The WiKID Strong Authentication System is a highly scalable, secure two-factor authentication system. It is simple to implement and maintain, allows users to be validated automatically, requires no hardware tokens, has a simple API for application support (via Ruby, PHP, Java, COM, Python, etc.), supports multiple domains, and supports replication for fault tolerance and scalability. It also supports mutual /host and transaction authentication, wireless tokens only domains, locked tokens (to your PC), anti-keystroke logger keypad PIN entry, etc.
SilkPHP TextPass system was initially created as a temporary solution, whilst testing other scripts that were not yet publicly available. This system allows you to quickly set up a protected area for testing, and then remove everything once testing is complete. The resulting scripts may also be useful to those just starting out learning PHP and cookies.
Nowadays, a simple password is not enough anymore! Multi-OTP is an OATH-certified PHP class, a Web interface, and a powerful command line tool that can be used to authenticate and manage OTP user tokens for strong two-factor authentication. It can create, update, and delete tokens to authenticate users with one time passwords (OTP). The users' data are stored in files. The class can also check the user token using several algorithms: Mobile OTP (MOTP), OATH/HOTP (RFC 4226), and OATH/TOTP HOTP Time Based (RFC 4226 extension). It works with compatible software tokens (iPhone, Android, PalmOS, Nokia, and other Java J2ME capable phones) and hardware tokens (such as Feitian, ZyXEL, Authenex, or Seamoon). The multiotp command line utility is also provided, both in "compiled" form (for Windows) and in source code (for Linux or educational purpose). The multiotp command line can be combined with FreeRADIUS (under Linux) or the free TekRADIUS LT (under Windows) in order to have a powerful radius strong authentication server.
TotalShield is a transparent add-on installed on an Apache server. No modification to the existing sites or Web server configuration needs to be done. Simple mistakes in PHP code or CGI scripts can easily compromise the security level of a site. These protection modules allow you to monitor and restrict script access to the system. During the protection configuration, a "Test Mode" switch allows the Web administrator to test the behavior of the site without actually blocking any of the events.
HN CAPTCHA is a PHP class that generates a picture to use in forms that perform CAPTCHA tests (Completely Automated Public Turing to tell Computers from Humans Apart). After the test form is submitted, a key entered by the user in a text field is compared to determine whether it matches the text in the picture. It is a fork of ocr_captcha that features support for older versions of the GD library, hacking prevention, optional use of Web safe colors, support for the use of multiple random TrueType fonts, and more.
Twe (Twe Whitelist Enforcer) is used to enforce pre-defined HTML code. It takes "bad" HTML as input and returns HTML matched against a flexible and easy to extend set of rules. It can be used to allow HTML input for your Web forum without opening yourself to cross-site scripting attacks.
ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any experience with SSH. It was written for users that wanted to connect to Usermin at a remote site. Users enter information into a Web form and the server then connects an SSH tunnel to the remote Usermin server and redirects the browser through the tunnel.