive UI following the Eclipse model, merge capabilities, and the ability to track usage count and dates of password entries. Sleutel is the Dutch word for key.