LBackup is a simple backup system aimed at systems administrators who require reliable backups with minimum fuss. It is configured with configuration files, and the backup is started from the command line. It has been tested for over 10 years. Backups can be to local media, or to remote media via one or more networks. The networks may be private LANs, WANs, or sets of untrusted public networks such as the Internet.
A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.
URLCrazy checks for mistyped domain names of websites. It can detect typo domain squatters and help protect your domain security by identifying domain names to preemptively register. It generates 15 types of typos, including bitflipped domains, knows over 8,000 common misspellings and over 450 homophones, supports multiple keyboard layouts, checks whether a typo is a valid domain, and can test whether domain typos are in use and estimate the popularity of a typo.
Unhide.rb finds hidden processes on your system. It looks for active processes in many different ways. Processes found by some means but not others are considered to be "hidden", and are reported to the user. Unhide.rb is a Ruby rewrite of the original Unhide, which was written in C. Unhide.rb performs the same checks as the original, but is 10 times faster in only half as much code, and has better diagnostics when hidden processes are found.
Username-Anarchy is a commandline tool for the generation of usernames based on the users' real names. This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users’ names. By attempting a few weak passwords across a large set of user accounts, user account lockout thresholds can be avoided. Common aliases (or self-chosen usernames) from forums are also included. Features include a plugin architecture, format string-style username formats, and substitutions. When only a first initial and lastname is known (LinkedIn lists users like this), it will attempt all possible first names, common first and last names from various countries (from Familypedia and PublicProfiler), and an exhaustive list of first and lastnames from Facebook. This also includes usernames scraped from forums, ordered by popularity.
The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
geoipgen is an IP network tool for generating geotargeted lists of IP addresses using MaxMind's GeoLite Country database. It can randomly enumerate all IP addresses or a specified number of IP addresses in a particular country or a list of countries. For example, to get all IPs for Japan in a random order, use "geoipgen jp". For a sample of 10,000 IPs from Australia and New Zealand, use "geoipgen -n 10000 au nz".
Remo is a graphical rule editor for ModSecurity, an Apache security module. ModSecurity is quite difficult to configure successfully. Modsecurity.org advertises a tested core ruleset granting you protection from most known attacks, but this is only blocks traffic known to be dangerous, when it is more effective to block everything not known to be safe. Remo is meant to assist in the difficult task of writing the rules that would correctly describe the requests that are valid for an application.