The te-edu Password Meter class can be used to check whether a password is strong enough to not be guessed easily. It can perform several tests on a given password string to compute a score that represents the strength of a password. Password checking is based on brute force attack class A and considers 10 million password checks in one minute. It checks characters, character pairs, repeated characters, time needed to be discovered, character standard entropy, etc.
x509watch is a simple command line application that can be used to list soon expiring or already expired X.509 certificates, such as SSL certificates. All certificates are searched by default in the standard PKI directory, but any other directory can be specified as a parameter. Only Base64 encoded DER and PEM X.509 certificates are supported.
VyperBlog is an all-in-one site template for the Google App Engine. It is meant for small businesses or enterprises that want to get into the Google cloud using a turn-key solution that provides security and safety for the data being stored in the back-end database. VyperBlog provides protection from hackers and crackers who might want to abuse forms and other resources being published by those who are using VyperBlog. VyperBlog employs a unique method for securing sites called Secure-Site.
CreditCardNanny is a Web browser extension for Google Chrome and Mozilla Firefox that detects forms that otherwise look secure (with a proper and valid SSL certificate, encrypted, and seemingly safe to enter sensitive data such as credit card details) but actually then submit this form data in a cleartext email to the site administrators. This extension detects such forms and warns you of the possibility that sensitive information may be exposed in clear-text, putting you and your sensitive data at risk. You can test the extension by browsing to https://cc-nanny.appspot.com/test-secure-page, a dummy credit card form that uses a form emailer script, a very common pattern used on an alarmingly large number of Web sites.
iExploder is like a fire hydrant full of bad HTML and CSS code to test the stability and security of Web browsers. It is available as a standalone Web server or CGI script. It continuously feeds browsers bad data in the hope that they will eventually crash. It is designed to run for hours, or even days until the browser crashes.
deEncrypt is an HTML tool that lets encrypt and decrypt arbitrary texts (such as a password) using AES. This allows you to securely store a large collection of texts while requiring only one password to access all the items in the collection. It is ideal for use within a business where you have to remember many different passwords but are not allowed to install any application to help you remember them. deEncrypt is implemented as a Web page with no external references that can be loaded locally into a Web browser and then used without any interaction with remote computers.
PolarSSL is a light-weight cryptographic and SSL/TLS library written in C. PolarSSL makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. Loose coupling of the components inside the library means that it is easy to separate the parts that are needed, without needing to include the total library. PolarSSL is written with embedded systems in mind and has been ported on a number of architectures, including ARM, PowerPC, MIPS, and Motorola 68000. The source is written to have very loose coupling, enabling easy integration of parts in other software projects. Very loosely coupled cryptographic algorithms for MD2, MD4, MD5, SHA1, SHA-256, SHA-512, AES, Camellia, DES, Triple DES, ARC3, and RSA are included.