The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
htmLawed is a PHP script that makes input text more secure, HTML standards-compliant, and suitable in general from the viewpoint of a Web-page administrator, for use in the body of HTML 4 or XHTML 1 or 1.1 documents. It is a customizable HTML/XHTML filter, processor, purifier, and sanitizer. It can ensure that HTML tags are balanced and properly nested tags, neutralize code that may be used for cross-site scripting (XSS) attacks, and limit the allowed HTML elements, tags, attributes, or URL protocols.
SilkPHP TextPass system was initially created as a temporary solution, whilst testing other scripts that were not yet publicly available. This system allows you to quickly set up a protected area for testing, and then remove everything once testing is complete. The resulting scripts may also be useful to those just starting out learning PHP and cookies.
TotalShield is a transparent add-on installed on an Apache server. No modification to the existing sites or Web server configuration needs to be done. Simple mistakes in PHP code or CGI scripts can easily compromise the security level of a site. These protection modules allow you to monitor and restrict script access to the system. During the protection configuration, a "Test Mode" switch allows the Web administrator to test the behavior of the site without actually blocking any of the events.
HN CAPTCHA is a PHP class that generates a picture to use in forms that perform CAPTCHA tests (Completely Automated Public Turing to tell Computers from Humans Apart). After the test form is submitted, a key entered by the user in a text field is compared to determine whether it matches the text in the picture. It is a fork of ocr_captcha that features support for older versions of the GD library, hacking prevention, optional use of Web safe colors, support for the use of multiple random TrueType fonts, and more.
Twe (Twe Whitelist Enforcer) is used to enforce pre-defined HTML code. It takes "bad" HTML as input and returns HTML matched against a flexible and easy to extend set of rules. It can be used to allow HTML input for your Web forum without opening yourself to cross-site scripting attacks.
ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any experience with SSH. It was written for users that wanted to connect to Usermin at a remote site. Users enter information into a Web form and the server then connects an SSH tunnel to the remote Usermin server and redirects the browser through the tunnel.