The te-edu Password Meter class can be used to check whether a password is strong enough to not be guessed easily. It can perform several tests on a given password string to compute a score that represents the strength of a password. Password checking is based on brute force attack class A and considers 10 million password checks in one minute. It checks characters, character pairs, repeated characters, time needed to be discovered, character standard entropy, etc.
Nowadays, a simple password is not enough anymore! Multi-OTP is an OATH-certified PHP class, a Web interface, and a powerful command line tool that can be used to authenticate and manage OTP user tokens for strong two-factor authentication. It can create, update, and delete tokens to authenticate users with one time passwords (OTP). The users' data are stored in files. The class can also check the user token using several algorithms: Mobile OTP (MOTP), OATH/HOTP (RFC 4226), and OATH/TOTP HOTP Time Based (RFC 4226 extension). It works with compatible software tokens (iPhone, Android, PalmOS, Nokia, and other Java J2ME capable phones) and hardware tokens (such as Feitian, ZyXEL, Authenex, or Seamoon). The multiotp command line utility is also provided, both in "compiled" form (for Windows) and in source code (for Linux or educational purpose). The multiotp command line can be combined with FreeRADIUS (under Linux) or the free TekRADIUS LT (under Windows) in order to have a powerful radius strong authentication server.
x509watch is a simple command line application that can be used to list soon expiring or already expired X.509 certificates, such as SSL certificates. All certificates are searched by default in the standard PKI directory, but any other directory can be specified as a parameter. Only Base64 encoded DER and PEM X.509 certificates are supported.
VyperBlog is an all-in-one site template for the Google App Engine. It is meant for small businesses or enterprises that want to get into the Google cloud using a turn-key solution that provides security and safety for the data being stored in the back-end database. VyperBlog provides protection from hackers and crackers who might want to abuse forms and other resources being published by those who are using VyperBlog. VyperBlog employs a unique method for securing sites called Secure-Site.
CreditCardNanny is a Web browser extension for Google Chrome and Mozilla Firefox that detects forms that otherwise look secure (with a proper and valid SSL certificate, encrypted, and seemingly safe to enter sensitive data such as credit card details) but actually then submit this form data in a cleartext email to the site administrators. This extension detects such forms and warns you of the possibility that sensitive information may be exposed in clear-text, putting you and your sensitive data at risk. You can test the extension by browsing to https://cc-nanny.appspot.com/test-secure-page, a dummy credit card form that uses a form emailer script, a very common pattern used on an alarmingly large number of Web sites.
iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of Web browsers. It is available as a standalone Web server or CGI script. It continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.
deEncrypt is an HTML tool that lets encrypt and decrypt arbitrary texts (such as a password) using AES. This allows you to securely store a large collection of texts while requiring only one password to access all the items in the collection. It is ideal for use within a business where you have to remember many different passwords but are not allowed to install any application to help you remember them. deEncrypt is implemented as a Web page with no external references that can be loaded locally into a Web browser and then used without any interaction with remote computers.