jEncrypt is a commandline file encryption archiver. Files are encrypted with the AES-CTR mode, which was recommended by the National Institute of Standards and Technology in 2001 (NIST SP 800-38A). AES-CTR mode only provides confidentiality. It requires a message authentication code such as CBC-MAC to ensure an encrypted message is not accidentally modified or maliciously tampered with, which jEncrypt currently does not provide.
CERTivity is a powerful multi-platform visual tool for creating, managing, and handling different key store types (such as JKS, JCEKS, PKCS12, the Bouncy Castle types BKS and UBER, and Windows Native), public, private and secret keys in different formats (PKCS, OpenSSL, RSA/DSA, etc.), certificates (version 1 and 3), and certificates chains. It allows you to import and export keys, key pairs and certificates, manage certificate extensions, extend the validity period for self-signed certificates, test certificates, obtain revocation status, convert from one key store type to another, and much more.
txtorcon is a Twisted-based asynchronous Tor control protocol implementation. Twisted is an event-driven networking engine written in Python, and Tor is an onion-routing network designed to improve people’s privacy and security on the Internet. It includes unit-tests with 96%+ coverage, multiple examples, and documentation. There are abstractions to track Tor configuration and state (circuits, streams), launch private instances, support Hidden Service, and more.
SSLsplit is a tool that performs man-in-the-middle attacks against SSL/TLS encrypted network connections for network forensics and penetration testing. It terminates SSL/TLS and initiates a new connection to the original destination, logging all data transmitted. It supports plain TCP and SSL, HTTP and HTTPS, and IPv4 and IPv6. For SSL and HTTPS, it generates and signs forged X509v3 certificates on-the-fly using the original certificate's subject DN and subjectAltName extension. It supports Server Name Indication, RSA, DSA, and ECDSA keys, and DHE and ECDHE cipher suites. It can also use existing certificates if the private key is available.
Trusion is a physical intrusion system that uses users' Webcams to detect motion, which serves as an indicator to start recording video. Optionally, users can choose to have the program upload the videos to an FTP server in the unfortunate event your computer gets stolen or the perpetrator manages to delete the user's local video files. This is a very new project that is enthusiastically welcoming new contributors and their ideas. This project was build using Qt and OpenCV.
WormTrack is a network IDS that allows detection of scanning worms on a LAN by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network without having privileged access on a switch to set up a dedicated monitor port. It does not require constant updating of the rules engine to address new threats.
creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.
Secure GnuPG Form is a Web form that sends encrypted email and attachments using GnuPG, without the sender needing to have GnuPG installed. Versions are available with Recaptcha.net support and two-factor authentication using a username and password and the free PhoneFactor.com service.